| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-23"
expires: Fri, 24 May 2024 04:30:13 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.72 | 200 OK | 74 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.72:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hash280ffe0eb0767e996e9407a574da4b6b 4dacda280807d31153c8e5155d480d7a1b1afe95 d33597add80518c1b343bf2473616f4f7a04d042756be8253cca2bc131bc6c13
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:31 GMT
expires: Wed, 24 Apr 2024 04:30:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73469
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-d3"
expires: Fri, 24 May 2024 04:30:19 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-2074"
expires: Fri, 24 May 2024 04:30:25 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
etag: "66163909-18e9"
expires: Fri, 24 May 2024 04:20:36 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/embed-f5cgsbviqpdn.html | 78.142.18.54 | 200 OK | 84 kB |
URL User Request GET HTTP/2videzz.net/embed-f5cgsbviqpdn.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (33723), with CRLF, LF line terminators Hash135863c12434cadbf31a5f25ef9cd946 63b7905777a4834617c285f7de6b5f3a45c2d95e 522297dbf41963e769112fcc2682928ec67cd02e54020542d74ee2caa3c5b30e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /embed-f5cgsbviqpdn.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 23 Apr 2024 04:30:31 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 25-Apr-2023 04:30:31 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| vv.7vid.net/lx4oag1.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subject0i.sh-cdn.com Fingerprint24:B9:80:92:9A:AB:42:74:B0:D4:5F:04:68:CF:32:5F:5E:42:BC:53 ValidityFri, 05 Apr 2024 23:27:08 GMT - Thu, 04 Jul 2024 23:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /lx4oag1.js HTTP/1.1
Host: vv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kr.cafenehkikki.com/1clkn/14903 | 23.109.170.27 | 200 OK | 26 B |
URL GET HTTP/1.1kr.cafenehkikki.com/1clkn/14903 IP23.109.170.27:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectkr.cafenehkikki.com Fingerprint50:EE:4F:95:B6:16:97:F3:4B:CE:8F:41:22:EB:63:02:F2:48:7A:F2 ValidityThu, 18 Apr 2024 00:50:14 GMT - Wed, 17 Jul 2024 00:50:13 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: kr.cafenehkikki.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 24 Apr 2024 04:30:32 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 25-Apr-2024 04:30:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 25-Apr-2024 04:30:32 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.25.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.25.14:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 726517
expires: Mon, 14 Apr 2025 04:30:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWieZUxkQbEoQMz4aZN2Zs0mqZ2Bg2ZCj6he1WfOlprfqiq0xJx43VEFV%2Br%2BqG2L1LFgaNzZEGdNdndcucveA78fEvpmKeQzIYWz76iAmxYH%2F1ekM1jqByvi0NBGkdlfun5EEzEE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87935bcacc56b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js | 172.240.108.84 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP172.240.108.84:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44116), with no line terminators Hashc6ed463a2ef26ff62317d0a8d45c21f0 5988e020173976155fce0a6048171f69863102a3 ad716a83915668f235cd60f88c285503971e56b4bf697b213ca562aebeae511c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f61dc2a8fc7a4ff56bddba9612603bf8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.72 | 200 OK | 72 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.72:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hashf932a1e2b751c270efd38d4a74360b15 0b5001c77ee58be64a2e3b035bd8ec40e050dfae b24a860b6b7085e53fa20c142e621b20affad48a5cbf21042615bde79f84aff1
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:32 GMT
expires: Wed, 24 Apr 2024 04:30:32 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 41 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Hash6ac85db2b828b683658abd1f908ae825 172feb3007e898808586f07d8161cb2fe9967bff 66268578b073aa10851d76ec98e26ed268db83d399cf4bb608f1d24e3494bedc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-22364"
expires: Fri, 24 May 2024 04:20:40 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 28 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8acd7549d0d5e64cc43b1868269399c0
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 24 Apr 2024 04:30:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPLXirFs1b8JwCzd1yzGfaf9h%2Frs1dX%2BvU1PmGfGA3vIgHP6rYK%2Bdd%2FExZhENv61U%2FHz2oA9ItsYvnxg92x%2FI0oD%2B9f8u17VbjmdRRkvddAkBX4c4Hz1kYgNpw4GnHOgZkqx7l27%2FE%2BnyR6ujwgB2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bcf2d1b0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 104.21.37.74 | 200 OK | 14 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xoCHRwd4EtsbUPIc6DuHmOlW%2BQkCkMJdi9RLqJg2KYvtP5EgCTvqgLZ%2F4ouxvz5GW%2FsylenXQBJXLj3vFZ8ZZe8GmPsXeg5LNRSmaWGw9TLJQB5yU%2B%2BfhFpi1GwUeEzeXbgr5ln02Yk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bce8f99b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.72 | 200 OK | 94 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.72:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash1c1fca54296f66a4655aca4d9343ac56 536f8cc28b3449d794d8aa4bd99b2a845bd93425 6fb47d7d77e1d2fc0b5f79a1d46c5b4086b41b318bd3f80bf9007f8753075cb6
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:33 GMT
expires: Wed, 24 Apr 2024 04:30:33 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1814042
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd29f2e56a2-OSL
alt-svc: h3=":443"; ma=86400
|
|
| honeyreadinesscentral.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js | 192.243.61.227 | 200 OK | 31 kB |
URL GET HTTP/1.1honeyreadinesscentral.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0f1af7db37ca7822e88ec876b54360e9 98918f694226c8c41370f4a56fac9f9e93857bf1 2c52f2a9d4b8d6d89522cc9852276c7ce3d9d0b57362ce2e8b79f7737dd4d4c7
GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d61cf2fdf35163b59454665d61faacfb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash7983900eacb093f5bf1732ef78806cf4 f9be0dfc041a96dc2d76f67856b1b627fa45257b 439d02f6e7825f10e420f1242ee6870f08fc307e77275181230d5b3a08221f4e
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=faf21004-e476-49cb-96dd-36ea7dd0cf0d:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| allvideometrika.com/f.php?sid=212515 | 188.114.96.1 | 200 OK | 5.9 kB |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hash044d7ee81e5c72ef8c9f0db2ee47b410 abb7cb1412d36d89bff0bd3fa95cc4f307e42ef2 1a3e64277fd828f21d494b58f9b76c634adf1ffa8aa5e27cc031600db28f1082
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtYdJI9NTGVS9vnamSX%2BVnaWREc532x26UB7GdySnsfIlLtbKGL6DTbu3WnXLr9CKy1FePcWlHGzit3MGubK4aPaNlfso%2F6OUsf0DtgMngtaeDy211538WZ4D%2F9PRa0TNja1wmyN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bd1eb760b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| honeyreadinesscentral.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHhcviqDmJkKDCFFktrtntmfGHMQYV0LWbEwU9STVXdWz5VZXNVX9MzunxYAET0MQvPZ%2Bs5vFGPy56MkgvQGFgLDjaQ%2Fu3YsXIWeZcXH0QdV73%2Ftewffeq0%2F3ilMSoKAnl97WYyElXV1re%2B75D3z%2FgrshVDFyR%2F3wo7B7wTXlq4Ow7b3kvsXjbb0aeL7n%2BZ7vrgvDEz1anZMQ2b2B3x547W7Q9te6GJn%2FY1s4sNQBK0%2FJMxBstvLAOQcRN1Dpt5e43c519sqbaSFprg1Kdvie2la6UkiXYWIcJOrwrBraHq%2Ffh1YHC7nQ5b%2BFkZgR5%2Bf7iNThmUhE5f5CZyTBFSL2BKqyAZcNBG0Q65sQ7JgAMcPVTaj0zlVtKrrzD0vn7IysPPoLopqRld%2FPQaVfX5Ri5N7QssiFVhajpIYYNRDDBllxhHzcgqiOEOefQLBfyeqjDah0f9NKDcHqRe9CNBBJA8knoNZBMT%2FCQZE4KDIHKTtxY9%2F3ex6LqdcfxHGH9XgUMs%2BnvcSnvhf2UcRzeRPk2QSxnCA2u8jMLrbFBKb4CXarhmUObD4jzju7KFmNihNUlqCiBJUgqHKCqqwPmLSBre8waYvIP%2FPBme%2FUU50P9%2BiBzodcEVAzgWH1XnZKnp7Px3mhFWCbn7gJ63pR2A%2Bot8a7lCbd%2FoAFg9DzO2sepWEIK2oI21q0PBYz8mLyAzIxI0%2F%2BQhDRI1h5hFg8C1o8D1rVoFs1xuqblArVLgXTY9pWPAfTNbJ8BfmOsydPyXOLJV354i54%2FJCcGWJTIzM1PhYPCIby1vS6rsj%2BdV1Z8t1mlotUjOl8gTdymvPH717hO5U27PIlO%2Fny9XhOzMN773Kbb1DFhBpa8tVFwRg369rEnPx42b7Po2uF3bpYGFVkG9feWL%2BcZoZbK7RqQMXxh7cRixl56vuNxc982f0TwjQwRY20WCoVukGc7cJmy5zVBEYucZQ5qIp6aoJomZSCQPIlplEN%2Bx8cLeOpofPXVNR79haGpgWa34RKa5SmRilrUDmBLR6b5pl5%2BNpvnYUhkq1pJE1rP5JG3l4MeX59DitO3F6n49FwsOb3epT3om7QT0KfURp0wyAMaQe5nSXnP%2FvjbwAAAP%2F%2FAQAA%2F%2F8iauLMcwQAAA%3D%3D | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1honeyreadinesscentral.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHhcviqDmJkKDCFFktrtntmfGHMQYV0LWbEwU9STVXdWz5VZXNVX9MzunxYAET0MQvPZ%2Bs5vFGPy56MkgvQGFgLDjaQ%2Fu3YsXIWeZcXH0QdV73%2Ftewffeq0%2F3ilMSoKAnl97WYyElXV1re%2B75D3z%2FgrshVDFyR%2F3wo7B7wTXlq4Ow7b3kvsXjbb0aeL7n%2BZ7vrgvDEz1anZMQ2b2B3x547W7Q9te6GJn%2FY1s4sNQBK0%2FJMxBstvLAOQcRN1Dpt5e43c519sqbaSFprg1Kdvie2la6UkiXYWIcJOrwrBraHq%2Ffh1YHC7nQ5b%2BFkZgR5%2Bf7iNThmUhE5f5CZyTBFSL2BKqyAZcNBG0Q65sQ7JgAMcPVTaj0zlVtKrrzD0vn7IysPPoLopqRld%2FPQaVfX5Ri5N7QssiFVhajpIYYNRDDBllxhHzcgqiOEOefQLBfyeqjDah0f9NKDcHqRe9CNBBJA8knoNZBMT%2FCQZE4KDIHKTtxY9%2F3ex6LqdcfxHGH9XgUMs%2BnvcSnvhf2UcRzeRPk2QSxnCA2u8jMLrbFBKb4CXarhmUObD4jzju7KFmNihNUlqCiBJUgqHKCqqwPmLSBre8waYvIP%2FPBme%2FUU50P9%2BiBzodcEVAzgWH1XnZKnp7Px3mhFWCbn7gJ63pR2A%2Bot8a7lCbd%2FoAFg9DzO2sepWEIK2oI21q0PBYz8mLyAzIxI0%2F%2BQhDRI1h5hFg8C1o8D1rVoFs1xuqblArVLgXTY9pWPAfTNbJ8BfmOsydPyXOLJV354i54%2FJCcGWJTIzM1PhYPCIby1vS6rsj%2BdV1Z8t1mlotUjOl8gTdymvPH717hO5U27PIlO%2Fny9XhOzMN773Kbb1DFhBpa8tVFwRg369rEnPx42b7Po2uF3bpYGFVkG9feWL%2BcZoZbK7RqQMXxh7cRixl56vuNxc982f0TwjQwRY20WCoVukGc7cJmy5zVBEYucZQ5qIp6aoJomZSCQPIlplEN%2Bx8cLeOpofPXVNR79haGpgWa34RKa5SmRilrUDmBLR6b5pl5%2BNpvnYUhkq1pJE1rP5JG3l4MeX59DitO3F6n49FwsOb3epT3om7QT0KfURp0wyAMaQe5nSXnP%2FvjbwAAAP%2F%2FAQAA%2F%2F8iauLMcwQAAA%3D%3D IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHhcviqDmJkKDCFFktrtntmfGHMQYV0LWbEwU9STVXdWz5VZXNVX9MzunxYAET0MQvPZ%2Bs5vFGPy56MkgvQGFgLDjaQ%2Fu3YsXIWeZcXH0QdV73%2Ftewffeq0%2F3ilMSoKAnl97WYyElXV1re%2B75D3z%2FgrshVDFyR%2F3wo7B7wTXlq4Ow7b3kvsXjbb0aeL7n%2BZ7vrgvDEz1anZMQ2b2B3x547W7Q9te6GJn%2FY1s4sNQBK0%2FJMxBstvLAOQcRN1Dpt5e43c519sqbaSFprg1Kdvie2la6UkiXYWIcJOrwrBraHq%2Ffh1YHC7nQ5b%2BFkZgR5%2Bf7iNThmUhE5f5CZyTBFSL2BKqyAZcNBG0Q65sQ7JgAMcPVTaj0zlVtKrrzD0vn7IysPPoLopqRld%2FPQaVfX5Ri5N7QssiFVhajpIYYNRDDBllxhHzcgqiOEOefQLBfyeqjDah0f9NKDcHqRe9CNBBJA8knoNZBMT%2FCQZE4KDIHKTtxY9%2F3ex6LqdcfxHGH9XgUMs%2BnvcSnvhf2UcRzeRPk2QSxnCA2u8jMLrbFBKb4CXarhmUObD4jzju7KFmNihNUlqCiBJUgqHKCqqwPmLSBre8waYvIP%2FPBme%2FUU50P9%2BiBzodcEVAzgWH1XnZKnp7Px3mhFWCbn7gJ63pR2A%2Bot8a7lCbd%2FoAFg9DzO2sepWEIK2oI21q0PBYz8mLyAzIxI0%2F%2BQhDRI1h5hFg8C1o8D1rVoFs1xuqblArVLgXTY9pWPAfTNbJ8BfmOsydPyXOLJV354i54%2FJCcGWJTIzM1PhYPCIby1vS6rsj%2BdV1Z8t1mlotUjOl8gTdymvPH717hO5U27PIlO%2Fny9XhOzMN773Kbb1DFhBpa8tVFwRg369rEnPx42b7Po2uF3bpYGFVkG9feWL%2BcZoZbK7RqQMXxh7cRixl56vuNxc982f0TwjQwRY20WCoVukGc7cJmy5zVBEYucZQ5qIp6aoJomZSCQPIlplEN%2Bx8cLeOpofPXVNR79haGpgWa34RKa5SmRilrUDmBLR6b5pl5%2BNpvnYUhkq1pJE1rP5JG3l4MeX59DitO3F6n49FwsOb3epT3om7QT0KfURp0wyAMaQe5nSXnP%2FvjbwAAAP%2F%2FAQAA%2F%2F8iauLMcwQAAA%3D%3D HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:33 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c5bbdd448a5c0e963009efdba7240f9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=74 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=74 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=74 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| gloomilybench.com/pixel/purst?dl=0&th=0&sc=0&rs=2176&rd=2176&fd=809&bv=24.4.3467&tmpl=136 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1gloomilybench.com/pixel/purst?dl=0&th=0&sc=0&rs=2176&rd=2176&fd=809&bv=24.4.3467&tmpl=136 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectgloomilybench.com Fingerprint8B:3D:25:A6:C5:6A:D5:E5:6F:C7:B9:56:6E:9E:E1:41:E4:9C:40:32 ValidityTue, 23 Apr 2024 10:47:56 GMT - Mon, 22 Jul 2024 10:47:55 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2176&rd=2176&fd=809&bv=24.4.3467&tmpl=136 HTTP/1.1
Host: gloomilybench.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 04:30:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hash7bcc800a4957dac955e91ce1ee3b73cd b1fae2cacecc790a22f91e2320077f89707473b1 760783cbcd04b3b7ef5f6b10a24878869d061709e4511ccada113b532833243d
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: image/jpeg
content-length: 21597
last-modified: Thu, 01 Feb 2024 14:55:47 GMT
etag: "65bbb0f3-545d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2951273
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wd5fAHTJnExCj%2FJ58PvFT4YVbb95nT%2FomqEvmtDghbYkPBDZpAyFKxPAAK3M7%2BFU3BnC8XvnwfqAC22ZnsLmm3rXlIS4EpjydgxO%2Bdek5pR1gH7v%2Bgm3tDHL6p8fqRCy9ojQDS9yMi8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bd69afcb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rM8fdcGkxxoc%2F%2BES42YZv2dP4x6IKSeuHG292JiyWsTeiHdoftoaEkSgGynCQWPHfyu1%2FjT8Ga49H0rD6alhK8olE8dQ9CgIgtph%2B9Bq0MkmKo9dGPg8i5VPwdeWCBbDy56BtjfYtzE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bd17ca1b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashdf061fb4dfb37e95d4e0a2d1981251d2 eccdd447dfa92af7f474978ed596be9b6cb1d7e8 ef712eaabe9f00b4048c74b413208880d1644101b82c37b0c2de2dcd69ef5f76
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/0YDX8OE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVnpvXpyLUhMdlCqKdrn6hk%2B%2BH1fzhi2t9b3x3ddk9CgElxVutv5%2FXcYga5J7PXwM4CLFO1Ha%2BRFNsZWRPVKZpQyD%2FkVlM35ihB%2FBQar%2B0KeBPhnFrpm6V9nvuNWhWCsvfvBTjj5qrc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bd1bcc7b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://r.mylot.com/p.aspx?u=0f062c9c-8555-4cce-addf-63148cd5940e
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 104.22.71.197 | 200 OK | 2.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (429), with no line terminators Hash014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA%2B6CgmC8jseqBD58yzw3g08jOUphhgsylzMxZ9D42vO%2BJBt32H6ze0OdR1laWID89ODHa4t%2Bxndp0DSd5UXaRTw8BQyEZ3vgr9VvN7BcD2jiKHRKXH68v4autIBxyvEqTc%2B93g%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11534
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ca041d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash0afbc42662d610b514f5be89bfd0d53a 0e5f0faddf5910a3c68deb940bb23924d244f1ff a850e0db4b9fad13d0cb77a0f6599bfaf2d068dea62db64a43c06dadb12bbc38
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3%2BjtXHSqWBdzRSUmP3IVivCN%2FT6gj3CCNS3bju0peqNb3xZk10gM07Qu8QaKDF9EixS55CJ%2BQXTL7x%2BlkTEErnubEEeuyPrWTLs1BAVuW%2B%2BshGTcTtHo7e5kaFxvVhJ%2BLBZ7mEJowE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bd19cb6b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 104.22.71.197 | 200 OK | 235 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (360), with no line terminators Hash48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jty8znFib0KWLtGhjMAg%2BxsjKXe7JzL7YJbtSlJe7kph2rpky7WRd1yEbqG%2B%2BjIQdAdIEgC6yml2kYICcTp3ijclEgiX9QtrVqm04z7h3YAKWGtr1zqXmPl17EI4scLjMpIy7oH0C8DC5dMe2Nt5EA4B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11534
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ca081d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html | 104.26.6.19 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html IP104.26.6.19:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash8c9101795aca3483089be55cf5b02499 f6831a6efed20f53cf5974bd24d364572f8cc677 578dd8de5a7a475eb4fde7d1bef95915af6e15ec6fe35166075b34b7ca874b5b
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 40807
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIReDXb6ryRzwz0OQnc7Hv0b5rTCYhz%2BpkyebT1L1%2B%2FgdOGnRsCmWZ%2BdJNbxiGDRN9C%2F00%2FM%2BOjSCUg7vnjH7FbTn0DStVJULFhIMHy5wBzIm2fC3VKwzURCX9FAQYBf8iDm0Pk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bd49b921c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.trackingtraffo.com/pop/imp?auth=mz3u78&c=oX_D5G9TF0TKh7uQ3_5UhE9HZtVhyF7K82oCpKAE3A3isml30fuRhLF_1tPLZVvtRHu4qL_A6FMXNUmcJOIRq0T_P37pR3UR39B0NSODDE_hyHCnmFFP06MdrYpW9w9glvOdp1D6uApVvCG8dRi4WU2ZtgnG_2FIh-I0X3J-PzlCp5nkaIwWN1mCVWyKJzBYKs3OD9F3QQKC4t3B4gtpvpg2zJ9zJoRYCStjm15adYQM1bWu6jXINRehvB061t0zyr3iEPOn612Cmydz-rjr8wd_Nk51Kt-wbBvx9A9oWPC4VZaKteugPR64_nyadqEr6VEvjInxC1lJIFVTVKoWVsaEScWxZyIJRFA0ZxOk955kjcv0N2cKJxMrQz2c_lQCnn6xsqx4mjpwOMQgSbZQ7TRaWyATQEelAAOEFYQAACj2UhXRhEQszhq4tA8yUY7NEyaO0Pd78OiaBQZYNAPQtJR9tI8fa_T9CvHXQj1WdVBxDzVLDYN_zLx1oY-s204I9y-DrjrsH9egVEoeCEq4YmEkYark62FYhWdBZM2O5zIpXRfb8ipyL5qfGKdr-oyJp5eKyW7bLLmd5lNk1VBSabI99Cm9mz0N1yUdmRJASt3_s6W3j_rGV2fKccYy01Yv38_NA2EpcbnkFmP2hUqjRSb-YoOxwTcOGLvBgkYbTY0-eexe-nInRg
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://r.mylot.com/p.aspx?u=2ff3b4c9-8903-4ceb-8f74-9179009d4dc9
|
|
| honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=75 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=75 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=75 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| r.mylot.com/p.aspx?u=2ff3b4c9-8903-4ceb-8f74-9179009d4dc9 | 18.233.59.62 | 200 OK | 526 B |
URL GET HTTP/2r.mylot.com/p.aspx?u=2ff3b4c9-8903-4ceb-8f74-9179009d4dc9 IP18.233.59.62:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subject*.mylot.com Fingerprint81:6A:9D:DF:7B:03:C9:DC:EE:3A:40:EA:60:8A:17:66:07:6C:3E:6C ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (526), with no line terminators Hash39666acf5f755c2843a55453c5a9205d 8c8bd4e9b87800c40a24f90a166df6e894e5bfe1 07e4d5c110738aa87cf070f263dffb5b732390b7839e2a77e0d60f734e7ab621
GET /p.aspx?u=2ff3b4c9-8903-4ceb-8f74-9179009d4dc9 HTTP/1.1
Host: r.mylot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/html; charset=utf-8
content-length: 526
cache-control: private
set-cookie: ASP.NET_SessionId=y3zcryzrfxo2gb5vbx1xrfpf; path=/; HttpOnly; SameSite=Lax
X-Firefox-Spdy: h2
|
|
| r.mylot.com/p.aspx?u=0f2fa9ca-b729-4bcc-b032-fa8fff6c4869 | 18.233.59.62 | 200 OK | 526 B |
URL GET HTTP/2r.mylot.com/p.aspx?u=0f2fa9ca-b729-4bcc-b032-fa8fff6c4869 IP18.233.59.62:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subject*.mylot.com Fingerprint81:6A:9D:DF:7B:03:C9:DC:EE:3A:40:EA:60:8A:17:66:07:6C:3E:6C ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (526), with no line terminators Hash27d605409a9e3f5d1afc658a3b6279ec 9ed348f042cca5ff48790e1ab93adcafa7f13d9a 2769a5b97e00da04350e8db710d4bbbc30587fd51b70838fbc4b5da210624ec8
GET /p.aspx?u=0f2fa9ca-b729-4bcc-b032-fa8fff6c4869 HTTP/1.1
Host: r.mylot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/html; charset=utf-8
content-length: 526
cache-control: private
set-cookie: ASP.NET_SessionId=jiu2bvrvwkchpbfoltu2wtvf; path=/; HttpOnly; SameSite=Lax
X-Firefox-Spdy: h2
|
|
| r.mylot.com/p.aspx?u=0f062c9c-8555-4cce-addf-63148cd5940e | 18.233.59.62 | 200 OK | 526 B |
URL GET HTTP/2r.mylot.com/p.aspx?u=0f062c9c-8555-4cce-addf-63148cd5940e IP18.233.59.62:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subject*.mylot.com Fingerprint81:6A:9D:DF:7B:03:C9:DC:EE:3A:40:EA:60:8A:17:66:07:6C:3E:6C ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (526), with no line terminators Hash3f96b753799bbaba4763e5ecc21396c4 426226eada2c709b05d79a2306484c4c1c8f0a15 5b340127db4d6e471fc8611ce3644231307b4aa14c46677c9258a401fdc75060
GET /p.aspx?u=0f062c9c-8555-4cce-addf-63148cd5940e HTTP/1.1
Host: r.mylot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/html; charset=utf-8
content-length: 526
cache-control: private
set-cookie: ASP.NET_SessionId=321obxoc4rfns4pil4m010wk; path=/; HttpOnly; SameSite=Lax
X-Firefox-Spdy: h2
|
|
| xmlclick.adcannyxml.com/nrtb/click?bid=0ZNSvMIny7yiYiEfNTQxYwtaOGJI_lNrgea8Py42tdQelUcvuolOKDAywIZiB2G6_0_9 | 23.226.122.79 | 302 Found | 680 B |
URL GET HTTP/2xmlclick.adcannyxml.com/nrtb/click?bid=0ZNSvMIny7yiYiEfNTQxYwtaOGJI_lNrgea8Py42tdQelUcvuolOKDAywIZiB2G6_0_9 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerUnizeto Technologies S.A. Subject*.adcannyxml.com Fingerprint94:3C:B1:37:BD:FA:9C:E1:1E:F4:57:BB:30:0F:66:33:53:31:41:24 ValidityMon, 18 Mar 2024 07:29:56 GMT - Tue, 18 Mar 2025 07:29:55 GMT
File typeHTML document, ASCII text, with very long lines (678) Hash137f63133dc37314df8ee384ea4919c1 6a88a41d12f5b78c82d36381989a26d8483cd9fd 12b15e18d18725670e2962ddab5adafb444cfa28320c114c42b462cb68fd20ba
GET /nrtb/click?bid=0ZNSvMIny7yiYiEfNTQxYwtaOGJI_lNrgea8Py42tdQelUcvuolOKDAywIZiB2G6_0_9 HTTP/1.1
Host: xmlclick.adcannyxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/html; charset=utf-8
content-length: 680
location: https://tidyllama.com/click?a=AZpa&e=gAAAAABmKIrpimHieThsod1kyrj7Ig8EoTm0EwwKUozKRD097s--RMxDD7rg-fMbU_dpDRSoDuLZmUHK5fe-Q4-woWahmvsHQCXJxTrSCGV22jZqj2BSYJGkD2EroOpSlVGoPv6ZJ2ZPgKatJwW1MdmOeuMCwH3n-7h5lKbi5h1gY2mBqZAL-cGTNVbTR71SzAQ2Qa02e9nuE9rBYGnY3rOQsgdYXn3rDfggqaU7DbrMy1ytXcf2gC7x0WpfNfMuZwIzRE3-o5mjSixs4kSe_FCpAdhDZrYgWuzvDukoOznCkWSlSDryvPN7OLSoxz3RRoLVOrLw6oL-RyJkdH7GuPb2Tza3opS5Ny3jNCsWBYO-TosgZPdvlKGycQZ3yHAQOnMay3Efz68rxxV7INSBdByGqMZLrDQLsLpAa0y8StJ0mUQkPNsNnDHdlizhGYczMZNwfPwB1KhfuCk6P-FfzZZU-OLu6NDZUAqcIN4M_vaOHRHCOzHVpSfCmTazdKR81Mq4xSDSK4o40APEah2J1XSWPd1kypLUZpdW1kFTa6CVG6Grxv5OSi53D0humoEdHBf8-01GFp4Oby4iJQBtK_FvyLqh5EvVlw%3D%3D
X-Firefox-Spdy: h2
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=hfIjpqZyWqrcvX9px9nqxwk5R8lGmnRS2O9eCw6EU_Cei1lPvKSlT7rWX-d9S_-zbQqAiWSZHJ8nCflrov5qSa7OCZhh0LiYnN5VK62-R3CMkzPZ0Yi5oXDljWmYq_PH5o2EMDdh_LRWBJb65FicCn1fQD1PXLINUJnENhIGN9C3qhtvOdEOYPq9d5AIovfRxYggvYlYqkIHOxfSPdoVbLVe6mp4WRT4iK4IWwzC0BNRRwDwD1z9t5TPadAYC4GAsFfikGRnmjEfKP73bllMrv1HGwCYh0WbtPB23NLTwcmz33wxUSxTivNmvd5dxAaOh-AJisYYJsG-jkS_s_lbHahc1af2HcgVXSlskrjlZPfDe5MVoMVs37RdgatYDaX2DGoZr4Ygi9kdFr1q2B3RjluQ3hx0UqQJf66UElVAgutV1J3oQXhOhnGkEduZhezvybApfNgwE40MI1nJfXz2Tz8ekemMU9Ai5L5f-BCXYaMbpSHR04WEJuQG_O3Lxwi7hFXOygqd9cehS4IXOFBlpJ9mSU1eEo2KMpsOuYa3U2sPQSxAmVzReYF8iLHaYJSr368imCFCcdtAz9ESdbhO2gHOAbjxhS9gXtssxgSjvaImoegMINBm-BUEQXMXE7z2mxg-JAFgEfRX2XAE_KQ5r1YZb7sB7u5yjvEoQ1qepUcwGW5tt0Z-2A | 88.214.206.175 | 204 No Content | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=hfIjpqZyWqrcvX9px9nqxwk5R8lGmnRS2O9eCw6EU_Cei1lPvKSlT7rWX-d9S_-zbQqAiWSZHJ8nCflrov5qSa7OCZhh0LiYnN5VK62-R3CMkzPZ0Yi5oXDljWmYq_PH5o2EMDdh_LRWBJb65FicCn1fQD1PXLINUJnENhIGN9C3qhtvOdEOYPq9d5AIovfRxYggvYlYqkIHOxfSPdoVbLVe6mp4WRT4iK4IWwzC0BNRRwDwD1z9t5TPadAYC4GAsFfikGRnmjEfKP73bllMrv1HGwCYh0WbtPB23NLTwcmz33wxUSxTivNmvd5dxAaOh-AJisYYJsG-jkS_s_lbHahc1af2HcgVXSlskrjlZPfDe5MVoMVs37RdgatYDaX2DGoZr4Ygi9kdFr1q2B3RjluQ3hx0UqQJf66UElVAgutV1J3oQXhOhnGkEduZhezvybApfNgwE40MI1nJfXz2Tz8ekemMU9Ai5L5f-BCXYaMbpSHR04WEJuQG_O3Lxwi7hFXOygqd9cehS4IXOFBlpJ9mSU1eEo2KMpsOuYa3U2sPQSxAmVzReYF8iLHaYJSr368imCFCcdtAz9ESdbhO2gHOAbjxhS9gXtssxgSjvaImoegMINBm-BUEQXMXE7z2mxg-JAFgEfRX2XAE_KQ5r1YZb7sB7u5yjvEoQ1qepUcwGW5tt0Z-2A IP88.214.206.175:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=hfIjpqZyWqrcvX9px9nqxwk5R8lGmnRS2O9eCw6EU_Cei1lPvKSlT7rWX-d9S_-zbQqAiWSZHJ8nCflrov5qSa7OCZhh0LiYnN5VK62-R3CMkzPZ0Yi5oXDljWmYq_PH5o2EMDdh_LRWBJb65FicCn1fQD1PXLINUJnENhIGN9C3qhtvOdEOYPq9d5AIovfRxYggvYlYqkIHOxfSPdoVbLVe6mp4WRT4iK4IWwzC0BNRRwDwD1z9t5TPadAYC4GAsFfikGRnmjEfKP73bllMrv1HGwCYh0WbtPB23NLTwcmz33wxUSxTivNmvd5dxAaOh-AJisYYJsG-jkS_s_lbHahc1af2HcgVXSlskrjlZPfDe5MVoMVs37RdgatYDaX2DGoZr4Ygi9kdFr1q2B3RjluQ3hx0UqQJf66UElVAgutV1J3oQXhOhnGkEduZhezvybApfNgwE40MI1nJfXz2Tz8ekemMU9Ai5L5f-BCXYaMbpSHR04WEJuQG_O3Lxwi7hFXOygqd9cehS4IXOFBlpJ9mSU1eEo2KMpsOuYa3U2sPQSxAmVzReYF8iLHaYJSr368imCFCcdtAz9ESdbhO2gHOAbjxhS9gXtssxgSjvaImoegMINBm-BUEQXMXE7z2mxg-JAFgEfRX2XAE_KQ5r1YZb7sB7u5yjvEoQ1qepUcwGW5tt0Z-2A HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Apr 2024 04:30:34 GMT
Connection: keep-alive
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=oX_D5G9TF0TKh7uQ3_5UhE9HZtVhyF7K82oCpKAE3A3isml30fuRhLF_1tPLZVvtRHu4qL_A6FMXNUmcJOIRq0T_P37pR3UR39B0NSODDE_hyHCnmFFP06MdrYpW9w9glvOdp1D6uApVvCG8dRi4WU2ZtgnG_2FIh-I0X3J-PzlCp5nkaIwWN1mCVWyKJzBYKs3OD9F3QQKC4t3B4gtpvpg2zJ9zJoRYCStjm15adYQM1bWu6jXINRehvB061t0zyr3iEPOn612Cmydz-rjr8wd_Nk51Kt-wbBvx9A9oWPC4VZaKteugPR64_nyadqEr6VEvjInxC1lJIFVTVKoWVsaEScWxZyIJRFA0ZxOk955kjcv0N2cKJxMrQz2c_lQCnn6xsqx4mjpwOMQgSbZQ7TRaWyATQEelAAOEFYQAACj2UhXRhEQszhq4tA8yUY7NEyaO0Pd78OiaBQZYNAPQtJR9tI8fa_T9CvHXQj1WdVBxDzVLDYN_zLx1oY-s204I9y-DrjrsH9egVEoeCEq4YmEkYark62FYhWdBZM2O5zIpXRfb8ipyL5qfGKdr-oyJp5eKyW7bLLmd5lNk1VBSabI99Cm9mz0N1yUdmRJASt3_s6W3j_rGV2fKccYy01Yv38_NA2EpcbnkFmP2hUqjRSb-YoOxwTcOGLvBgkYbTY0-eexe-nInRg | 88.214.206.175 | 204 No Content | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=oX_D5G9TF0TKh7uQ3_5UhE9HZtVhyF7K82oCpKAE3A3isml30fuRhLF_1tPLZVvtRHu4qL_A6FMXNUmcJOIRq0T_P37pR3UR39B0NSODDE_hyHCnmFFP06MdrYpW9w9glvOdp1D6uApVvCG8dRi4WU2ZtgnG_2FIh-I0X3J-PzlCp5nkaIwWN1mCVWyKJzBYKs3OD9F3QQKC4t3B4gtpvpg2zJ9zJoRYCStjm15adYQM1bWu6jXINRehvB061t0zyr3iEPOn612Cmydz-rjr8wd_Nk51Kt-wbBvx9A9oWPC4VZaKteugPR64_nyadqEr6VEvjInxC1lJIFVTVKoWVsaEScWxZyIJRFA0ZxOk955kjcv0N2cKJxMrQz2c_lQCnn6xsqx4mjpwOMQgSbZQ7TRaWyATQEelAAOEFYQAACj2UhXRhEQszhq4tA8yUY7NEyaO0Pd78OiaBQZYNAPQtJR9tI8fa_T9CvHXQj1WdVBxDzVLDYN_zLx1oY-s204I9y-DrjrsH9egVEoeCEq4YmEkYark62FYhWdBZM2O5zIpXRfb8ipyL5qfGKdr-oyJp5eKyW7bLLmd5lNk1VBSabI99Cm9mz0N1yUdmRJASt3_s6W3j_rGV2fKccYy01Yv38_NA2EpcbnkFmP2hUqjRSb-YoOxwTcOGLvBgkYbTY0-eexe-nInRg IP88.214.206.175:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=oX_D5G9TF0TKh7uQ3_5UhE9HZtVhyF7K82oCpKAE3A3isml30fuRhLF_1tPLZVvtRHu4qL_A6FMXNUmcJOIRq0T_P37pR3UR39B0NSODDE_hyHCnmFFP06MdrYpW9w9glvOdp1D6uApVvCG8dRi4WU2ZtgnG_2FIh-I0X3J-PzlCp5nkaIwWN1mCVWyKJzBYKs3OD9F3QQKC4t3B4gtpvpg2zJ9zJoRYCStjm15adYQM1bWu6jXINRehvB061t0zyr3iEPOn612Cmydz-rjr8wd_Nk51Kt-wbBvx9A9oWPC4VZaKteugPR64_nyadqEr6VEvjInxC1lJIFVTVKoWVsaEScWxZyIJRFA0ZxOk955kjcv0N2cKJxMrQz2c_lQCnn6xsqx4mjpwOMQgSbZQ7TRaWyATQEelAAOEFYQAACj2UhXRhEQszhq4tA8yUY7NEyaO0Pd78OiaBQZYNAPQtJR9tI8fa_T9CvHXQj1WdVBxDzVLDYN_zLx1oY-s204I9y-DrjrsH9egVEoeCEq4YmEkYark62FYhWdBZM2O5zIpXRfb8ipyL5qfGKdr-oyJp5eKyW7bLLmd5lNk1VBSabI99Cm9mz0N1yUdmRJASt3_s6W3j_rGV2fKccYy01Yv38_NA2EpcbnkFmP2hUqjRSb-YoOxwTcOGLvBgkYbTY0-eexe-nInRg HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Apr 2024 04:30:34 GMT
Connection: keep-alive
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xmlclick.adcannyxml.com/nrtb/click?bid=2eXWoZF7JwtggD-b7Yiqa4DcLgua4e3afpnKditgxpyogxN8aXiJmeCUQzWN68U9_0_9
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 732 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with very long lines (306) Hash2e32fcfdcaaeab0feb42f0229c51fc93 9195eca0ea49ff543f9c5de7ce69e96118708869 0371bcab68b76a31ecdf547ac8c9a9881480bf0a79efb6af02381792bfe2a9c5
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RWccl6ySgVpUw%2BhgC%2FpYfDn8TELPlnzuMIL3WF6XKWXCfCFIgYYAaF4fWxa0dU9VRqP4V3%2ByJ8km8mKge7D9C9R2KOjgt%2Bv3iISvtlDwlobl3Yl65lsI4gNcx0%2FvqLM0ORki%2Fyre2To%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bd1ccd3b51e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=71 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=71 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=71 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=75 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=75 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=75 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js | 104.17.25.14 | 200 OK | 5.1 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP104.17.25.14:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17660) Hash12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 732054
expires: Mon, 14 Apr 2025 04:30:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HZZ6oChLTkfax2I0BtoWXXsolF6XIsfUy62cpjVzofvZ327TczseL5plUg0sqRROFugcnRcLCfq0vVq5GbJBgkLkzLex%2BeGDTV4%2F8DZYWJF3GnmlfaEb4SBUGfj0ogyaoCpDwB%2FI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87935bdb88fe5691-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xmlclick.adcannyxml.com/nrtb/click?bid=2eXWoZF7JwtggD-b7Yiqa4DcLgua4e3afpnKditgxpyogxN8aXiJmeCUQzWN68U9_0_9 | 23.226.122.79 | 302 Found | 681 B |
URL GET HTTP/2xmlclick.adcannyxml.com/nrtb/click?bid=2eXWoZF7JwtggD-b7Yiqa4DcLgua4e3afpnKditgxpyogxN8aXiJmeCUQzWN68U9_0_9 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerUnizeto Technologies S.A. Subject*.adcannyxml.com Fingerprint94:3C:B1:37:BD:FA:9C:E1:1E:F4:57:BB:30:0F:66:33:53:31:41:24 ValidityMon, 18 Mar 2024 07:29:56 GMT - Tue, 18 Mar 2025 07:29:55 GMT
File typeHTML document, ASCII text, with very long lines (679) Hash5ea1ed30dae20767774bc31a5edb9c03 c3e09e977b8c1b47b2912ec16cfee1dea1231765 1845e3186b0ed9c0f59fe57c89cfbd4024c153ef288f54742e8c58c21cf18a36
GET /nrtb/click?bid=2eXWoZF7JwtggD-b7Yiqa4DcLgua4e3afpnKditgxpyogxN8aXiJmeCUQzWN68U9_0_9 HTTP/1.1
Host: xmlclick.adcannyxml.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/html; charset=utf-8
content-length: 681
location: https://guardedrook.cc/click?a=AZpa&e=gAAAAABmKIrpF9afuIotygsAkpG20EAhQRE0ubfCY_rK7h9klB9rTm_Im8rtiR6YhRlBdPPr5I2GEaC0vD4ERyc1NQXlxezx0At9Cr3JKhlCaK7HvqRMtNfZh9G3sRszE0dypfGWdRkzszLwnwnfioHWxQLOdKslAKTZXoLJgCjQQJKjZoI6Y5S2onddg5TuQ7FenJHrGr87JycB4BhXeFpiynAynHdV2CEhxAEdP55XopCDmqCRbtfCa__6vAns0nsRLdIlQwB_C6YHK60W6K1eeQOB3YT5LwH84aoZ1ExAQ_Cv54HcaMSKYcUy19UIgOLT1L5ZPzPWHa_obq8ugPkdXewKlVpgh6rhpKdYoykB-P4IT0bQRECYtvLd7RrRuOqszTKOTMOt753SZoHL0w1HFkDnHFsqmIDxaD4xjFHNc1clGIjhdE19qZK0cAFI2OmvxwOed-xq-l11vS8zWCCIi0x67l8NOwogzdO67GjHY1KNjHRrceliOXnY7NNB9KYY3YlA8jZrWr81JRK-HOmAwHx59vjfhR6q1C7BhH2qkwklNeAEABJZ7JEVSM1s3S1BATUrFzXZ0RSwGZK9bvOiqEXhPNyhFQ%3D%3D
X-Firefox-Spdy: h2
|
|
| honeyreadinesscentral.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHhcviqDmJsKACFFktnv%2BdsYcxBhXQtZsTBT1JPXXs%2BVWVzVV3dOzc1oMSPA0BMFr7ze7WYzBn4ueDNIbUAgIO5724N69eBFylhkXRx9Uvfe97xV87736dC8%2FJU3k9OTS23astKarnUZYP%2F9BFF2obyiTj%2BqjXvejbvtC3Q1f7Xcb4Uv1tyTftqvNMArDKIzq68rJ2I5W5yRUeq8fNfpho91sRJ02Ru7%2F2OcBPA0ghqfkGSgxW3kQnIPiFUzy7SXptzObvvJmkmuaWYehOHzPbBtbGCTLMHYBYnN4Vg3rj9fvw5qDhVzY4b%2BFTM1I8PN9MHN4JhJsuL%2FQyTSkARNPoBhWkLqCohW4vQkljgnABa5uwiR3rlpX0J1%2FWDpnZ2Tl0V9QxYys%2FH4OJvn6olaj%2Bg2r80xZ4zGKS6hRBTWokOZHyMY1qOIIPPsESvxKVh9twCT7m15bKFEueleqgooraDkB9QHy%2BVEB8jhAngZIxEmdR1G0FgpOw16f85ZYk6wrwoiuxRGNwm4POZ%2FLmyBLJ%2BB6Au52kbpdbKsJXP4T%2FFYJLwL4bEaCd3YxFCUKSVB4goISFIqgyAiKYXkgtG%2F68o7QPmfRmW%2Be%2BVY5tdlgjx7YbCANAXUTOFHupafk6fl8ghdqTWzLk3os2iHr9po07Mg2pXG71xfNfjeMWp2Q0m4XXpVQvrZoeaxm5MX4B6RqRp78hYDRI3h9BK6eBc2fBy1K0K0SY%2FNNQpVpDJWwY9owMoOwJdJsBdlOsKdPyXOLJV354i4kf0jODNyVSF2Jj9UDgoG%2BNb1uC7J%2F3RaefLeZZipRYzpf4I2MZvLxu1fkTmGduHzJT758nc%2BJeXjvXemzDWqEMgNPvrqohJBu3TouyY%2BX%2FfuSXcv91sXcmTzduPbG%2BuUkddJ7ZU0Fqo4%2FvA2uZuSp7zcWP%2FPl%2Bp9QroLLSyT5UqmyFXi6C58uc94SOL3ELA1Q5OXUNdkyqRWBlktMWQn%2FH8yW8dTR%2BWuqyj1%2FCwNXA81uwiQlhq7EUJegegKfPzbNUvfwtd9aCwPTtSnTrrbPtNO3F0OeX5%2FDq5N6KxRrTMZyjcl2px1LLlinw0Iec9YSvR5H5mfx%2Bc%2F%2B%2BBsAAP%2F%2FAQAA%2F%2F%2BivjckcwQAAA%3D%3D | 192.243.61.227 | 200 OK | 7 B |
URL GET HTTP/1.1honeyreadinesscentral.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHhcviqDmJsKACFFktnv%2BdsYcxBhXQtZsTBT1JPXXs%2BVWVzVV3dOzc1oMSPA0BMFr7ze7WYzBn4ueDNIbUAgIO5724N69eBFylhkXRx9Uvfe97xV87736dC8%2FJU3k9OTS23astKarnUZYP%2F9BFF2obyiTj%2BqjXvejbvtC3Q1f7Xcb4Uv1tyTftqvNMArDKIzq68rJ2I5W5yRUeq8fNfpho91sRJ02Ru7%2F2OcBPA0ghqfkGSgxW3kQnIPiFUzy7SXptzObvvJmkmuaWYehOHzPbBtbGCTLMHYBYnN4Vg3rj9fvw5qDhVzY4b%2BFTM1I8PN9MHN4JhJsuL%2FQyTSkARNPoBhWkLqCohW4vQkljgnABa5uwiR3rlpX0J1%2FWDpnZ2Tl0V9QxYys%2FH4OJvn6olaj%2Bg2r80xZ4zGKS6hRBTWokOZHyMY1qOIIPPsESvxKVh9twCT7m15bKFEueleqgooraDkB9QHy%2BVEB8jhAngZIxEmdR1G0FgpOw16f85ZYk6wrwoiuxRGNwm4POZ%2FLmyBLJ%2BB6Au52kbpdbKsJXP4T%2FFYJLwL4bEaCd3YxFCUKSVB4goISFIqgyAiKYXkgtG%2F68o7QPmfRmW%2Be%2BVY5tdlgjx7YbCANAXUTOFHupafk6fl8ghdqTWzLk3os2iHr9po07Mg2pXG71xfNfjeMWp2Q0m4XXpVQvrZoeaxm5MX4B6RqRp78hYDRI3h9BK6eBc2fBy1K0K0SY%2FNNQpVpDJWwY9owMoOwJdJsBdlOsKdPyXOLJV354i4kf0jODNyVSF2Jj9UDgoG%2BNb1uC7J%2F3RaefLeZZipRYzpf4I2MZvLxu1fkTmGduHzJT758nc%2BJeXjvXemzDWqEMgNPvrqohJBu3TouyY%2BX%2FfuSXcv91sXcmTzduPbG%2BuUkddJ7ZU0Fqo4%2FvA2uZuSp7zcWP%2FPl%2Bp9QroLLSyT5UqmyFXi6C58uc94SOL3ELA1Q5OXUNdkyqRWBlktMWQn%2FH8yW8dTR%2BWuqyj1%2FCwNXA81uwiQlhq7EUJegegKfPzbNUvfwtd9aCwPTtSnTrrbPtNO3F0OeX5%2FDq5N6KxRrTMZyjcl2px1LLlinw0Iec9YSvR5H5mfx%2Bc%2F%2B%2BBsAAP%2F%2FAQAA%2F%2F%2BivjckcwQAAA%3D%3D IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSuHhcviqDmJsKACFFktnv%2BdsYcxBhXQtZsTBT1JPXXs%2BVWVzVV3dOzc1oMSPA0BMFr7ze7WYzBn4ueDNIbUAgIO5724N69eBFylhkXRx9Uvfe97xV87736dC8%2FJU3k9OTS23astKarnUZYP%2F9BFF2obyiTj%2BqjXvejbvtC3Q1f7Xcb4Uv1tyTftqvNMArDKIzq68rJ2I5W5yRUeq8fNfpho91sRJ02Ru7%2F2OcBPA0ghqfkGSgxW3kQnIPiFUzy7SXptzObvvJmkmuaWYehOHzPbBtbGCTLMHYBYnN4Vg3rj9fvw5qDhVzY4b%2BFTM1I8PN9MHN4JhJsuL%2FQyTSkARNPoBhWkLqCohW4vQkljgnABa5uwiR3rlpX0J1%2FWDpnZ2Tl0V9QxYys%2FH4OJvn6olaj%2Bg2r80xZ4zGKS6hRBTWokOZHyMY1qOIIPPsESvxKVh9twCT7m15bKFEueleqgooraDkB9QHy%2BVEB8jhAngZIxEmdR1G0FgpOw16f85ZYk6wrwoiuxRGNwm4POZ%2FLmyBLJ%2BB6Au52kbpdbKsJXP4T%2FFYJLwL4bEaCd3YxFCUKSVB4goISFIqgyAiKYXkgtG%2F68o7QPmfRmW%2Be%2BVY5tdlgjx7YbCANAXUTOFHupafk6fl8ghdqTWzLk3os2iHr9po07Mg2pXG71xfNfjeMWp2Q0m4XXpVQvrZoeaxm5MX4B6RqRp78hYDRI3h9BK6eBc2fBy1K0K0SY%2FNNQpVpDJWwY9owMoOwJdJsBdlOsKdPyXOLJV354i4kf0jODNyVSF2Jj9UDgoG%2BNb1uC7J%2F3RaefLeZZipRYzpf4I2MZvLxu1fkTmGduHzJT758nc%2BJeXjvXemzDWqEMgNPvrqohJBu3TouyY%2BX%2FfuSXcv91sXcmTzduPbG%2BuUkddJ7ZU0Fqo4%2FvA2uZuSp7zcWP%2FPl%2Bp9QroLLSyT5UqmyFXi6C58uc94SOL3ELA1Q5OXUNdkyqRWBlktMWQn%2FH8yW8dTR%2BWuqyj1%2FCwNXA81uwiQlhq7EUJegegKfPzbNUvfwtd9aCwPTtSnTrrbPtNO3F0OeX5%2FDq5N6KxRrTMZyjcl2px1LLlinw0Iec9YSvR5H5mfx%2Bc%2F%2B%2BBsAAP%2F%2FAQAA%2F%2F%2BivjckcwQAAA%3D%3D HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 14223a673a04d914b6441764a8604476
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| honeyreadinesscentral.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=173354 | 135.181.208.216 | 200 OK | 455 B |
URL GET HTTP/2tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=173354 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (354) Hashc4657887ff7b3ab82f3b260ee19722ef f1aca60ef5e06745ee12a0c8eafc624cc6547871 a45c4a2bb87dc39d664bd43c65537aad14e6cd0b255127efa0d2d793e36643e9
GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=173354 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=YPqNfz8jfuXJLy3374ys; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js | 188.114.96.1 | 200 OK | 660 B |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:55:49 GMT
etag: W/"65bbb0f5-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 640024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2BXIAiLDbK%2F%2F3HiWGfb2doctviN91a7NBZmkQ7%2F2ZkPHLg%2BmirHpU1%2B1V5haY4xs%2Bm%2BLrmcgP8cn1t%2FEs5x20a7y6PLFGj6W8e%2Fy59%2BgDY6adwELDqNqu1sY04oj1DNTkSYKpG4VfEoi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bd57bf05695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 43376
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:31 GMT
expires: Wed, 23 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 95763
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash47372499897366c6df6030e1fca707fc e4d90334439e3b5bf46df8570cf5ab635811da26 eb7780e8cc066ee3d92c744ea3a6bc063fe7bb15d08083b6ba0b56e254856dfe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 24 Apr 2024 04:30:35 GMT
Last-Modified: Wed, 24 Apr 2024 03:00:52 GMT
Server: ECAcc (ska/F7A7)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nVVXtPLBUVEysh357cFzubViPiaZbJqCWgVPfn2Bj_VB9rNMXB09yA==
Age: 5385
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash47372499897366c6df6030e1fca707fc e4d90334439e3b5bf46df8570cf5ab635811da26 eb7780e8cc066ee3d92c744ea3a6bc063fe7bb15d08083b6ba0b56e254856dfe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 24 Apr 2024 04:30:35 GMT
Last-Modified: Wed, 24 Apr 2024 02:59:39 GMT
Server: ECAcc (ska/F749)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VmDrtMghPKDASeB2UPkqzlQIoJyZCatHStTErJ6p3IK6DchoTVEf5Q==
Age: 5456
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash47372499897366c6df6030e1fca707fc e4d90334439e3b5bf46df8570cf5ab635811da26 eb7780e8cc066ee3d92c744ea3a6bc063fe7bb15d08083b6ba0b56e254856dfe
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 24 Apr 2024 04:30:35 GMT
Last-Modified: Wed, 24 Apr 2024 02:47:47 GMT
Server: ECAcc (amb/6B38)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JQfX-j_L7tcINiaBfjute2VvIExFZw-z3sL9njcunLAPWsGGogF_lA==
Age: 6168
|
|
| unseenreport.com/pxf.gif?uuid=faf21004-e476-49cb-96dd-36ea7dd0cf0d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=faf21004-e476-49cb-96dd-36ea7dd0cf0d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=faf21004-e476-49cb-96dd-36ea7dd0cf0d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba8f52be6154a6247e827c6c1e6d5b05
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| guardedrook.cc/sc?t=1713933035042&a=AZpa&c=8RnR5FZzNGhUWbC5e9zcNd&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmKIrrPbYDgzWp9EL2pthlXgWoDkaoT219IJjgtS706xkt-JApOOmP3ZaaJzl4uMJShBNU77k9i5qbjDA9Lo4WNGOMFvoCRyHM160pgHxzc0jWMgsn-foL0DH5PumeZP5JPPFVZM9ZogWpZXbOknxWoEoU8DW7zJiW4eCDFjU7XppMxIZpc6Ztn3qlvFPcpxrJrk06iWXq14G4pSYS-4TUJEcN2LV8WP_9a6c1jnwTWvykDLg6y2Ix8Sb0HCke9ouKSlP6xGuPQSPHsvAHz0QtwkAG5EaAqTucL9VmVPCjboSVLXFwQW4tYToR3i6zI8gQrBKladaVp2IV5VnYGqUK32PdBBiENf3mwWFwJux967oicwzo26D9lP72zkGQrtyPcK8O3v5-ooMLdSnnG5y7SsIMi_JWiV2gVR4rguaSgmHHVaBAQmIMx3jyIWbohEc4Z4R4gWjPrFn06c798JnfV4cktY7B8pOIeFlpQijLD9Al_MEMThOIuPwYF40nHkkB93aUgOC7ScTbzbjwJexUsO2YW3zvosImuIHwNcYVkZ6Lz5OLMsUcaBKD1Ti0OXEn5QeQhg29QD-O-DqdR91ABseV-w==&f=2048 | 176.9.41.14 | 302 Found | 61 B |
URL GET HTTP/2guardedrook.cc/sc?t=1713933035042&a=AZpa&c=8RnR5FZzNGhUWbC5e9zcNd&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmKIrrPbYDgzWp9EL2pthlXgWoDkaoT219IJjgtS706xkt-JApOOmP3ZaaJzl4uMJShBNU77k9i5qbjDA9Lo4WNGOMFvoCRyHM160pgHxzc0jWMgsn-foL0DH5PumeZP5JPPFVZM9ZogWpZXbOknxWoEoU8DW7zJiW4eCDFjU7XppMxIZpc6Ztn3qlvFPcpxrJrk06iWXq14G4pSYS-4TUJEcN2LV8WP_9a6c1jnwTWvykDLg6y2Ix8Sb0HCke9ouKSlP6xGuPQSPHsvAHz0QtwkAG5EaAqTucL9VmVPCjboSVLXFwQW4tYToR3i6zI8gQrBKladaVp2IV5VnYGqUK32PdBBiENf3mwWFwJux967oicwzo26D9lP72zkGQrtyPcK8O3v5-ooMLdSnnG5y7SsIMi_JWiV2gVR4rguaSgmHHVaBAQmIMx3jyIWbohEc4Z4R4gWjPrFn06c798JnfV4cktY7B8pOIeFlpQijLD9Al_MEMThOIuPwYF40nHkkB93aUgOC7ScTbzbjwJexUsO2YW3zvosImuIHwNcYVkZ6Lz5OLMsUcaBKD1Ti0OXEn5QeQhg29QD-O-DqdR91ABseV-w==&f=2048 IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjectguardedrook.cc Fingerprint54:D0:8D:41:7C:EA:FA:B5:33:A5:D1:BF:F4:DE:48:07:14:5A:2E:B1 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash59149637e72a98f12960c1afa3d4256c 93e6672c8d4871db634b54d2bb064deff8b1dc7a 086523f3b1cea6b84c5382246549bbebbfdf47ed6117d2a6f23a07746b2fe60e
GET /sc?t=1713933035042&a=AZpa&c=8RnR5FZzNGhUWbC5e9zcNd&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmKIrrPbYDgzWp9EL2pthlXgWoDkaoT219IJjgtS706xkt-JApOOmP3ZaaJzl4uMJShBNU77k9i5qbjDA9Lo4WNGOMFvoCRyHM160pgHxzc0jWMgsn-foL0DH5PumeZP5JPPFVZM9ZogWpZXbOknxWoEoU8DW7zJiW4eCDFjU7XppMxIZpc6Ztn3qlvFPcpxrJrk06iWXq14G4pSYS-4TUJEcN2LV8WP_9a6c1jnwTWvykDLg6y2Ix8Sb0HCke9ouKSlP6xGuPQSPHsvAHz0QtwkAG5EaAqTucL9VmVPCjboSVLXFwQW4tYToR3i6zI8gQrBKladaVp2IV5VnYGqUK32PdBBiENf3mwWFwJux967oicwzo26D9lP72zkGQrtyPcK8O3v5-ooMLdSnnG5y7SsIMi_JWiV2gVR4rguaSgmHHVaBAQmIMx3jyIWbohEc4Z4R4gWjPrFn06c798JnfV4cktY7B8pOIeFlpQijLD9Al_MEMThOIuPwYF40nHkkB93aUgOC7ScTbzbjwJexUsO2YW3zvosImuIHwNcYVkZ6Lz5OLMsUcaBKD1Ti0OXEn5QeQhg29QD-O-DqdR91ABseV-w==&f=2048 HTTP/1.1
Host: guardedrook.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://guardedrook.cc/click?a=AZpa&e=gAAAAABmKIrpF9afuIotygsAkpG20EAhQRE0ubfCY_rK7h9klB9rTm_Im8rtiR6YhRlBdPPr5I2GEaC0vD4ERyc1NQXlxezx0At9Cr3JKhlCaK7HvqRMtNfZh9G3sRszE0dypfGWdRkzszLwnwnfioHWxQLOdKslAKTZXoLJgCjQQJKjZoI6Y5S2onddg5TuQ7FenJHrGr87JycB4BhXeFpiynAynHdV2CEhxAEdP55XopCDmqCRbtfCa__6vAns0nsRLdIlQwB_C6YHK60W6K1eeQOB3YT5LwH84aoZ1ExAQ_Cv54HcaMSKYcUy19UIgOLT1L5ZPzPWHa_obq8ugPkdXewKlVpgh6rhpKdYoykB-P4IT0bQRECYtvLd7RrRuOqszTKOTMOt753SZoHL0w1HFkDnHFsqmIDxaD4xjFHNc1clGIjhdE19qZK0cAFI2OmvxwOed-xq-l11vS8zWCCIi0x67l8NOwogzdO67GjHY1KNjHRrceliOXnY7NNB9KYY3YlA8jZrWr81JRK-HOmAwHx59vjfhR6q1C7BhH2qkwklNeAEABJZ7JEVSM1s3S1BATUrFzXZ0RSwGZK9bvOiqEXhPNyhFQ%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/html; charset=utf-8
content-length: 61
location: https://tiktokaukey.com/?utm_source=ds
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=faf21004-e476-49cb-96dd-36ea7dd0cf0d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=faf21004-e476-49cb-96dd-36ea7dd0cf0d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=faf21004-e476-49cb-96dd-36ea7dd0cf0d&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:35 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b9c26f4c6e14618c17334233c2d56c00
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| herma-tor.com/zclkvisitor/63f9ca14-01f3-11ef-a1c7-0affeba3cdc5/919af160-92fb-11ec-937b-0a3311c5e6b7?campaignid=d2a02510-e8a2-11ed-a30d-0a918cbcbb97 | 34.198.252.166 | 302 Found | 0 B |
URL GET HTTP/2herma-tor.com/zclkvisitor/63f9ca14-01f3-11ef-a1c7-0affeba3cdc5/919af160-92fb-11ec-937b-0a3311c5e6b7?campaignid=d2a02510-e8a2-11ed-a30d-0a918cbcbb97 IP34.198.252.166:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subjectherma-tor.com FingerprintAB:65:97:4C:0F:5A:C8:D3:B7:B1:FB:B5:B7:88:A4:02:B6:C5:3F:1C ValidityMon, 22 Apr 2024 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkvisitor/63f9ca14-01f3-11ef-a1c7-0affeba3cdc5/919af160-92fb-11ec-937b-0a3311c5e6b7?campaignid=d2a02510-e8a2-11ed-a30d-0a918cbcbb97 HTTP/1.1
Host: herma-tor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.mylot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 04:30:35 GMT
content-length: 0
location: https://tracking.hurlmedia.design/zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2FlsAT&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f9ca14-01f3-11ef-a1c7-0affeba3cdc5&cid=w8stdrqh26tgdcq0jumotnb2&rt=R&ts=1713933035236&hash=nPznowyQyAUomcc6RvlCsPoUw-TgpddXQLg1tfPb6Bs
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
X-Firefox-Spdy: h2
|
|
| herma-tor.com/zclkvisitor/63f78022-01f3-11ef-87b4-12608de92665/919af160-92fb-11ec-937b-0a3311c5e6b7?campaignid=d2a02510-e8a2-11ed-a30d-0a918cbcbb97 | 34.198.252.166 | 302 Found | 0 B |
URL GET HTTP/2herma-tor.com/zclkvisitor/63f78022-01f3-11ef-87b4-12608de92665/919af160-92fb-11ec-937b-0a3311c5e6b7?campaignid=d2a02510-e8a2-11ed-a30d-0a918cbcbb97 IP34.198.252.166:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subjectherma-tor.com FingerprintAB:65:97:4C:0F:5A:C8:D3:B7:B1:FB:B5:B7:88:A4:02:B6:C5:3F:1C ValidityMon, 22 Apr 2024 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkvisitor/63f78022-01f3-11ef-87b4-12608de92665/919af160-92fb-11ec-937b-0a3311c5e6b7?campaignid=d2a02510-e8a2-11ed-a30d-0a918cbcbb97 HTTP/1.1
Host: herma-tor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.mylot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 04:30:35 GMT
content-length: 0
location: https://tracking.hurlmedia.design/zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2Fliveoddsinplay&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f78022-01f3-11ef-87b4-12608de92665&cid=wesko0u5cuft7cq0ja91cjjq&rt=R&ts=1713933035239&hash=CZzU24O0vxUwY7NsTpiHLj6nGcQT-R9gfZrBzhDOpYk
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
X-Firefox-Spdy: h2
|
|
| herma-tor.com/zclkvisitor/63f33a62-01f3-11ef-b467-12ce624dde89/2b23d770-f59c-11e4-816f-0afe289da1cd?campaignid=b72d2530-77d5-11ea-a61f-0a06ea97c507 | 34.198.252.166 | 302 Found | 0 B |
URL GET HTTP/2herma-tor.com/zclkvisitor/63f33a62-01f3-11ef-b467-12ce624dde89/2b23d770-f59c-11e4-816f-0afe289da1cd?campaignid=b72d2530-77d5-11ea-a61f-0a06ea97c507 IP34.198.252.166:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerAmazon Subjectherma-tor.com FingerprintAB:65:97:4C:0F:5A:C8:D3:B7:B1:FB:B5:B7:88:A4:02:B6:C5:3F:1C ValidityMon, 22 Apr 2024 00:00:00 GMT - Wed, 21 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkvisitor/63f33a62-01f3-11ef-b467-12ce624dde89/2b23d770-f59c-11e4-816f-0afe289da1cd?campaignid=b72d2530-77d5-11ea-a61f-0a06ea97c507 HTTP/1.1
Host: herma-tor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.mylot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 24 Apr 2024 04:30:35 GMT
content-length: 0
location: http://www.ewoss.com?clickid=63f33a62-01f3-11ef-b467-12ce624dde89
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=008048b037a2449df30f9a79142ab032 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008048b037a2449df30f9a79142ab032 IP139.45.195.8:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash0183b21ba6cac77c2ad0cb84552dce24 699a60efa4480f38de6a0574651667774bf95929 46897454b926aec15634d19a885ff702f2fc5bb358544f809d1c07ef5faaf010
GET /gid.js?userId=008048b037a2449df30f9a79142ab032 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008048b037a2449df30f9a79142ab032; expires=Thu, 24 Apr 2025 04:30:35 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| tracking.hurlmedia.design/zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2Fliveoddsinplay&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f78022-01f3-11ef-87b4-12608de92665&cid=wesko0u5cuft7cq0ja91cjjq&rt=R&ts=1713933035239&hash=CZzU24O0vxUwY7NsTpiHLj6nGcQT-R9gfZrBzhDOpYk | 18.156.16.63 | 302 Found | 0 B |
URL GET HTTP/2tracking.hurlmedia.design/zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2Fliveoddsinplay&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f78022-01f3-11ef-87b4-12608de92665&cid=wesko0u5cuft7cq0ja91cjjq&rt=R&ts=1713933035239&hash=CZzU24O0vxUwY7NsTpiHLj6nGcQT-R9gfZrBzhDOpYk IP18.156.16.63:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecttracking.hurlmedia.design Fingerprint15:40:CD:15:B7:F8:FA:5B:02:7C:4F:FB:2D:48:DE:6D:86:B0:3C:4F ValidityFri, 15 Mar 2024 06:51:58 GMT - Thu, 13 Jun 2024 06:51:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2Fliveoddsinplay&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f78022-01f3-11ef-87b4-12608de92665&cid=wesko0u5cuft7cq0ja91cjjq&rt=R&ts=1713933035239&hash=CZzU24O0vxUwY7NsTpiHLj6nGcQT-R9gfZrBzhDOpYk HTTP/1.1
Host: tracking.hurlmedia.design
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.mylot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://hurlmedia.cc/track/liveoddsinplay
pragma: no-cache
set-cookie: cc-v4=EPMtSJQaPfgvCeNprBtNVp5Yo4YsrkAOXSH04ihh9Ofbt6S2E0RvKLWV5qzSB2IoUp4Ml%2BI7%2FPOIh1ogpz0miTxqZZ7RquY3%2FOjJThgmBzpoJTcYnR4yyKCCyJQbzelpf4pdrvvRGXEtqCbHn5rWQw%3D%3D; Max-Age=31536000; Expires=Thu, 24-Apr-2025 04:30:35 GMT; Domain=tracking.hurlmedia.design; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| tracking.hurlmedia.design/zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2FlsAT&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f9ca14-01f3-11ef-a1c7-0affeba3cdc5&cid=w8stdrqh26tgdcq0jumotnb2&rt=R&ts=1713933035236&hash=nPznowyQyAUomcc6RvlCsPoUw-TgpddXQLg1tfPb6Bs | 18.156.16.63 | 302 Found | 0 B |
URL GET HTTP/2tracking.hurlmedia.design/zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2FlsAT&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f9ca14-01f3-11ef-a1c7-0affeba3cdc5&cid=w8stdrqh26tgdcq0jumotnb2&rt=R&ts=1713933035236&hash=nPznowyQyAUomcc6RvlCsPoUw-TgpddXQLg1tfPb6Bs IP18.156.16.63:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecttracking.hurlmedia.design Fingerprint15:40:CD:15:B7:F8:FA:5B:02:7C:4F:FB:2D:48:DE:6D:86:B0:3C:4F ValidityFri, 15 Mar 2024 06:51:58 GMT - Thu, 13 Jun 2024 06:51:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zp-redirect?target=https%3A%2F%2Fhurlmedia.cc%2Ftrack%2FlsAT&caid=70b8b82f-9b53-4763-bddf-d864ff4d4858&zpid=63f9ca14-01f3-11ef-a1c7-0affeba3cdc5&cid=w8stdrqh26tgdcq0jumotnb2&rt=R&ts=1713933035236&hash=nPznowyQyAUomcc6RvlCsPoUw-TgpddXQLg1tfPb6Bs HTTP/1.1
Host: tracking.hurlmedia.design
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.mylot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://hurlmedia.cc/track/lsAT
pragma: no-cache
set-cookie: cc-v4=ae5reRgxtl7YGt6qd%2BfY1nzk%2Fw41caVW2Oy7fgQAVIz7lh354nu0b5tuVANdZec1ZmCIjEJcTlUbZtfK6nDTfp6f040f%2FQfeHLtzzHlLJpvBGve9%2FjmWCIxdLFz6wPFdYlVKLRqJqbB8RAKMK0oUvw%3D%3D; Max-Age=31536000; Expires=Thu, 24-Apr-2025 04:30:35 GMT; Domain=tracking.hurlmedia.design; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| 6.adsco.re/ | 104.17.166.186 | | 0 B |
IP104.17.166.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tidyllama.com
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://tidyllama.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be0ca9eb527-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re:2087/ | 104.17.166.186 | | 0 B |
IP104.17.166.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tidyllama.com
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://tidyllama.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be0ca7db50b-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| xvwsmcrod0oh.l4.adsco.re/ | 185.200.118.51 | | 0 B |
URL xvwsmcrod0oh.l4.adsco.re/ IP185.200.118.51:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xvwsmcrod0oh.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://tidyllama.com
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tiktokaukey.com/cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp | 188.114.96.1 | 200 OK | 636 B |
URL GET HTTP/3tiktokaukey.com/cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp IP188.114.96.1:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 107x60, Scaling: [none]x[none], YUV color, decoders should clamp Hash94e62034ed16f507ae8f34ecaf914e14 571097c727647934f9a72dd55e67d154abebf226 7a1d9b851f6ee252befece0a636ca617c0b55acb079f09be91e33fdf3c643aad
GET /cdn/s3/32611e21-8d69-410a-86df-aa7058c52d83-logo.webp HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: image/webp
content-length: 636
cache-control: max-age=14400
cf-cache-status: HIT
age: 3273
last-modified: Wed, 24 Apr 2024 03:36:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MdeT2Bh0L7FOlGZPmlLZ0mf2NSIotjyY7QhlHLseGN7ZW3jUnLwKW8jNDf1eJYo8mVP9w4V9gDaXFGC%2FRJp87h0ki1cmLvnYXrxC8JNpqOK3JRZgFUMsFq2LjYucfGIhjms%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be1fefe56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-0DVFP1JGB0 | 142.250.74.72 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-0DVFP1JGB0 IP142.250.74.72:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100609 bytes) Hashd61827f2f7b765bb5af74a49af650601 4640ee9861a388df44f69cfa057c56e6e95d7ae9 adc191b84c1603b32705649f76021b9a70ff2182f30dec69c56a33a3082e8e34
GET /gtag/js?id=G-0DVFP1JGB0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:35 GMT
expires: Wed, 24 Apr 2024 04:30:35 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| 6.adsco.re/ | 104.17.167.186 | | 0 B |
IP104.17.167.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be24f0156b1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| adeumssp.com/js/deumbld.js | 168.119.90.97 | 200 OK | 10 kB |
URL GET HTTP/2adeumssp.com/js/deumbld.js IP168.119.90.97:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjectadeumssp.com FingerprintCF:57:03:F6:85:6B:B5:C2:A2:01:55:E8:DA:5B:A2:A7:C0:DC:D2:38 ValidityMon, 22 May 2023 00:00:00 GMT - Sat, 08 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashe2199caaa92618d4c1c00ab983557812 28472c5cfbf1661d14028ca171058e0d35f2564f d12d54000df41885ecf12fbd0dbcb72681f4dd06a02e1c3fc223516b3d8c6f0e
GET /js/deumbld.js HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/javascript; charset=utf-8
content-length: 10515
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 13:48:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-M7N6624H | 142.250.74.72 | 200 OK | 64 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-M7N6624H IP142.250.74.72:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (2165) Hashd0df0799feea9eda4a5964354764e876 03de07ea4db836070746e3343bb1e1a7aa6cd9cf f1867d96248a9a891c9780536c32574f4db9571a8c07b4c112426db68e18d619
GET /gtm.js?id=GTM-M7N6624H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:36 GMT
expires: Wed, 24 Apr 2024 04:30:36 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63530
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| aistekso.net/401/5708419 | 139.45.197.244 | 200 OK | 34 kB |
IP139.45.197.244:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash038976bffe2f1a3dd7ff4b4c99a2fe6f a25419e15f08a43db2182e148ad5323c1d49ce1a b6fc03d6025785c1a2409ddeaf5c2ac34e76dab40fc660abed15f73afa49ef6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: application/javascript
x-trace-id: b039806d72d965227ef776364ba48976
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030048574c3a4e6fe9ebc924e71c46ae; expires=Thu, 24 Apr 2025 04:30:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xvwsmcrod0oh.n4.adsco.re/ | 38.132.109.115 | | 0 B |
URL xvwsmcrod0oh.n4.adsco.re/ IP38.132.109.115:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xvwsmcrod0oh.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://tidyllama.com
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tidyllama.com/sc?t=1713933034909&a=AZpa&c=e5TYuDVnE6cDwLHEQRzuTe&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmKIrqpNlC_afCz_DzX3S69EGEND9IlSdJUk-2i4d76e18_8gE74ml90v2UTxEnY22LrvGX24WjXNBb6igvFs2-hD8JZyHWMW7cSbF0ib5xwDMqIsczKg1mOYzhh8rR2SYCZ-azSyleMfu4bclU5xAblggaMKovu0TWp41zEGidr58CQYQ3rtabqAuL83Q7Plu3r3ZG1XGTyWRdbbqv3Bp_RlJ-3k-4Nu5FDnGu2FLB7f5ytnGVlzmhuuChYReGspI7fXWceTSwZv1ZsaC41QvOW_T6zt2MCO8d2gLEDw6AlJn8EW2TVDmbBFhTQOJOg848s2zNjEKvGzIKnND5jFQ4AI_zSE48W3fXdevpqgCec58KxgxhDDdwOKoorj67mwpEDBHfzM-KbofP8nr893FGIUlPpcbSCXjAXmKjh73ji7e323FPNcHQvWR8l7d52RCuvYBwIaWMSOLvyZ4En-WW-vsY8TqYQ4i1_3GvcHG5pyCAhFXPQFQVUWpn25nweCQZfu6xv5G8FESSd6qok2cCwRLvi0QmrPTP5eC41WNj6-u168lXtX-A6-b-1OD7cEQYOJEEPotoSWCohVmOsktkitmLg==&f=2048&s=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE&ae=&ab=0 | 176.9.41.14 | 302 Found | 58 B |
URL GET HTTP/2tidyllama.com/sc?t=1713933034909&a=AZpa&c=e5TYuDVnE6cDwLHEQRzuTe&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmKIrqpNlC_afCz_DzX3S69EGEND9IlSdJUk-2i4d76e18_8gE74ml90v2UTxEnY22LrvGX24WjXNBb6igvFs2-hD8JZyHWMW7cSbF0ib5xwDMqIsczKg1mOYzhh8rR2SYCZ-azSyleMfu4bclU5xAblggaMKovu0TWp41zEGidr58CQYQ3rtabqAuL83Q7Plu3r3ZG1XGTyWRdbbqv3Bp_RlJ-3k-4Nu5FDnGu2FLB7f5ytnGVlzmhuuChYReGspI7fXWceTSwZv1ZsaC41QvOW_T6zt2MCO8d2gLEDw6AlJn8EW2TVDmbBFhTQOJOg848s2zNjEKvGzIKnND5jFQ4AI_zSE48W3fXdevpqgCec58KxgxhDDdwOKoorj67mwpEDBHfzM-KbofP8nr893FGIUlPpcbSCXjAXmKjh73ji7e323FPNcHQvWR8l7d52RCuvYBwIaWMSOLvyZ4En-WW-vsY8TqYQ4i1_3GvcHG5pyCAhFXPQFQVUWpn25nweCQZfu6xv5G8FESSd6qok2cCwRLvi0QmrPTP5eC41WNj6-u168lXtX-A6-b-1OD7cEQYOJEEPotoSWCohVmOsktkitmLg==&f=2048&s=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE&ae=&ab=0 IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash3afac32a6b25db10e5d7226aba4a67b1 9e871742f5cd503fd8b55335ce3809ec3337d461 ae89ff7128c03840c463849e47b7d0d8930bafeea780ef7171a076020604272e
GET /sc?t=1713933034909&a=AZpa&c=e5TYuDVnE6cDwLHEQRzuTe&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmKIrqpNlC_afCz_DzX3S69EGEND9IlSdJUk-2i4d76e18_8gE74ml90v2UTxEnY22LrvGX24WjXNBb6igvFs2-hD8JZyHWMW7cSbF0ib5xwDMqIsczKg1mOYzhh8rR2SYCZ-azSyleMfu4bclU5xAblggaMKovu0TWp41zEGidr58CQYQ3rtabqAuL83Q7Plu3r3ZG1XGTyWRdbbqv3Bp_RlJ-3k-4Nu5FDnGu2FLB7f5ytnGVlzmhuuChYReGspI7fXWceTSwZv1ZsaC41QvOW_T6zt2MCO8d2gLEDw6AlJn8EW2TVDmbBFhTQOJOg848s2zNjEKvGzIKnND5jFQ4AI_zSE48W3fXdevpqgCec58KxgxhDDdwOKoorj67mwpEDBHfzM-KbofP8nr893FGIUlPpcbSCXjAXmKjh73ji7e323FPNcHQvWR8l7d52RCuvYBwIaWMSOLvyZ4En-WW-vsY8TqYQ4i1_3GvcHG5pyCAhFXPQFQVUWpn25nweCQZfu6xv5G8FESSd6qok2cCwRLvi0QmrPTP5eC41WNj6-u168lXtX-A6-b-1OD7cEQYOJEEPotoSWCohVmOsktkitmLg==&f=2048&s=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE&ae=&ab=0 HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/click?a=AZpa&e=gAAAAABmKIrpimHieThsod1kyrj7Ig8EoTm0EwwKUozKRD097s--RMxDD7rg-fMbU_dpDRSoDuLZmUHK5fe-Q4-woWahmvsHQCXJxTrSCGV22jZqj2BSYJGkD2EroOpSlVGoPv6ZJ2ZPgKatJwW1MdmOeuMCwH3n-7h5lKbi5h1gY2mBqZAL-cGTNVbTR71SzAQ2Qa02e9nuE9rBYGnY3rOQsgdYXn3rDfggqaU7DbrMy1ytXcf2gC7x0WpfNfMuZwIzRE3-o5mjSixs4kSe_FCpAdhDZrYgWuzvDukoOznCkWSlSDryvPN7OLSoxz3RRoLVOrLw6oL-RyJkdH7GuPb2Tza3opS5Ny3jNCsWBYO-TosgZPdvlKGycQZ3yHAQOnMay3Efz68rxxV7INSBdByGqMZLrDQLsLpAa0y8StJ0mUQkPNsNnDHdlizhGYczMZNwfPwB1KhfuCk6P-FfzZZU-OLu6NDZUAqcIN4M_vaOHRHCOzHVpSfCmTazdKR81Mq4xSDSK4o40APEah2J1XSWPd1kypLUZpdW1kFTa6CVG6Grxv5OSi53D0humoEdHBf8-01GFp4Oby4iJQBtK_FvyLqh5EvVlw%3D%3D
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/html; charset=utf-8
content-length: 58
location: https://ittostart.us/?utm_source=ds
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150120 | 139.45.197.236 | 200 OK | 32 kB |
URL GET HTTP/2cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150120 IP139.45.197.236:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typegzip compressed data, max speed, from Unix Hashc043e44a088b7878c86c8b7fcec6214b 31ae67ea9c2ade6b523455ee66cf401b58c3ed60 c7508c640f03fc232e7579a754980a1f8ce031cae2ff0f2879713cafd3544fe2
GET /apu.php?zoneid=5902452&var=5708419&branchId=150120 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: application/javascript
x-trace-id: 745b24bbcd48bdabce5802c60c362b80
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008048c13e194c9ee84fd76805ef3c80; expires=Thu, 24 Apr 2025 04:30:36 GMT; path=/; secure; SameSite=None
oaidts=1713933036; expires=Thu, 24 Apr 2025 04:30:36 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| adeumssp.com/js/deumbld.js | 168.119.90.97 | 200 OK | 10 kB |
URL GET HTTP/2adeumssp.com/js/deumbld.js IP168.119.90.97:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjectadeumssp.com FingerprintCF:57:03:F6:85:6B:B5:C2:A2:01:55:E8:DA:5B:A2:A7:C0:DC:D2:38 ValidityMon, 22 May 2023 00:00:00 GMT - Sat, 08 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashe2199caaa92618d4c1c00ab983557812 28472c5cfbf1661d14028ca171058e0d35f2564f d12d54000df41885ecf12fbd0dbcb72681f4dd06a02e1c3fc223516b3d8c6f0e
GET /js/deumbld.js HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 10515
accept-ranges: bytes
last-modified: Mon, 22 Apr 2024 13:48:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-603Z0GEQ06 | 142.250.74.72 | 200 OK | 101 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-603Z0GEQ06 IP142.250.74.72:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100605 bytes) Hashe42861e50c5a8ebc9ccfdd79c23857d4 54a04655831f6f8602626aa90df7857948c0b5a3 942fadf19c3637469fa88a81f90f5b97e7f40cea65ea73e54d186881dedd3d21
GET /gtag/js?id=G-603Z0GEQ06 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:36 GMT
expires: Wed, 24 Apr 2024 04:30:36 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtm.js?id=GTM-MJ8CKM9D | 142.250.74.72 | 200 OK | 48 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-MJ8CKM9D IP142.250.74.72:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (1951) Hashea899b30f33a60c8af5f57a0f875b1eb eef37daefe75eb0a8beb271d5324396480e2dc2a 2442a3b647c9d5f96c87e411d79765897a2f2c4ec7d60a30eefe77d17cff1e23
GET /gtm.js?id=GTM-MJ8CKM9D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:30:36 GMT
expires: Wed, 24 Apr 2024 04:30:36 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| hurlmedia.cc/track/liveoddsinplay | 162.240.55.168 | 200 OK | 287 B |
URL GET HTTP/2hurlmedia.cc/track/liveoddsinplay IP162.240.55.168:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthurlmedia.cc FingerprintC3:AF:ED:7A:DD:81:F1:1A:C2:1C:42:16:DF:71:41:21:8D:2B:C2:D6 ValidityThu, 28 Mar 2024 01:06:20 GMT - Wed, 26 Jun 2024 01:06:19 GMT
File typeHTML document, ASCII text, with no line terminators Hash525c9139f500dcbc17d102d56f3c1551 277148379b2dd17d050af9bbb1557479e602ad53 4b42a26c88363197ef6fc58b67ac2ccec1cc89f7a2adef56fabbabcac15709d1
GET /track/liveoddsinplay HTTP/1.1
Host: hurlmedia.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.mylot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 287
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 04:30:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| hurlmedia.cc/track/lsAT | 162.240.55.168 | 200 OK | 281 B |
IP162.240.55.168:443 ASN#46606 UNIFIEDLAYER-AS-1
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthurlmedia.cc FingerprintC3:AF:ED:7A:DD:81:F1:1A:C2:1C:42:16:DF:71:41:21:8D:2B:C2:D6 ValidityThu, 28 Mar 2024 01:06:20 GMT - Wed, 26 Jun 2024 01:06:19 GMT
File typeHTML document, ASCII text, with no line terminators Hash84218678b4f72e8c1414f05e7a5e7aee f7a0f0fba12a5493fb4cd18736b4560fea9902b6 a5c44a128b01fd5e76b2ffe3184e91e6137e166a19f428592f7c17c5e1e23828
GET /track/lsAT HTTP/1.1
Host: hurlmedia.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.mylot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 281
content-type: text/html; charset=UTF-8
date: Wed, 24 Apr 2024 04:30:35 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| bid.onclcktg.com/tags/169449?version_name=d | 45.133.44.24 | 200 OK | 1.2 kB |
URL GET HTTP/2bid.onclcktg.com/tags/169449?version_name=d IP45.133.44.24:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectbid.onclcktg.com Fingerprint72:BD:E7:FE:B4:B7:86:81:94:C3:A7:21:65:2E:1E:86:32:16:C6:1A ValidityThu, 11 Apr 2024 03:00:17 GMT - Wed, 10 Jul 2024 03:00:16 GMT
Hash6223bf28508ce0c562a4f72d5147502b da5cebf0113b6ec92f01423a987816767980b2e0 45a9ce6eea2a191834b501f8a6a7f60ba16b8e1340e5ce84e068655125765359
GET /tags/169449?version_name=d HTTP/1.1
Host: bid.onclcktg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:37 GMT
content-type: application/json
content-length: 1170
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| js.onclckmn.com/static/onclicka.m.js | 45.133.44.52 | 200 OK | 36 kB |
URL GET HTTP/2js.onclckmn.com/static/onclicka.m.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectjs.onclckmn.com Fingerprint10:85:AB:08:CF:9B:1C:30:B8:E8:90:C1:5A:1C:05:88:96:F7:2C:77 ValiditySun, 25 Feb 2024 03:00:38 GMT - Sat, 25 May 2024 03:00:37 GMT
File typegzip compressed data, from Unix Hashb30df39a2a844698917b816542531368 24fbfe42de80bd95f629e24f41f908d6ed67adac 6279ab5bc3e1b8262fcdae33cd305ce72b4b77fd482c815e310a2a62d2149369
GET /static/onclicka.m.js HTTP/1.1
Host: js.onclckmn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:19 GMT
etag: W/"6627832f-1ab3e"
content-encoding: gzip
expires: Wed, 24 Apr 2024 04:35:36 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| xvwsmcrod0oh.s4.adsco.re/ | 185.200.116.51 | | 0 B |
URL xvwsmcrod0oh.s4.adsco.re/ IP185.200.116.51:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: xvwsmcrod0oh.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://tidyllama.com
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:37 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=169449 | 157.90.84.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=169449 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=169449 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ittostart.us/
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 04:30:37 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://ittostart.us
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
|
|
| onclckmetrics.com//in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3Mjg2NTk2OTg3MDI0MjI0MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2OTQ0OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiJkcyIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= | 168.119.25.66 | 200 OK | 0 B |
URL GET HTTP/2onclckmetrics.com//in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3Mjg2NTk2OTg3MDI0MjI0MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2OTQ0OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiJkcyIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= IP168.119.25.66:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET //in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiI3Mjg2NTk2OTg3MDI0MjI0MDAwIiwidGltZXpvbmUiOjAsInZlciI6IjMuMTIxLjAiLCJ0YWdfaWQiOjE2OTQ0OSwic2NyZWVuX3Jlc29sdXRpb24iOiIxMjgweDEwMjQiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IlVUQyIsInV0bV9zb3VyY2UiOiJkcyIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjEsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MH0= HTTP/1.1
Host: onclckmetrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0
date: Wed, 24 Apr 2024 04:30:37 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
|
|
| fp.metricswpsh.com/fp?tag_id=169449 | 157.90.84.242 | 204 No Content | 58 B |
URL OPTIONS HTTP/1.1fp.metricswpsh.com/fp?tag_id=169449 IP157.90.84.242:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectnotification.tubecup.net Fingerprint04:18:87:3E:DE:60:E2:78:66:0A:24:6F:E5:3B:42:79:5B:AC:40:20 ValidityThu, 18 Apr 2024 11:21:02 GMT - Wed, 17 Jul 2024 11:21:01 GMT
Hash2d85c6968685db84c1f5d882e707f029 164d6cbaadbf3406720bff5b4a659ecf76f16c95 a8974062a86b7de75f151ad85379b89a4e5bf67e7cecaa127cbca21f78649e92
POST /fp?tag_id=169449 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1838
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 24 Apr 2024 04:30:37 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 58
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ittostart.us
Set-Cookie: id=16452930802105466037; Expires=Thu, 24 Apr 2025 04:30:37 GMT; Secure; SameSite=None
Vary: Origin
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843z8832020053za200&_p=1713933032206&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1731809741.1713933033&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713933033&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&dt=Vidoza&en=error_network&tfd=30587 | 216.239.34.36 | | 0 B |
URL region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843z8832020053za200&_p=1713933032206&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1731809741.1713933033&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713933033&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&dt=Vidoza&en=error_network&tfd=30587 IP216.239.34.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843z8832020053za200&_p=1713933032206&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1731809741.1713933033&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713933033&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&dt=Vidoza&en=error_network&tfd=30587 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 24 Apr 2024 04:31:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1; file_id=34630118; aff=173354; _ga_HEX1BG8H46=GS1.1.1713933033.1.0.1713933033.60.0.0; _ga=GA1.1.1731809741.1713933033; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; dom3ic8zudi28v8lr6fgphwffqoz0j6c=faf21004-e476-49cb-96dd-36ea7dd0cf0d%3A1%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=honeyreadinesscentral.com; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:24 GMT
vary: Accept-Encoding
etag: W/"66163908-47e"
expires: Fri, 24 May 2024 04:21:03 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| adeumssp.com/get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=ittostart.us_ds&pi= | 168.119.90.97 | 200 OK | 8.3 kB |
URL GET HTTP/2adeumssp.com/get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=ittostart.us_ds&pi= IP168.119.90.97:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjectadeumssp.com FingerprintCF:57:03:F6:85:6B:B5:C2:A2:01:55:E8:DA:5B:A2:A7:C0:DC:D2:38 ValidityMon, 22 May 2023 00:00:00 GMT - Sat, 08 Jun 2024 23:59:59 GMT
File typetroff or preprocessor input, Unicode text, UTF-8 text, with very long lines (8744), with no line terminators Hashd4b3e906d177ad3b4444b3fba2ab171f 6a166b3b130beba7286d311c26efaca51b722053 f3cd490a71e12db5b3587058ed251eea067d23c746fd91e0ee7ac3905a7c44a4
GET /get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=ittostart.us_ds&pi= HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.google.at/url?sa=t&rct=j&q=live+scores&esrc=s&source=web&cd=1&ved=2ahUKEwifvIvY6_j-AhXZgf0HHW6YDcAQFSgAegQIGRAA&url=https%3A%2F%2Fbet.ax%2F&ei=E_FiZN_mCtmD9u8P7rC2gAw&usg=AOvVaw3e2ppQmjhVqqmgTR6CZ6rx | 142.250.74.3 | 200 OK | 663 B |
URL GET HTTP/2www.google.at/url?sa=t&rct=j&q=live+scores&esrc=s&source=web&cd=1&ved=2ahUKEwifvIvY6_j-AhXZgf0HHW6YDcAQFSgAegQIGRAA&url=https%3A%2F%2Fbet.ax%2F&ei=E_FiZN_mCtmD9u8P7rC2gAw&usg=AOvVaw3e2ppQmjhVqqmgTR6CZ6rx IP142.250.74.3:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.google.at Fingerprint7F:5E:E8:CD:21:D2:FE:06:C5:5B:75:58:4B:E2:BB:64:BA:F8:82:17 ValidityMon, 18 Mar 2024 20:42:20 GMT - Mon, 10 Jun 2024 20:42:19 GMT
File typeJavaScript source, ASCII text, with very long lines (682), with no line terminators Hashfd61cc1e1f4e7c777f7a6c073ec49f68 f828a93ba0cb149ca0bb4b8b9576eea2f086547e ffa2e065102d5ca9c3052e67ee3b52d070a92e9fbdbc59df7728e91d01fde15b
GET /url?sa=t&rct=j&q=live+scores&esrc=s&source=web&cd=1&ved=2ahUKEwifvIvY6_j-AhXZgf0HHW6YDcAQFSgAegQIGRAA&url=https%3A%2F%2Fbet.ax%2F&ei=E_FiZN_mCtmD9u8P7rC2gAw&usg=AOvVaw3e2ppQmjhVqqmgTR6CZ6rx HTTP/1.1
Host: www.google.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_SZSY5RPhOyyBdsYgiT2dw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 366
x-xss-protection: 0
set-cookie: __Secure-ENID=19.SE=QndR1hknmJmTbH80xs50nNIpzksCXokV9LEpvlmhHAHsG-f55fIg9IYGww2xgxPwGQ-0_ocR1Q4q3dvOEwnkklgVTvcAgfe4bJanAP1Zq43MdIzxmhTEN4TB4GD7StH3CxrP2ty9sVCaoNUD2W2KG4Lfbm3S6JJeAaqp8q2NBeZBacS6Cb1UGQ; expires=Sat, 24-May-2025 20:48:55 GMT; path=/; domain=.google.at; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tiktokaukey.com/libs/css/bootstrap.min.css?v=a6451ef2 | 188.114.96.1 | 200 OK | 6.4 kB |
URL GET HTTP/3tiktokaukey.com/libs/css/bootstrap.min.css?v=a6451ef2 IP188.114.96.1:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeASCII text, with very long lines (6463), with no line terminators Hashe6d90ae338c7148586c155402fd3e46c bd35baea2a82070101088d6bd7928c3b85cd1614 1c6551c66a05617d88e59b768d52f2bbfbbe13f50e70be9ca1a98962aa0e47d8
GET /libs/css/bootstrap.min.css?v=a6451ef2 HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:51:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3273
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFrMS3nfU%2FZ7uCo%2B9Zd63nJiDP3JtRp9tvIJFeU6z0zwNpOo0wlXzLmv92zYZfRloIDMXCgTB0kJJ9%2B0O%2F1D5sshGgrd9pf%2FhwixPE8%2FtVeMEjuYL7pEwc72oZgHWHF%2BvLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be1eeea56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tiktokaukey.com/libs/css/fontawesome.css?v=7f0dda18 | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET HTTP/3tiktokaukey.com/libs/css/fontawesome.css?v=7f0dda18 IP188.114.96.1:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeASCII text, with very long lines (1333), with no line terminators Hashfe154df18823090ded97ca52e2b53de3 30a292908e9c3c5e200907f89b246739c907558c 839e0d080f078eaffeb86027b8a83fec1506a837e370aa1e4e17cb22b967fe82
GET /libs/css/fontawesome.css?v=7f0dda18 HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:51:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3273
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTHpCN%2FLjFlUqEs%2BRoQsnzTDqTemhKQ3m5tzCNxc12JIAE8J1YOvZnQby1SRQErsSVkN9YeG1wcGaaqBIslW2KvgKVsuWCE%2Bsw6BcVAWoXWaqur9HCBaAKHSWmDykfHknQc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be1eeed56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ittostart.us/?utm_source=ds | 172.67.198.45 | 200 OK | 8.8 kB |
URL GET HTTP/2ittostart.us/?utm_source=ds IP172.67.198.45:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9181), with no line terminators Hash2f5a571a4e324159566577d3af3c0f83 5358ab39f8de255839b7694e4933e81c81875094 91210fe7b8f08e59c08226c77022738c472a080e2f3703f85ef4142d989b64b0
GET /?utm_source=ds HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tidyllama.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TPAdP2u69uwpr27rPsFrmq0U%2FL%2FJpJuT3VHCx9aGybPsYIqGUVGcJzUIDdMgB%2FMrTqJJkYcneSKwREnrn0VaoL%2FWfC9m%2FrujlZoh0UAjQTeUNNi8GXpswE3N%2FsZAE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935be56c2db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ittostart.us/cdn/s3/9d1bee70-1728-424a-ab6a-47a571ff155e-main.webp | 172.67.198.45 | 200 OK | 48 kB |
URL GET HTTP/3ittostart.us/cdn/s3/9d1bee70-1728-424a-ab6a-47a571ff155e-main.webp IP172.67.198.45:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x400, Scaling: [none]x[none], YUV color, decoders should clamp Hash8a18847292be474e9f04f798e4a45178 8edbe6e42de5a8c94540f8c3030a8637c0e65f26 e8f5a35012df51b4d005835f3bededb7e44a0005261f798b8a48b95d0ab7e9fd
GET /cdn/s3/9d1bee70-1728-424a-ab6a-47a571ff155e-main.webp HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/webp
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
last-modified: Wed, 24 Apr 2024 04:23:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FAB9XI3rA1lA4RO0lmmPE8mmAhJR30PZyKpo7jhmbbA5fzXfHxVk4T%2BpkjjPNRNPZ3ks5uBPEqra3IZ6zZedpdoPVxUUsyXYHlB%2BIqzOfgGCFdFSuuWEpqRo0eV0Kmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be6aea4b503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vtgplAflsSDDCfBLdRPDLSUDwxSq4myc%2B%2B5n2XHi7ExAXl93Ws5LBaL65q6Z5UR9LYmrYODLmLH1Q%2FfuiEfZNzz%2BYPirHkYiaG8kZQHQRhn%2BGFdQhqt%2BglDjXG46%2BlSN7Z33pzJ%2FE%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bce8f98b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsMOrLByDzSV5piZ1nAMe9d4IcwvBFUrbDPOH2QvJU0dSeGjgs91XSBbOuRlweYqpKjGryuAtqXajUaLXDepF-TmwHlhHDa6L-KdAlcCguExVH6l_mRV8KKIB980oFUMbd9ch9fttUs1qhi2v-91px8Lmg9-mzgT-ObOPSXa5YupD6fiq3HLNMBJnHLlQxgdXHaqpOtECoQ9A8o4U-5vh1qsfHPL47siSdWFOCYxEwwtSY-jNX3JNB5IYnPC1WLDveJmVUrtnQ5ml6UowUHxdF22n5wkA4bKARwgOgy7isFn_0MCAbjOI610rU6IGjMOhEQj1gIxYmRQ-9Bv3v3tBCfYwQPGfJgrtnuh2G1pZXKOpPEi8ybkkLhm4LI7R3ZPgBVPWpfw6FX8EOPhln6unmnW8m1D7I_x3UuCgqlxPfMsRx4xzcO8na8LNUUfA_uos2wjN188Pu1znedGW9txtkHrih9G9Of7AfS2442pPMo5w8Oy0FLxNHJY24V2b3_yI3kKruQivSah9_gsVSFYBolQ%3D%3D | 176.9.41.14 | 200 OK | 12 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsMOrLByDzSV5piZ1nAMe9d4IcwvBFUrbDPOH2QvJU0dSeGjgs91XSBbOuRlweYqpKjGryuAtqXajUaLXDepF-TmwHlhHDa6L-KdAlcCguExVH6l_mRV8KKIB980oFUMbd9ch9fttUs1qhi2v-91px8Lmg9-mzgT-ObOPSXa5YupD6fiq3HLNMBJnHLlQxgdXHaqpOtECoQ9A8o4U-5vh1qsfHPL47siSdWFOCYxEwwtSY-jNX3JNB5IYnPC1WLDveJmVUrtnQ5ml6UowUHxdF22n5wkA4bKARwgOgy7isFn_0MCAbjOI610rU6IGjMOhEQj1gIxYmRQ-9Bv3v3tBCfYwQPGfJgrtnuh2G1pZXKOpPEi8ybkkLhm4LI7R3ZPgBVPWpfw6FX8EOPhln6unmnW8m1D7I_x3UuCgqlxPfMsRx4xzcO8na8LNUUfA_uos2wjN188Pu1znedGW9txtkHrih9G9Of7AfS2442pPMo5w8Oy0FLxNHJY24V2b3_yI3kKruQivSah9_gsVSFYBolQ%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash1518901d99ff9e012e5098dba7e39169 a060eb128217a3ceb0d63d15662b9e6ec32b35d0 3c1817334dcde24c6de37b34f5eb15bafbcd2dff01ee4c9d5514e81b314a044a
GET /imp?a=KnzF&e=gAAAAABmKIrsMOrLByDzSV5piZ1nAMe9d4IcwvBFUrbDPOH2QvJU0dSeGjgs91XSBbOuRlweYqpKjGryuAtqXajUaLXDepF-TmwHlhHDa6L-KdAlcCguExVH6l_mRV8KKIB980oFUMbd9ch9fttUs1qhi2v-91px8Lmg9-mzgT-ObOPSXa5YupD6fiq3HLNMBJnHLlQxgdXHaqpOtECoQ9A8o4U-5vh1qsfHPL47siSdWFOCYxEwwtSY-jNX3JNB5IYnPC1WLDveJmVUrtnQ5ml6UowUHxdF22n5wkA4bKARwgOgy7isFn_0MCAbjOI610rU6IGjMOhEQj1gIxYmRQ-9Bv3v3tBCfYwQPGfJgrtnuh2G1pZXKOpPEi8ybkkLhm4LI7R3ZPgBVPWpfw6FX8EOPhln6unmnW8m1D7I_x3UuCgqlxPfMsRx4xzcO8na8LNUUfA_uos2wjN188Pu1znedGW9txtkHrih9G9Of7AfS2442pPMo5w8Oy0FLxNHJY24V2b3_yI3kKruQivSah9_gsVSFYBolQ%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrslhDSkAmUbsm9F0SVK_7UaSiE1fV4bMGbsZrdtclEsNyoPSOFcWpgD3Xl5i-C5sVZScwOggV-iTnN9cbFoFVOitLcn2lA595cowEqgCMp2v9FjJVuCf8lg_jV04lbzkuXb2Y4AZMJSJTnUZb9HvhgE8xT33u34DKJfPbrR_N7dWkaH3x9aSGhpFUxT1i0LZ-_fJsf6Zh3Gb0gwbVkYu7vUA5B72smdKPH3HoTykyx0SFAr2Lsmz2mdEJysOBFsnF_en2_vT2we9jdi5X_TRXbVmMfDoXmLWkQGKAWHx8bZ0QjvpFnGI-L36OA8dmWFWfiLW6ZnCLRdeHR2e7_kNgTI4lRGHjN9dLdTUQSUXehcRhu6OHoPK3Ta4-UTgBSGb80sNHlNvZ6Dub_jrHsUVW_01a_bjMcZZGvMoxg2ik71Pttj4kxBTE_hu_NfnEXO2mGeYeRJcHptD-VAIR9I1MrO68L4V8AC7T4s1oE87SKsNniJYr0uH6wdhFssDSnPpT1pHVHo4HukES6exYueoHJfTk6VqYBqsf5vqD6f55QzOo%3D | 176.9.41.14 | 200 OK | 7.3 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrslhDSkAmUbsm9F0SVK_7UaSiE1fV4bMGbsZrdtclEsNyoPSOFcWpgD3Xl5i-C5sVZScwOggV-iTnN9cbFoFVOitLcn2lA595cowEqgCMp2v9FjJVuCf8lg_jV04lbzkuXb2Y4AZMJSJTnUZb9HvhgE8xT33u34DKJfPbrR_N7dWkaH3x9aSGhpFUxT1i0LZ-_fJsf6Zh3Gb0gwbVkYu7vUA5B72smdKPH3HoTykyx0SFAr2Lsmz2mdEJysOBFsnF_en2_vT2we9jdi5X_TRXbVmMfDoXmLWkQGKAWHx8bZ0QjvpFnGI-L36OA8dmWFWfiLW6ZnCLRdeHR2e7_kNgTI4lRGHjN9dLdTUQSUXehcRhu6OHoPK3Ta4-UTgBSGb80sNHlNvZ6Dub_jrHsUVW_01a_bjMcZZGvMoxg2ik71Pttj4kxBTE_hu_NfnEXO2mGeYeRJcHptD-VAIR9I1MrO68L4V8AC7T4s1oE87SKsNniJYr0uH6wdhFssDSnPpT1pHVHo4HukES6exYueoHJfTk6VqYBqsf5vqD6f55QzOo%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 275x183, components 3 Hash901693445cafb433e36b7cdf1023c6d4 81c606b233e1e0ea1a7e38adf31ff1e81faf0666 c81b46a45427b429e6501ea46849c4b3ddef91b6f8c714a541c6b428868be52d
GET /imp?a=KnzF&e=gAAAAABmKIrslhDSkAmUbsm9F0SVK_7UaSiE1fV4bMGbsZrdtclEsNyoPSOFcWpgD3Xl5i-C5sVZScwOggV-iTnN9cbFoFVOitLcn2lA595cowEqgCMp2v9FjJVuCf8lg_jV04lbzkuXb2Y4AZMJSJTnUZb9HvhgE8xT33u34DKJfPbrR_N7dWkaH3x9aSGhpFUxT1i0LZ-_fJsf6Zh3Gb0gwbVkYu7vUA5B72smdKPH3HoTykyx0SFAr2Lsmz2mdEJysOBFsnF_en2_vT2we9jdi5X_TRXbVmMfDoXmLWkQGKAWHx8bZ0QjvpFnGI-L36OA8dmWFWfiLW6ZnCLRdeHR2e7_kNgTI4lRGHjN9dLdTUQSUXehcRhu6OHoPK3Ta4-UTgBSGb80sNHlNvZ6Dub_jrHsUVW_01a_bjMcZZGvMoxg2ik71Pttj4kxBTE_hu_NfnEXO2mGeYeRJcHptD-VAIR9I1MrO68L4V8AC7T4s1oE87SKsNniJYr0uH6wdhFssDSnPpT1pHVHo4HukES6exYueoHJfTk6VqYBqsf5vqD6f55QzOo%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| honeyreadinesscentral.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 | 192.243.61.227 | 200 OK | 11 kB |
URL GET HTTP/1.1honeyreadinesscentral.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hash5f7d93857ccf587138755b5a0c721f2f 993013346e77fe0f92a9658b59937dbb431cf988 f1eab3abca10dd9c1f9b56289b47092ae63d4d56a9bc0dff76deccc5c32fd009
GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 24 Apr 2024 04:30:33 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Thu, 25 Apr 2024 04:30:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 25 Apr 2024 04:30:33 GMT; secure; SameSite=None
uncs=1; expires=Thu, 25 Apr 2024 04:30:33 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 25 Apr 2024 04:30:33 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 25 Apr 2024 04:30:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 415add90b69a217ba83a0b727e7169f7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.trackingtraffo.com/pop/imp?auth=mz3u78&c=_AMzn6AIjWaj9OY_mJqOE0NwI9jANRdCWK_f-6Og0BbkRp1UgIEcz9b4LGLoec0drRRumETzVAVSXwBdbRJVV7qNKdu64_YFCjVjWAAFi9NEycD4gq8VZgyIhH_Zj8II-J3oagwvIsOHUqSOnpm3LWfPsHZWT1BIviblwEHCPaV5gfzwPtIanICSPI3iY-HNc10-cAg5Yee9h7mfiUVSxZBJuejlYXSF8HN71Wsn6uK2toUSL5wsWXhyBDyZ5PGSiX4g92KFX3hNKgH5u5iIgYIsLi81UzPXFyPsydMh_7rMQL3KttyXQXoeRpkE0sQQgrqsXZh883i-4m7eKUc64DZkjw8Uh2sV08TfVzfOEGNUyExbDbH4mZKierc5ENhdA2Yepbnqsw8R1VoWAYK9PmYdOsLNE3RIVCcE044NQuyKORMBxIvutNF7jmRkLu3YKbNJoUW0aYb8bAUZzv-3pmmEU364ObiiTvc63hk6FuDEVqIO5up3v0az4J-FG9rjeYFzFDRRL88EI7T_VZBhDHPgseHEgZEBI7HbgudyYONb59WXru6idQHX637VehPrmIRGfTaKzTzcEikH6MvEWtWwZ_YLSofgszShpzbdcPWVzLNlA74Vtm1iEJm0xLVtKhsXkyIBSc7iUKJ1UYkbD9UPeckBG6TCUyfxCjcLlffidqZoE5AQFA
|
|
| tiktokaukey.com/assets/css/styles.css?v=893011da | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3tiktokaukey.com/assets/css/styles.css?v=893011da IP188.114.96.1:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeASCII text, with CRLF line terminators Hashd3df1cf626eeb9c5934015c39d316d86 3ec8f6ce00c8f53a099260a732ddd187215158ca 893011dae859f658f350106ad7a30cd70cd7bb65546eb3aa1930bbe15026f452
GET /assets/css/styles.css?v=893011da HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:51:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3273
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9g8EHH9Jnb85Lsy1uBLSR5%2Fq8%2BP%2FHZzkumx2ZziLt8fSct%2BYU%2FIUFPqsuzPF4TDTA1%2FUB%2BxzKMhuKqyxblOiPYhwnlQwvyH4odrhv%2BX6UsU0YpzpamEzUn3qLLQBKhSJj2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be1dee856c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 Apr 2024 04:30:34 GMT
date: Wed, 24 Apr 2024 04:30:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 2584475
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bc88d4856b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cache48.vidoza.net/nvl4cpo6f4feieno3wuqbdh3nrykmiwuhidcwlagjrzbujppeblpdpfpu5wa/v.mp4 | 0.0.0.0 | | 0 B |
URL GET cache48.vidoza.net/nvl4cpo6f4feieno3wuqbdh3nrykmiwuhidcwlagjrzbujppeblpdpfpu5wa/v.mp4 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4cpo6f4feieno3wuqbdh3nrykmiwuhidcwlagjrzbujppeblpdpfpu5wa/v.mp4 HTTP/1.1
Host: cache48.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: video/mp4
content-length: 976375660
last-modified: Tue, 16 Apr 2024 17:30:51 GMT
etag: "661eb5cb-3a324f6c"
content-range: bytes 0-976375659/976375660
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-65a66"
expires: Fri, 24 May 2024 04:20:41 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 618 kB |
URL GET HTTP/2videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (63495) Size618 kB (618399 bytes) Hashffba0e4b3edaa1a4c6bc7ef04bcf0ba9 3507ae56cc30b273cf17d0cf4de234dafa4db0eb 57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-96f9f"
expires: Fri, 24 May 2024 04:20:41 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
etag: W/"65bbb0f0-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 640024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzxZR92LQzmM6y63u972WJC6vOMwdJ5leK3ZbACNZpln5SADlZXN4ca%2FWR2zRwzOjqnb6KVSDPt5zlc4x7vG03O4OTb5122FGfT7AisV%2B3s8Ug%2FbAV2WF9OwFnO6wjweXh2dUwsJowkv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bd56bec5695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ossgogoaton.com/tag.min.js | 188.114.96.1 | 200 OK | 72 kB |
URL GET HTTP/2ossgogoaton.com/tag.min.js IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectossgogoaton.com FingerprintB8:1E:A6:C4:2B:2A:31:03:63:B7:B8:7D:1A:4D:46:B1:54:80:C7:C6 ValidityWed, 06 Mar 2024 10:18:26 GMT - Tue, 04 Jun 2024 10:18:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hash1d0823a174c05c22b11bc687dd55b6b4 7983c415f2af90de42ca6fe8111f3d2b97a3684e 7edff1a6d73469e57b9ce0c96c1e233a66bf8b69460e3da3d61c65728811616e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 519cfb58b099066ddecc5e0c15ff9a0d
cache-control: max-age=86400
last-modified: Tue, 23 Apr 2024 15:12:11 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 24 Apr 2024 18:34:52 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 35742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGOwMdlNn1xH7Poufybe6Vj%2BYgptmSvWHdK7cw9oONUebEY9BihF9koOGOsJgXAnSyBvYaw9eHRRqYQvt7QUYxkU6JjyNm7Kl2BIOaj2fjqedpkNbjdXb88k2Ab3GZ0ANb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bdc5813712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 104.22.71.197 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxxP6fA7SCmH2G8WV1QlWSjYQqrhXMuU4mnVJ%2BC0TDBdD0m8wauRAkLOYl50RXawR1%2FOrt1xlzKQtqQJ8MuStl%2FhFDuRrC%2FB3dR8cstocthEq4VNWZUXk%2BKWd5%2FD0y55l3S4oUfS"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11534
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ca0a1d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cache48.vidoza.net/i/01/06926/f5cgsbviqpdn.jpg?v=1713933031 | 51.15.54.30 | 200 OK | 14 kB |
URL GET HTTP/2cache48.vidoza.net/i/01/06926/f5cgsbviqpdn.jpg?v=1713933031 IP51.15.54.30:443 ASN#12876 Scaleway S.a.s.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3 Hashe98fe2316d6c2510a5811d6f7220e7d7 28fd8d78563b7d06a3fbc5eaa5a91b06736bad26 4b13287407d9115ed92360d0397ad9c641883e56aa916d0515e8470dff62614b
GET /i/01/06926/f5cgsbviqpdn.jpg?v=1713933031 HTTP/1.1
Host: cache48.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: image/jpeg
content-length: 14041
last-modified: Tue, 16 Apr 2024 17:30:32 GMT
etag: "661eb5b8-36d9"
expires: Wed, 08 May 2024 04:30:33 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 104.22.71.197 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeC0kBV8KrFm3Zkv8J%2Bge%2FSmdij%2FcSJYFqs%2FClTVJvkDxtE2k4Lm3nrK2rBTmLtPWAmSuAfBAXieePa6WMNRv1VRamIPriaRn61zPtoPKykLcjj95XYi5NXBqGD5AN7dpzhIuExa"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11534
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ca061d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tiktokaukey.com/cdn/s3/a7d82e7b-3448-4f58-88fa-bc639064e1ed-main.webp | 188.114.96.1 | 200 OK | 12 kB |
URL GET HTTP/3tiktokaukey.com/cdn/s3/a7d82e7b-3448-4f58-88fa-bc639064e1ed-main.webp IP188.114.96.1:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1080x400, Scaling: [none]x[none], YUV color, decoders should clamp Hash2b6c9e3d55df6731aa0546c50be7566d e20cfefe3f2bf740075d974a1d49abb1f452b2c2 128f0a990b47fcad549e702d763828759c1b60bad1f92f2d0aea219ac68e7d1b
GET /cdn/s3/a7d82e7b-3448-4f58-88fa-bc639064e1ed-main.webp HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: image/webp
cache-control: max-age=14400
cf-cache-status: HIT
age: 3273
last-modified: Wed, 24 Apr 2024 03:36:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8RYlveIIQWlOTearfNPT5ywDUM0ZGlHTkREEHvDSrlk%2BwYPWqthVmHLd%2Bvom59wnMHgSrko6qowJ6QnBLT06WdIrI%2BEKeQD1hNv%2FNC8OawWqi8Gj1QhM%2BPfWM6PXnPKSrRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be1fef956c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsM9XG0vakf_pFTJ7OjPenf31HnGUcE1evskZW5JCAgO54JvFc5hipk0cvl1RwdP1l02cdZ8y2G_o4pwoMQoVT8NGuXxv9gIx3BZwVID58XjNmwXY19E3w9i7ig2Z_Ju28V8D3syMFYzNBU706IYsj-rhlN3XTM4Jm6bYhi9ji9Z8-BTGoOsbxBy4b0D-LhwfZ2atQY9EINGz-kc4AulWz0lb9wEvYTTtH1nN5R4wHXLJAkDMvvXAsulpe0cdWr0RWnCRsehCwxJjsAoHEIJwEZeUP_vZnMcxKhc9EL2H9_Mkuf_m33-efScUHSnQSXPhvQksJRlEpcagrhR-yqouC7dYUPw_9qORAVjYAlsq5QIU7WkgaQ3KiMIoSS7s9zDqzLu7UEq4AszEMo-EeNiRNgJr1XVx94wOj1tXpbIC4nf89ND92G0K5u3y-uIRIFdmjsngkx_vgtvAfYWP27keEQMtTjmIFNOFJGCsML-XwpZI74fWh8i29u7SLvbxMIhRSQcrKcdz0eNu6lvWvKVCqFEXrzgt4w4B7EEFjSzMuWkQ%3D | 176.9.41.14 | 200 OK | 14 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsM9XG0vakf_pFTJ7OjPenf31HnGUcE1evskZW5JCAgO54JvFc5hipk0cvl1RwdP1l02cdZ8y2G_o4pwoMQoVT8NGuXxv9gIx3BZwVID58XjNmwXY19E3w9i7ig2Z_Ju28V8D3syMFYzNBU706IYsj-rhlN3XTM4Jm6bYhi9ji9Z8-BTGoOsbxBy4b0D-LhwfZ2atQY9EINGz-kc4AulWz0lb9wEvYTTtH1nN5R4wHXLJAkDMvvXAsulpe0cdWr0RWnCRsehCwxJjsAoHEIJwEZeUP_vZnMcxKhc9EL2H9_Mkuf_m33-efScUHSnQSXPhvQksJRlEpcagrhR-yqouC7dYUPw_9qORAVjYAlsq5QIU7WkgaQ3KiMIoSS7s9zDqzLu7UEq4AszEMo-EeNiRNgJr1XVx94wOj1tXpbIC4nf89ND92G0K5u3y-uIRIFdmjsngkx_vgtvAfYWP27keEQMtTjmIFNOFJGCsML-XwpZI74fWh8i29u7SLvbxMIhRSQcrKcdz0eNu6lvWvKVCqFEXrzgt4w4B7EEFjSzMuWkQ%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash1ad25ee59d181d7a4b2b638702e4c4bc 3ed127031f660906382e4ba2300e3757e0f3bc45 3955976c3a917d5a7b163021c168ff1f8e8989346e7b2a4bfe09f0d6e201dea2
GET /imp?a=KnzF&e=gAAAAABmKIrsM9XG0vakf_pFTJ7OjPenf31HnGUcE1evskZW5JCAgO54JvFc5hipk0cvl1RwdP1l02cdZ8y2G_o4pwoMQoVT8NGuXxv9gIx3BZwVID58XjNmwXY19E3w9i7ig2Z_Ju28V8D3syMFYzNBU706IYsj-rhlN3XTM4Jm6bYhi9ji9Z8-BTGoOsbxBy4b0D-LhwfZ2atQY9EINGz-kc4AulWz0lb9wEvYTTtH1nN5R4wHXLJAkDMvvXAsulpe0cdWr0RWnCRsehCwxJjsAoHEIJwEZeUP_vZnMcxKhc9EL2H9_Mkuf_m33-efScUHSnQSXPhvQksJRlEpcagrhR-yqouC7dYUPw_9qORAVjYAlsq5QIU7WkgaQ3KiMIoSS7s9zDqzLu7UEq4AszEMo-EeNiRNgJr1XVx94wOj1tXpbIC4nf89ND92G0K5u3y-uIRIFdmjsngkx_vgtvAfYWP27keEQMtTjmIFNOFJGCsML-XwpZI74fWh8i29u7SLvbxMIhRSQcrKcdz0eNu6lvWvKVCqFEXrzgt4w4B7EEFjSzMuWkQ%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.831246512398049 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.831246512398049 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.831246512398049 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-1c25"
expires: Fri, 24 May 2024 04:30:31 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.71.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zug0GuV8TT18l%2FvMZH%2FJnDeJHp7wf%2B1Y662Hj9%2BLzz2bUcCdNCoPp%2Fh0DEFIQdCRWhP4K%2BoKw%2FRmNo3FmNPd%2Fwhjcq0lNYxvJsnDWqwQO4JO8fVs77yEaENmOQytJ1Ua8d%2FapSMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 16345
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bcd183e1d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ittostart.us/cdn/s3/5bde8633-072b-4cd5-87f7-82ddddc4441c-logo.webp | 172.67.198.45 | 200 OK | 2.7 kB |
URL GET HTTP/3ittostart.us/cdn/s3/5bde8633-072b-4cd5-87f7-82ddddc4441c-logo.webp IP172.67.198.45:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 200x52, Scaling: [none]x[none], YUV color, decoders should clamp Hash98d114b49ea036a915ef8dd589159f11 171df2740d2e738f56fe1c162950dab7f131af11 f2c6b48fd1be4534d7fb0c61d2048cf572661389ddac97eb4d9696e3f66bbde4
GET /cdn/s3/5bde8633-072b-4cd5-87f7-82ddddc4441c-logo.webp HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/webp
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
last-modified: Wed, 24 Apr 2024 04:23:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2PEwHkvnUPMS7lxqDKTJoyL%2BH9lqAzvFmbG5PVMdzGnLKn9aQ%2F%2BtRjiCn%2BCBhSyNSqTkTzyx9oR3xygLsYwyuaPPKUzWIoUgBOEmR%2BwmrYJkO2lhf9YjM8XGMyFzWQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be6aea5b503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| zv.7vid.net/api/spots/70102?s1=173354&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70102?s1=173354&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70102?s1=173354&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=zuPhSc7EyWQ7gHHL1Gg7; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 104.22.71.197 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9SlRo17%2FEYYEY7TY5VUBa2G0luclF%2Fi9mKP9JIoxaGyg9HDTkx2QKGyXUgtsqVrmCpVypdr9QFZX1ju19YZtHnDUhdiuj6G3zHqk6iKvpR1qlQKK8BqoVYJrA9%2B5qfHIQrYZfty"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18984
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bc90bac9300-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsg7nLKTwF26bTwiIZYhQIplE7PwISdVQbVLf3GJqQ3fBKa6MsOetovvtZuywJ6g2Pqzlqf8gtOblDP4Rpug6TWwZBzkBqI8PVKLYHfQw-6XttzpuVyHPG15jKhcFuORAEssZUEK0B39F5-dfKsYQk6t8tGv1htSrmW3R3s2pIlB_mxpg154HkCT3d0aLj7urTXK9-k1qNTXylU54drzWReeMCNAzRbcpb6gqVLP4xti8Q-g-9ln0sqSsfatEiX-tGFwd6iax5IlsZSi9P5S9qxazbbppYnWc4G5P6qPWAeDYHCoq64VmoPbXfEkbveo2FOwjULYdIgS6Tm2jjlbszwm7YTAP2_gRd63LncSDUPd98jrxcHWKcJuUzveF2c8xABFSiia1cs3ogKY585d5y-n4KbDwIZm7kzj-jTD75J9KQl-2NunWlQJW21Zi_ghFx53I1khnFXgqiO5OwDV4hNRByY7NbCTBoczYeAJghsom8nCfC_YdU_NzMqKoWPhGnOSp7XAY0a-66VSjxw_38Dw%3D%3D | 176.9.41.14 | 200 OK | 11 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsg7nLKTwF26bTwiIZYhQIplE7PwISdVQbVLf3GJqQ3fBKa6MsOetovvtZuywJ6g2Pqzlqf8gtOblDP4Rpug6TWwZBzkBqI8PVKLYHfQw-6XttzpuVyHPG15jKhcFuORAEssZUEK0B39F5-dfKsYQk6t8tGv1htSrmW3R3s2pIlB_mxpg154HkCT3d0aLj7urTXK9-k1qNTXylU54drzWReeMCNAzRbcpb6gqVLP4xti8Q-g-9ln0sqSsfatEiX-tGFwd6iax5IlsZSi9P5S9qxazbbppYnWc4G5P6qPWAeDYHCoq64VmoPbXfEkbveo2FOwjULYdIgS6Tm2jjlbszwm7YTAP2_gRd63LncSDUPd98jrxcHWKcJuUzveF2c8xABFSiia1cs3ogKY585d5y-n4KbDwIZm7kzj-jTD75J9KQl-2NunWlQJW21Zi_ghFx53I1khnFXgqiO5OwDV4hNRByY7NbCTBoczYeAJghsom8nCfC_YdU_NzMqKoWPhGnOSp7XAY0a-66VSjxw_38Dw%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hashea1b1ea6b100c3f247afd7b51a58e4e6 eae53c1c9a34cfa671785b8b364caecb45a85992 8e107fd9aa0c182b280a85a5d5312835026121f6bf617a95221b36e09a957429
GET /imp?a=KnzF&e=gAAAAABmKIrsg7nLKTwF26bTwiIZYhQIplE7PwISdVQbVLf3GJqQ3fBKa6MsOetovvtZuywJ6g2Pqzlqf8gtOblDP4Rpug6TWwZBzkBqI8PVKLYHfQw-6XttzpuVyHPG15jKhcFuORAEssZUEK0B39F5-dfKsYQk6t8tGv1htSrmW3R3s2pIlB_mxpg154HkCT3d0aLj7urTXK9-k1qNTXylU54drzWReeMCNAzRbcpb6gqVLP4xti8Q-g-9ln0sqSsfatEiX-tGFwd6iax5IlsZSi9P5S9qxazbbppYnWc4G5P6qPWAeDYHCoq64VmoPbXfEkbveo2FOwjULYdIgS6Tm2jjlbszwm7YTAP2_gRd63LncSDUPd98jrxcHWKcJuUzveF2c8xABFSiia1cs3ogKY585d5y-n4KbDwIZm7kzj-jTD75J9KQl-2NunWlQJW21Zi_ghFx53I1khnFXgqiO5OwDV4hNRByY7NbCTBoczYeAJghsom8nCfC_YdU_NzMqKoWPhGnOSp7XAY0a-66VSjxw_38Dw%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1183"
expires: Fri, 24 May 2024 04:20:51 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 526 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://r.mylot.com/p.aspx?u=0f2fa9ca-b729-4bcc-b032-fa8fff6c4869
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 104.22.71.197 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CohOZeOb1xMSZ%2BHTUsfImZLbvEqa4vkKVJ1bSdKkcq99if2hWa%2FX%2B2IKUGa0Khmu1oNHn55RePDGaGgk7mtdV7niwHMHX40wQicF7lQ%2FDVFidd4m1GM%2F8gZ2ykiP33rwQNp%2BvyvW"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11534
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ca0b1d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843za200&_p=1713933032206&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1731809741.1713933033&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713933033&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2099 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843za200&_p=1713933032206&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1731809741.1713933033&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713933033&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2099 IP216.239.34.36:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44m0v9104348843za200&_p=1713933032206&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1731809741.1713933033&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713933033&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2099 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 24 Apr 2024 04:30:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsyPUuXfzTqs4vZrDArU-gpxPndQZl_essIh11VjFrWCuh349CcOCk8cq7hShbJ4v_RzX0gpbi9FO2pU4xS2CloiOkm4SzCVQWmYOZKCcKjP8FnYXwZG9CFsFiVMNbtu8hilGXCzNoWKyyd4qgTBtvsRQEUINYV5CY0bSLyDt7sQ1_vq9ASExsOfB1_VaJY5rshQThUmWaFG1MZII3heWt7VXLNpWiu7WYCUG5O13SnTNeeiuuPKOIuiCCl2V08NZs1UDaGBjwvIChAQCOS13Ml6ef-KJwjQ_mRfAEqFc76AVmaWtHKMqh9BnjPFH6vnDqsQWT8VZIccpi1UArJ7J2nDrKP1Knc4BRHjylwuaBMZHlyohLEWg9GNkIm-9KUBdKZUEOciM1AHp5IK9U_9qBVAndFcFRXEiVjzmnuOGXR7sJ0T2F31E9NCj0ZXhc5S9vLkgssymIieLkzPyhz1Jf6YgQ4lIpEAA8iTjDJswYkrEoFOFAS3f7ZWUfWZ9XOVkgVPIdfU6Ui1stXFC_TcmoDSouDfkDwlW7TmgggJDg2qU%3D | 176.9.41.14 | 200 OK | 7.3 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsyPUuXfzTqs4vZrDArU-gpxPndQZl_essIh11VjFrWCuh349CcOCk8cq7hShbJ4v_RzX0gpbi9FO2pU4xS2CloiOkm4SzCVQWmYOZKCcKjP8FnYXwZG9CFsFiVMNbtu8hilGXCzNoWKyyd4qgTBtvsRQEUINYV5CY0bSLyDt7sQ1_vq9ASExsOfB1_VaJY5rshQThUmWaFG1MZII3heWt7VXLNpWiu7WYCUG5O13SnTNeeiuuPKOIuiCCl2V08NZs1UDaGBjwvIChAQCOS13Ml6ef-KJwjQ_mRfAEqFc76AVmaWtHKMqh9BnjPFH6vnDqsQWT8VZIccpi1UArJ7J2nDrKP1Knc4BRHjylwuaBMZHlyohLEWg9GNkIm-9KUBdKZUEOciM1AHp5IK9U_9qBVAndFcFRXEiVjzmnuOGXR7sJ0T2F31E9NCj0ZXhc5S9vLkgssymIieLkzPyhz1Jf6YgQ4lIpEAA8iTjDJswYkrEoFOFAS3f7ZWUfWZ9XOVkgVPIdfU6Ui1stXFC_TcmoDSouDfkDwlW7TmgggJDg2qU%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash1082626b2ce2790e3bf793c2cefc3574 62e0ec618e00a763751e44e566cb015ef1b3f046 b7dee51fa9b5ad1b05e0319b6781ba9afcc359c38b9e83d09dd7c214deb37b9a
GET /imp?a=KnzF&e=gAAAAABmKIrsyPUuXfzTqs4vZrDArU-gpxPndQZl_essIh11VjFrWCuh349CcOCk8cq7hShbJ4v_RzX0gpbi9FO2pU4xS2CloiOkm4SzCVQWmYOZKCcKjP8FnYXwZG9CFsFiVMNbtu8hilGXCzNoWKyyd4qgTBtvsRQEUINYV5CY0bSLyDt7sQ1_vq9ASExsOfB1_VaJY5rshQThUmWaFG1MZII3heWt7VXLNpWiu7WYCUG5O13SnTNeeiuuPKOIuiCCl2V08NZs1UDaGBjwvIChAQCOS13Ml6ef-KJwjQ_mRfAEqFc76AVmaWtHKMqh9BnjPFH6vnDqsQWT8VZIccpi1UArJ7J2nDrKP1Knc4BRHjylwuaBMZHlyohLEWg9GNkIm-9KUBdKZUEOciM1AHp5IK9U_9qBVAndFcFRXEiVjzmnuOGXR7sJ0T2F31E9NCj0ZXhc5S9vLkgssymIieLkzPyhz1Jf6YgQ4lIpEAA8iTjDJswYkrEoFOFAS3f7ZWUfWZ9XOVkgVPIdfU6Ui1stXFC_TcmoDSouDfkDwlW7TmgggJDg2qU%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsZsjnpoOv6HPtdt1up8BmRE6DVYyiWsIP2O8z7PfE1l8tD6vsUB6pPhfeALs3yNSxbpdcIEI58P77MPdrRvTlcwb3pKMX-0Gb3DAOJkickgiWhBdnCQQOsTPdsrDyHrEH9c3Vdwcwb77eoTpXkvALLF_1lLLqqPO1rDlqfOmUy-mW11Aji7c3ImlNrsV6JJoiF82MIc1JlrNCEk5aKlX5j7zQkLXu6CQMmtcfFhMTWaoPazErEj045Xrg6iST_k72gI8wTjciF8GHVmpSmuOulkLnnkliBAuL45TCtgPYlnhetjXlpiy7vl9AeittIv3szruhSGF2eBTm5legprmj42STgGduvAizLA3lUc7hWO3OrQU9frONuZazFZPY7KzyeSQcsQ8gcM3oirz7MFUefRMBv_q2_Bq2h_6dgZGw0fKGOFeN_0o62GN64Yp559HEobAGwvHlex4DpH5bx1NRYmtId6uH1c7-2tB7z1xO5PmqZ2XtxWv5hA1ruFZrb5ADqxnfVmZwXxc9t61lm8WxTA%3D%3D | 176.9.41.14 | 200 OK | 13 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsZsjnpoOv6HPtdt1up8BmRE6DVYyiWsIP2O8z7PfE1l8tD6vsUB6pPhfeALs3yNSxbpdcIEI58P77MPdrRvTlcwb3pKMX-0Gb3DAOJkickgiWhBdnCQQOsTPdsrDyHrEH9c3Vdwcwb77eoTpXkvALLF_1lLLqqPO1rDlqfOmUy-mW11Aji7c3ImlNrsV6JJoiF82MIc1JlrNCEk5aKlX5j7zQkLXu6CQMmtcfFhMTWaoPazErEj045Xrg6iST_k72gI8wTjciF8GHVmpSmuOulkLnnkliBAuL45TCtgPYlnhetjXlpiy7vl9AeittIv3szruhSGF2eBTm5legprmj42STgGduvAizLA3lUc7hWO3OrQU9frONuZazFZPY7KzyeSQcsQ8gcM3oirz7MFUefRMBv_q2_Bq2h_6dgZGw0fKGOFeN_0o62GN64Yp559HEobAGwvHlex4DpH5bx1NRYmtId6uH1c7-2tB7z1xO5PmqZ2XtxWv5hA1ruFZrb5ADqxnfVmZwXxc9t61lm8WxTA%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 290x174, components 3 Hash9da835c00dc6ee91dc2026d9b4c34788 44a0cedbd56f6ccbdd51ebccd473e0593610852a 40d05408e8ebdc5824a78285cc4afe8f8a69bbf4f0f95e6a0f64417b3cad8c68
GET /imp?a=KnzF&e=gAAAAABmKIrsZsjnpoOv6HPtdt1up8BmRE6DVYyiWsIP2O8z7PfE1l8tD6vsUB6pPhfeALs3yNSxbpdcIEI58P77MPdrRvTlcwb3pKMX-0Gb3DAOJkickgiWhBdnCQQOsTPdsrDyHrEH9c3Vdwcwb77eoTpXkvALLF_1lLLqqPO1rDlqfOmUy-mW11Aji7c3ImlNrsV6JJoiF82MIc1JlrNCEk5aKlX5j7zQkLXu6CQMmtcfFhMTWaoPazErEj045Xrg6iST_k72gI8wTjciF8GHVmpSmuOulkLnnkliBAuL45TCtgPYlnhetjXlpiy7vl9AeittIv3szruhSGF2eBTm5legprmj42STgGduvAizLA3lUc7hWO3OrQU9frONuZazFZPY7KzyeSQcsQ8gcM3oirz7MFUefRMBv_q2_Bq2h_6dgZGw0fKGOFeN_0o62GN64Yp559HEobAGwvHlex4DpH5bx1NRYmtId6uH1c7-2tB7z1xO5PmqZ2XtxWv5hA1ruFZrb5ADqxnfVmZwXxc9t61lm8WxTA%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.71.197 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uyznthxAYKLdqkqMFs%2BlEmSND%2FCZW0SgKJ90BaRtGb5KqnzDppiPL7X%2FonZ8a7tCIwb6q1ayJ2CjdGXG%2F%2FKHGIr3pkK%2BZl5ILozvXlUtMJT9pwQBhRfaQMa48icbnNAN1iN5Sbc"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18001
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bcd18431d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 104.21.37.74 | 200 OK | 239 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31bV2Jy IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Y8SwyEvyn8hYRqgliUFwUGYlyxBwqk77Ubx%2Fhp8A1FGRSZTW53OcWecKlR9mOlJAmLz9pRXeFicwhrH%2BC7gUczmYdSkZjovKiW%2BDf9%2B%2BiTdCGIJgGzNvIGL4Da5WmknM0tzdJWysK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bce9fa4b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cache48.vidoza.net/nvl4cpo6f4feieno3wuqbdh3nrykmiwuhidcwlagjrzbujppeblpdpfpu5wa/v.mp4 | 51.15.54.30 | 206 Partial Content | 311 kB |
URL GET HTTP/2cache48.vidoza.net/nvl4cpo6f4feieno3wuqbdh3nrykmiwuhidcwlagjrzbujppeblpdpfpu5wa/v.mp4 IP51.15.54.30:443 ASN#12876 Scaleway S.a.s.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size311 kB (311242 bytes) Hash4b30f8495c3e768409f3ccd0e8319e1d 0e0f19dade84eca59852e69641db036a7a686424 36cdf806cd3dfaeb6185cf8eea0ad6c87c7946b16df9e531ad099cd3cdf5a9a6
GET /nvl4cpo6f4feieno3wuqbdh3nrykmiwuhidcwlagjrzbujppeblpdpfpu5wa/v.mp4 HTTP/1.1
Host: cache48.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: video/mp4
content-length: 976375660
last-modified: Tue, 16 Apr 2024 17:30:51 GMT
etag: "661eb5cb-3a324f6c"
content-range: bytes 0-976375659/976375660
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/settings/59846 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2tr.7vid.net/api/settings/59846 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59846 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsxyROtJCOs3FhtgsXF9AIhyWRMpS5468pgoLontDk703rIS5oDpzgJDJ2qFGdhSZofIGUwbARRVixcK4vaaW1_DwbyGi64zeyy3Y41lfzPbblsOj6_NdBNeC91hx8ikrfC4Bk_Ep4WLqMxdOal3PZnwiq635c3xdIf3xmgporwfUWDRCh4hbqBF06fzTl9H0KW7VtlzuMDCbIJzCMplpVWk2la8zn_kKZ1qZvbXgnLgOJZhJXWo9OQ06LB8WGhCTX7xs68MNQ8XpS1ZH2HXf5nouQAMm1Eo4OeDx_j7RrTfSljokkjp_vVhLRS-lOONFt4N8UJlaizALhultamWwHsN4vQ1MqONbcY8uFsNsjydtI5IlZNgbBDvgNS4-xn5hFHLcE7kd-8aQADMVqo5rxfrB_WZoKdeuqAp5botEvymNAZtovd8NZdmBPkdGf9MAsPS29SNr2sAL2YpGyjsQ3oXW5FcBH9dVroS40apV3YncEEoe4J863zFwq6axkqmIJ32RVUnvsQCmaDKijtnFQmQ%3D%3D | 176.9.41.14 | 200 OK | 12 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsxyROtJCOs3FhtgsXF9AIhyWRMpS5468pgoLontDk703rIS5oDpzgJDJ2qFGdhSZofIGUwbARRVixcK4vaaW1_DwbyGi64zeyy3Y41lfzPbblsOj6_NdBNeC91hx8ikrfC4Bk_Ep4WLqMxdOal3PZnwiq635c3xdIf3xmgporwfUWDRCh4hbqBF06fzTl9H0KW7VtlzuMDCbIJzCMplpVWk2la8zn_kKZ1qZvbXgnLgOJZhJXWo9OQ06LB8WGhCTX7xs68MNQ8XpS1ZH2HXf5nouQAMm1Eo4OeDx_j7RrTfSljokkjp_vVhLRS-lOONFt4N8UJlaizALhultamWwHsN4vQ1MqONbcY8uFsNsjydtI5IlZNgbBDvgNS4-xn5hFHLcE7kd-8aQADMVqo5rxfrB_WZoKdeuqAp5botEvymNAZtovd8NZdmBPkdGf9MAsPS29SNr2sAL2YpGyjsQ3oXW5FcBH9dVroS40apV3YncEEoe4J863zFwq6axkqmIJ32RVUnvsQCmaDKijtnFQmQ%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash1518901d99ff9e012e5098dba7e39169 a060eb128217a3ceb0d63d15662b9e6ec32b35d0 3c1817334dcde24c6de37b34f5eb15bafbcd2dff01ee4c9d5514e81b314a044a
GET /imp?a=KnzF&e=gAAAAABmKIrsxyROtJCOs3FhtgsXF9AIhyWRMpS5468pgoLontDk703rIS5oDpzgJDJ2qFGdhSZofIGUwbARRVixcK4vaaW1_DwbyGi64zeyy3Y41lfzPbblsOj6_NdBNeC91hx8ikrfC4Bk_Ep4WLqMxdOal3PZnwiq635c3xdIf3xmgporwfUWDRCh4hbqBF06fzTl9H0KW7VtlzuMDCbIJzCMplpVWk2la8zn_kKZ1qZvbXgnLgOJZhJXWo9OQ06LB8WGhCTX7xs68MNQ8XpS1ZH2HXf5nouQAMm1Eo4OeDx_j7RrTfSljokkjp_vVhLRS-lOONFt4N8UJlaizALhultamWwHsN4vQ1MqONbcY8uFsNsjydtI5IlZNgbBDvgNS4-xn5hFHLcE7kd-8aQADMVqo5rxfrB_WZoKdeuqAp5botEvymNAZtovd8NZdmBPkdGf9MAsPS29SNr2sAL2YpGyjsQ3oXW5FcBH9dVroS40apV3YncEEoe4J863zFwq6axkqmIJ32RVUnvsQCmaDKijtnFQmQ%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaOTwasD9t%2BJlfA17Cn795csAMzP2tV%2FJ3q9EkRWlk%2B2J5gUfvsyLHpVx3uawi2iJ2GR51qGDZV%2FdmGJnKDoyAjOymkT1fPP26pgKODyAQfCLDSuiO0f4kvwzSCi4wR%2FktxOlI0Speo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bce7f95b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| track.trackingtraffo.com/pop/imp?auth=mz3u78&c=_AMzn6AIjWaj9OY_mJqOE0NwI9jANRdCWK_f-6Og0BbkRp1UgIEcz9b4LGLoec0drRRumETzVAVSXwBdbRJVV7qNKdu64_YFCjVjWAAFi9NEycD4gq8VZgyIhH_Zj8II-J3oagwvIsOHUqSOnpm3LWfPsHZWT1BIviblwEHCPaV5gfzwPtIanICSPI3iY-HNc10-cAg5Yee9h7mfiUVSxZBJuejlYXSF8HN71Wsn6uK2toUSL5wsWXhyBDyZ5PGSiX4g92KFX3hNKgH5u5iIgYIsLi81UzPXFyPsydMh_7rMQL3KttyXQXoeRpkE0sQQgrqsXZh883i-4m7eKUc64DZkjw8Uh2sV08TfVzfOEGNUyExbDbH4mZKierc5ENhdA2Yepbnqsw8R1VoWAYK9PmYdOsLNE3RIVCcE044NQuyKORMBxIvutNF7jmRkLu3YKbNJoUW0aYb8bAUZzv-3pmmEU364ObiiTvc63hk6FuDEVqIO5up3v0az4J-FG9rjeYFzFDRRL88EI7T_VZBhDHPgseHEgZEBI7HbgudyYONb59WXru6idQHX637VehPrmIRGfTaKzTzcEikH6MvEWtWwZ_YLSofgszShpzbdcPWVzLNlA74Vtm1iEJm0xLVtKhsXkyIBSc7iUKJ1UYkbD9UPeckBG6TCUyfxCjcLlffidqZoE5AQFA | 88.214.206.175 | 204 No Content | 0 B |
URL GET HTTP/1.1track.trackingtraffo.com/pop/imp?auth=mz3u78&c=_AMzn6AIjWaj9OY_mJqOE0NwI9jANRdCWK_f-6Og0BbkRp1UgIEcz9b4LGLoec0drRRumETzVAVSXwBdbRJVV7qNKdu64_YFCjVjWAAFi9NEycD4gq8VZgyIhH_Zj8II-J3oagwvIsOHUqSOnpm3LWfPsHZWT1BIviblwEHCPaV5gfzwPtIanICSPI3iY-HNc10-cAg5Yee9h7mfiUVSxZBJuejlYXSF8HN71Wsn6uK2toUSL5wsWXhyBDyZ5PGSiX4g92KFX3hNKgH5u5iIgYIsLi81UzPXFyPsydMh_7rMQL3KttyXQXoeRpkE0sQQgrqsXZh883i-4m7eKUc64DZkjw8Uh2sV08TfVzfOEGNUyExbDbH4mZKierc5ENhdA2Yepbnqsw8R1VoWAYK9PmYdOsLNE3RIVCcE044NQuyKORMBxIvutNF7jmRkLu3YKbNJoUW0aYb8bAUZzv-3pmmEU364ObiiTvc63hk6FuDEVqIO5up3v0az4J-FG9rjeYFzFDRRL88EI7T_VZBhDHPgseHEgZEBI7HbgudyYONb59WXru6idQHX637VehPrmIRGfTaKzTzcEikH6MvEWtWwZ_YLSofgszShpzbdcPWVzLNlA74Vtm1iEJm0xLVtKhsXkyIBSc7iUKJ1UYkbD9UPeckBG6TCUyfxCjcLlffidqZoE5AQFA IP88.214.206.175:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjecttrackingtraffo.com Fingerprint66:CE:68:F3:6C:8A:98:F0:D8:02:5B:C4:5E:2E:C7:B0:C7:73:5B:A8 ValidityThu, 23 Nov 2023 00:00:00 GMT - Fri, 22 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pop/imp?auth=mz3u78&c=_AMzn6AIjWaj9OY_mJqOE0NwI9jANRdCWK_f-6Og0BbkRp1UgIEcz9b4LGLoec0drRRumETzVAVSXwBdbRJVV7qNKdu64_YFCjVjWAAFi9NEycD4gq8VZgyIhH_Zj8II-J3oagwvIsOHUqSOnpm3LWfPsHZWT1BIviblwEHCPaV5gfzwPtIanICSPI3iY-HNc10-cAg5Yee9h7mfiUVSxZBJuejlYXSF8HN71Wsn6uK2toUSL5wsWXhyBDyZ5PGSiX4g92KFX3hNKgH5u5iIgYIsLi81UzPXFyPsydMh_7rMQL3KttyXQXoeRpkE0sQQgrqsXZh883i-4m7eKUc64DZkjw8Uh2sV08TfVzfOEGNUyExbDbH4mZKierc5ENhdA2Yepbnqsw8R1VoWAYK9PmYdOsLNE3RIVCcE044NQuyKORMBxIvutNF7jmRkLu3YKbNJoUW0aYb8bAUZzv-3pmmEU364ObiiTvc63hk6FuDEVqIO5up3v0az4J-FG9rjeYFzFDRRL88EI7T_VZBhDHPgseHEgZEBI7HbgudyYONb59WXru6idQHX637VehPrmIRGfTaKzTzcEikH6MvEWtWwZ_YLSofgszShpzbdcPWVzLNlA74Vtm1iEJm0xLVtKhsXkyIBSc7iUKJ1UYkbD9UPeckBG6TCUyfxCjcLlffidqZoE5AQFA HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 24 Apr 2024 04:30:34 GMT
Connection: keep-alive
|
|
| js.onclmng.com/log/count.html | 45.133.44.53 | 200 OK | 865 B |
URL GET HTTP/2js.onclmng.com/log/count.html IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectjs.onclmng.com FingerprintB3:BD:42:00:AB:0A:D1:81:F6:DF:A9:BF:45:0F:B4:82:56:28:B3:64 ValidityWed, 10 Apr 2024 08:09:23 GMT - Tue, 09 Jul 2024 08:09:22 GMT
File typeJavaScript source, ASCII text, with very long lines (900), with no line terminators Hashe4c52a568ea37d6a4a1cec72fb86bfce cd378be2c9e09cb9ce5f94a97e861fc00ca4d501 28e645140cf26924f40ab54a7f938ef7b06bb1e1ee2707023bd66baced0cb7df
GET /log/count.html HTTP/1.1
Host: js.onclmng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:37 GMT
content-type: text/html; charset=utf-8
server: nginx/1.18.0
last-modified: Mon, 09 Oct 2023 14:41:31 GMT
etag: W/"6524111b-361"
content-encoding: gzip
expires: Wed, 24 Apr 2024 04:35:37 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 24 Apr 2024 04:30:34 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.trackingtraffo.com/pop/imp?auth=mz3u78&c=hfIjpqZyWqrcvX9px9nqxwk5R8lGmnRS2O9eCw6EU_Cei1lPvKSlT7rWX-d9S_-zbQqAiWSZHJ8nCflrov5qSa7OCZhh0LiYnN5VK62-R3CMkzPZ0Yi5oXDljWmYq_PH5o2EMDdh_LRWBJb65FicCn1fQD1PXLINUJnENhIGN9C3qhtvOdEOYPq9d5AIovfRxYggvYlYqkIHOxfSPdoVbLVe6mp4WRT4iK4IWwzC0BNRRwDwD1z9t5TPadAYC4GAsFfikGRnmjEfKP73bllMrv1HGwCYh0WbtPB23NLTwcmz33wxUSxTivNmvd5dxAaOh-AJisYYJsG-jkS_s_lbHahc1af2HcgVXSlskrjlZPfDe5MVoMVs37RdgatYDaX2DGoZr4Ygi9kdFr1q2B3RjluQ3hx0UqQJf66UElVAgutV1J3oQXhOhnGkEduZhezvybApfNgwE40MI1nJfXz2Tz8ekemMU9Ai5L5f-BCXYaMbpSHR04WEJuQG_O3Lxwi7hFXOygqd9cehS4IXOFBlpJ9mSU1eEo2KMpsOuYa3U2sPQSxAmVzReYF8iLHaYJSr368imCFCcdtAz9ESdbhO2gHOAbjxhS9gXtssxgSjvaImoegMINBm-BUEQXMXE7z2mxg-JAFgEfRX2XAE_KQ5r1YZb7sB7u5yjvEoQ1qepUcwGW5tt0Z-2A
|
|
| tiktokaukey.com/?utm_source=ds | 188.114.96.1 | 200 OK | 7.8 kB |
URL GET HTTP/2tiktokaukey.com/?utm_source=ds IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeJavaScript source, ASCII text, with very long lines (8179), with no line terminators Hash0550dd483859f2f9bc9de04d79107b11 b24518e897c897421ec2d2637c8149f464e1c5b0 4005efc33f7a3d9074e2f88673bcedb091773951b90c45c811bb327a53405f7a
GET /?utm_source=ds HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://guardedrook.cc/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CczjnflyhPwmUGSkb96DCFjWy2IsrIftAtpmRbaoQ0jrAonhUuA1AhB6nmAm3xICfr%2FPkyIBavbPOb2DOpVa59e7NJNF%2ByI6c6sqDY56jICWi2iw7Mwh22%2BJFz98mr6qitk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bdf98c97128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ittostart.us/libs/css/fontawesome.css?v=7f0dda18 | 172.67.198.45 | 200 OK | 1.3 kB |
URL GET HTTP/3ittostart.us/libs/css/fontawesome.css?v=7f0dda18 IP172.67.198.45:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeASCII text, with very long lines (1333), with no line terminators Hashfe154df18823090ded97ca52e2b53de3 30a292908e9c3c5e200907f89b246739c907558c 839e0d080f078eaffeb86027b8a83fec1506a837e370aa1e4e17cb22b967fe82
GET /libs/css/fontawesome.css?v=7f0dda18 HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/?utm_source=ds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:51:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeU5%2Fnvbj%2Fa1kBZNsdaLgDCNKm6GgGb9WeisM68DL1By1SGgmJroYjbQZBShFKSklbmCnAo81cn%2F6fssGusvBtgVfHEeURbW2f1zKzftcj%2FSaNWeyeFKMFyvBVPfBeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be69e9cb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| js.onclckpp.com/popunder-admanager/build.m.js | 45.133.44.53 | 200 OK | 97 kB |
URL GET HTTP/2js.onclckpp.com/popunder-admanager/build.m.js IP45.133.44.53:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectjs.onclckpp.com FingerprintA8:6D:6C:51:D2:87:DA:A4:84:97:5D:DD:FE:A3:4B:E9:D6:C6:DA:71 ValidityFri, 12 Apr 2024 03:01:03 GMT - Thu, 11 Jul 2024 03:01:02 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder-admanager/build.m.js HTTP/1.1
Host: js.onclckpp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:37 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 14:24:01 GMT
etag: W/"661e8a01-17ae8"
content-encoding: gzip
expires: Wed, 24 Apr 2024 04:35:37 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1731809741.1713933033>m=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=543828205 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1731809741.1713933033>m=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=543828205 IP142.250.74.163:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1731809741.1713933033>m=45je44m0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=543828205 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 04:30:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/104 | 139.45.197.242 | 200 OK | 2.9 kB |
IP139.45.197.242:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3203), with no line terminators Hashbf7e6a2ee1c41b0499f74cce60cc1a6e 08414b928abbfc4872c1387d71ee703a3b5192e4 7bc00aa25b7f1557e36b7c22425fe7825faffff8a1a5202325750516044bc93f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9cacf71f-db79-4a37-8e7d-81a21ea77ba5 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9cacf71f-db79-4a37-8e7d-81a21ea77ba5 IP139.45.195.254:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=9cacf71f-db79-4a37-8e7d-81a21ea77ba5 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1402
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 24 Apr 2024 04:30:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| cdn.itskiddien.club/?rb=tOb9PuHQTSObJRBHAcfamh7AxZEyM1D4C8sL47beFV-19t314Yc4IG1n059FgrfQYMT8ymq9KyJSgyPvW45ptFlLFk9obpG7aH8skBKcvx5smWv3jIenqMzdkFzQyHDfirhlNMCn8iFPWOJMmm1jMlDiRUCN0YqYkYxWHZ3R0qrq3G4Aru2LKLxKRdMw_b84f0aS-yuuM1LcnteLWlnSE2B9XOeQleB54t4tYhI6MWK8L3ZI5b6ZhWXuycB6wmaeyAJ3mi9Xend86sHpvfcHXGkzJ1I%3D&request_ab2=150120&zoneid=5902452&js_build=iclick-v1.778.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.778.2-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=89e0170e-d6b3-4803-8e5b-e5501d73cc58&userId=008048b037a2449df30f9a79142ab032&m=link | 139.45.197.236 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.itskiddien.club/?rb=tOb9PuHQTSObJRBHAcfamh7AxZEyM1D4C8sL47beFV-19t314Yc4IG1n059FgrfQYMT8ymq9KyJSgyPvW45ptFlLFk9obpG7aH8skBKcvx5smWv3jIenqMzdkFzQyHDfirhlNMCn8iFPWOJMmm1jMlDiRUCN0YqYkYxWHZ3R0qrq3G4Aru2LKLxKRdMw_b84f0aS-yuuM1LcnteLWlnSE2B9XOeQleB54t4tYhI6MWK8L3ZI5b6ZhWXuycB6wmaeyAJ3mi9Xend86sHpvfcHXGkzJ1I%3D&request_ab2=150120&zoneid=5902452&js_build=iclick-v1.778.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.778.2-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=89e0170e-d6b3-4803-8e5b-e5501d73cc58&userId=008048b037a2449df30f9a79142ab032&m=link IP139.45.197.236:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3023), with no line terminators Hashcb99c7b91b2e8e547e388116cbc76cd6 5b1fbae0bd67851b818add7f175833dec7b51a41 51b43c5514ded18905763ca906a1c9b7b0b41e41d29ffde8ac45ba5b15b56a86
GET /?rb=tOb9PuHQTSObJRBHAcfamh7AxZEyM1D4C8sL47beFV-19t314Yc4IG1n059FgrfQYMT8ymq9KyJSgyPvW45ptFlLFk9obpG7aH8skBKcvx5smWv3jIenqMzdkFzQyHDfirhlNMCn8iFPWOJMmm1jMlDiRUCN0YqYkYxWHZ3R0qrq3G4Aru2LKLxKRdMw_b84f0aS-yuuM1LcnteLWlnSE2B9XOeQleB54t4tYhI6MWK8L3ZI5b6ZhWXuycB6wmaeyAJ3mi9Xend86sHpvfcHXGkzJ1I%3D&request_ab2=150120&zoneid=5902452&js_build=iclick-v1.778.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=981&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.778.2-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=89e0170e-d6b3-4803-8e5b-e5501d73cc58&userId=008048b037a2449df30f9a79142ab032&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=008048c13e194c9ee84fd76805ef3c80; oaidts=1713933036
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: application/json
x-trace-id: 815bf3b92fa4771d14281dfd4a0d3676
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008048b037a2449df30f9a79142ab032; expires=Thu, 24 Apr 2025 04:30:36 GMT; path=/; secure; SameSite=None
oaidts=1713933036; expires=Thu, 24 Apr 2025 04:30:36 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 01 May 2024 04:30:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrs751YRC6MqZH_C3hwfViStFu5q7gsOr99F8BgHxhVgKwGuVqfiDdTLz_tLTV2fOe884oJ0f-jzLEWN6Pk4mvadc-1XCkkn5C9lF9Oetd-0MNUligZjQuY9djao4c4wAaTSQ0dR6dWx_23v4Pk6vhqAP6pm672AKOxFLsVxex43EfnJPbjyDBbAIIy6D_iUpbRtInRLrHvmN5DH5zTOFLkYRNovCPO8geUkjtQQOduskt4PyKGfqcOeTjSjCWaKpumWuiHKiPYutlrLBmN7LMZHwY5DAe9o2-ipjy2WHZJH1-G4v9wBRDqBZLOK5sctZ-pIMywKPlJ0t-_ETdtRN3PUbSEcpes-JPNuFPLL3vYasRYPg3YfrKIxqNCBQfdP7lhDU4SHqhazlQpVZj4HX3K8kHsf0ue7L7sAyeOLi9wAmHtkwBCmoI9nq9M1Xi1Ne7SXjypjXy1mVcVkAsSX9Ja-7lrR5Aa3g5Ynto41D-TOb41nTA9SgG1K1mpjpSe1NQFaoWkwGkWfFLjpamrf3tfEQ%3D%3D | 176.9.41.14 | 200 OK | 13 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrs751YRC6MqZH_C3hwfViStFu5q7gsOr99F8BgHxhVgKwGuVqfiDdTLz_tLTV2fOe884oJ0f-jzLEWN6Pk4mvadc-1XCkkn5C9lF9Oetd-0MNUligZjQuY9djao4c4wAaTSQ0dR6dWx_23v4Pk6vhqAP6pm672AKOxFLsVxex43EfnJPbjyDBbAIIy6D_iUpbRtInRLrHvmN5DH5zTOFLkYRNovCPO8geUkjtQQOduskt4PyKGfqcOeTjSjCWaKpumWuiHKiPYutlrLBmN7LMZHwY5DAe9o2-ipjy2WHZJH1-G4v9wBRDqBZLOK5sctZ-pIMywKPlJ0t-_ETdtRN3PUbSEcpes-JPNuFPLL3vYasRYPg3YfrKIxqNCBQfdP7lhDU4SHqhazlQpVZj4HX3K8kHsf0ue7L7sAyeOLi9wAmHtkwBCmoI9nq9M1Xi1Ne7SXjypjXy1mVcVkAsSX9Ja-7lrR5Aa3g5Ynto41D-TOb41nTA9SgG1K1mpjpSe1NQFaoWkwGkWfFLjpamrf3tfEQ%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash5a5d0122d309f7ed2756ec0cdd0f538b 6798f1819d453624e8f3fa23ca3584ce295b0dbc 5de492cdfdf69968feea7e5230bd630b2f3f6eacfd72856f2601861592f6edd3
GET /imp?a=KnzF&e=gAAAAABmKIrs751YRC6MqZH_C3hwfViStFu5q7gsOr99F8BgHxhVgKwGuVqfiDdTLz_tLTV2fOe884oJ0f-jzLEWN6Pk4mvadc-1XCkkn5C9lF9Oetd-0MNUligZjQuY9djao4c4wAaTSQ0dR6dWx_23v4Pk6vhqAP6pm672AKOxFLsVxex43EfnJPbjyDBbAIIy6D_iUpbRtInRLrHvmN5DH5zTOFLkYRNovCPO8geUkjtQQOduskt4PyKGfqcOeTjSjCWaKpumWuiHKiPYutlrLBmN7LMZHwY5DAe9o2-ipjy2WHZJH1-G4v9wBRDqBZLOK5sctZ-pIMywKPlJ0t-_ETdtRN3PUbSEcpes-JPNuFPLL3vYasRYPg3YfrKIxqNCBQfdP7lhDU4SHqhazlQpVZj4HX3K8kHsf0ue7L7sAyeOLi9wAmHtkwBCmoI9nq9M1Xi1Ne7SXjypjXy1mVcVkAsSX9Ja-7lrR5Aa3g5Ynto41D-TOb41nTA9SgG1K1mpjpSe1NQFaoWkwGkWfFLjpamrf3tfEQ%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.31 | 200 OK | 310 kB |
IP143.204.55.31:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
Size310 kB (310487 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: teT0wtP-rF9Zs5Q6HwoCOh-i_NDKs5l754Zn68BnRSO8R4X10VVqww==
age: 1105130
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsrcc0Wz1K-hPuJ-39YTp6RCr4dxojkkwpP-h_bEACHtXWAwBIFX0cKxzez59ZfvFL_Z8dJkOy0GM2uPlRUVr81uz_gEYlnK_Z0T45Gp3ypaS1iYsEN-FSazy3UrfMF-ZJ__gTLDd_wEQdc7mZ6u60p6h025CqZpBlITrsYU9hJbickzIIVe2SWuy4ZrqXJ6A1ymgkBQg1U4dVL6VtHY5mseSB3g94GDIegwC99X-L5ZUjSoo8IBblajQMSGDJ5WWAMTMd0cb3hwWzwXQP59qcMowE-8H_261Dpi5qQPhBH97VKbNC63BKRfiqXf77sSN0wQndPi1kKvPPDCVyENR8jOmdsoe3yHc8n8AeNIyGC2kM0iNU1bQ0DlOOJIvtHO7d7f1wJ0kHVINiWSoroTXgZvZ-CdirkJgquoOIxBKe92mcRYoNEOn3jUCGYFfHLVszJ4eEmkL2cB-9oskJh5XEYG-RbocGazlQMX0JgB5L0zcHkuemSqRhbQ-WDUpW8Pb5qOyRyZe2V8XatS-U_XcSCg%3D%3D | 176.9.41.14 | 200 OK | 17 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsrcc0Wz1K-hPuJ-39YTp6RCr4dxojkkwpP-h_bEACHtXWAwBIFX0cKxzez59ZfvFL_Z8dJkOy0GM2uPlRUVr81uz_gEYlnK_Z0T45Gp3ypaS1iYsEN-FSazy3UrfMF-ZJ__gTLDd_wEQdc7mZ6u60p6h025CqZpBlITrsYU9hJbickzIIVe2SWuy4ZrqXJ6A1ymgkBQg1U4dVL6VtHY5mseSB3g94GDIegwC99X-L5ZUjSoo8IBblajQMSGDJ5WWAMTMd0cb3hwWzwXQP59qcMowE-8H_261Dpi5qQPhBH97VKbNC63BKRfiqXf77sSN0wQndPi1kKvPPDCVyENR8jOmdsoe3yHc8n8AeNIyGC2kM0iNU1bQ0DlOOJIvtHO7d7f1wJ0kHVINiWSoroTXgZvZ-CdirkJgquoOIxBKe92mcRYoNEOn3jUCGYFfHLVszJ4eEmkL2cB-9oskJh5XEYG-RbocGazlQMX0JgB5L0zcHkuemSqRhbQ-WDUpW8Pb5qOyRyZe2V8XatS-U_XcSCg%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash8806e6842982a12202c20cca195bf456 3b1b6aab5eb232f2d88fa56ec29441d5076911e3 0dd13f0458817c522947f64ce4f4d09571ece853aa7eefc7855cb0f018bb98c4
GET /imp?a=KnzF&e=gAAAAABmKIrsrcc0Wz1K-hPuJ-39YTp6RCr4dxojkkwpP-h_bEACHtXWAwBIFX0cKxzez59ZfvFL_Z8dJkOy0GM2uPlRUVr81uz_gEYlnK_Z0T45Gp3ypaS1iYsEN-FSazy3UrfMF-ZJ__gTLDd_wEQdc7mZ6u60p6h025CqZpBlITrsYU9hJbickzIIVe2SWuy4ZrqXJ6A1ymgkBQg1U4dVL6VtHY5mseSB3g94GDIegwC99X-L5ZUjSoo8IBblajQMSGDJ5WWAMTMd0cb3hwWzwXQP59qcMowE-8H_261Dpi5qQPhBH97VKbNC63BKRfiqXf77sSN0wQndPi1kKvPPDCVyENR8jOmdsoe3yHc8n8AeNIyGC2kM0iNU1bQ0DlOOJIvtHO7d7f1wJ0kHVINiWSoroTXgZvZ-CdirkJgquoOIxBKe92mcRYoNEOn3jUCGYFfHLVszJ4eEmkL2cB-9oskJh5XEYG-RbocGazlQMX0JgB5L0zcHkuemSqRhbQ-WDUpW8Pb5qOyRyZe2V8XatS-U_XcSCg%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| ittostart.us/cdn/s3/eecd9b0d-d01e-45e3-8479-a7a289774ae5-main.webp | 172.67.198.45 | 200 OK | 56 kB |
URL GET HTTP/3ittostart.us/cdn/s3/eecd9b0d-d01e-45e3-8479-a7a289774ae5-main.webp IP172.67.198.45:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1024x400, Scaling: [none]x[none], YUV color, decoders should clamp Hashddc0136c0023ee4f3d06fe4151a0deaa f6902c1902d67df16f08514d941079e9def4b5ff f4dd475ad3837acf99e92dad16a61be4ef17a5afae7e19f9d025f45af573aef4
GET /cdn/s3/eecd9b0d-d01e-45e3-8479-a7a289774ae5-main.webp HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/webp
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
last-modified: Wed, 24 Apr 2024 04:23:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FSHFV1agGHnx6vLMEyPcynjPtM5sX%2F2GAIIYWGyvkhUQi4nwOI5ExGUNPuwLZ%2BKRGar%2FI65l8RI5%2Bz%2BkLME7CHe6EWkUbWh5y%2BF%2FUCsMajMzRaJ4XHW3gLk22n9YyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be6aea2b503-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/locale/ru.js | 104.22.71.197 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omOH0D%2F%2FbKHbCJPkdNmLfR8%2BzGCPnitB9qv%2F66TMRKWDY7WyIUiVT7HFQW6m1QLfULBGPLFPNRFippED1ZfGEJ8HPMogoHiqn6R2bStWoCkRRt1L3MFsSrtt9TCP4czTv5ufndQp5aJnB7rzqZAxu%2Bme"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9944
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ba021d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrs5EzdBy4srUMp0HAoqQgzIiG3LjGKkWGcbZCCBabphA6EPjVoluRFEpf5payp1qyrbB0LE9JaQyflomh3UwaY_XssB3OrujFiDMf5KeD3pS3cDD_y_s_GArcImbLnNFL-GPmFctyuU87pZ9PaiHh8NEbYYrrZGFmj3PU3-T7vf4-OzQLU6AjtLjnGXX2GnAMm7DAx6de814yQ95mjBMGr2mjLRB3c-ft_JdQelonCa3-vAc2Qla4C0rnMXXXRQib4hIwnt9tFJVIkwGS6Bp33gRRrC7faFyg-cSuzvkD8H_Ki9Fi5gUUPpttA1TirXSAZsjNsK0koMhqIeF6ZlauIiYhUI_tWTRGqc0wlZEGexInjwzcecguwXgVVXTaP1-3InX-gezy2biK-i2GvPyBHlyPTxgV6nwLgljXyhHo03OSGLNlEd90_LaZB5QJvq0qdFSyfxAQOwG0gZ4-TpAmQxA3L9j4plxBOa0AWX3ICSgotSEh4cngvJdKhMQFN2O3x63tVfm1obfpSxkQetPLcfQ%3D%3D | 176.9.41.14 | 200 OK | 14 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrs5EzdBy4srUMp0HAoqQgzIiG3LjGKkWGcbZCCBabphA6EPjVoluRFEpf5payp1qyrbB0LE9JaQyflomh3UwaY_XssB3OrujFiDMf5KeD3pS3cDD_y_s_GArcImbLnNFL-GPmFctyuU87pZ9PaiHh8NEbYYrrZGFmj3PU3-T7vf4-OzQLU6AjtLjnGXX2GnAMm7DAx6de814yQ95mjBMGr2mjLRB3c-ft_JdQelonCa3-vAc2Qla4C0rnMXXXRQib4hIwnt9tFJVIkwGS6Bp33gRRrC7faFyg-cSuzvkD8H_Ki9Fi5gUUPpttA1TirXSAZsjNsK0koMhqIeF6ZlauIiYhUI_tWTRGqc0wlZEGexInjwzcecguwXgVVXTaP1-3InX-gezy2biK-i2GvPyBHlyPTxgV6nwLgljXyhHo03OSGLNlEd90_LaZB5QJvq0qdFSyfxAQOwG0gZ4-TpAmQxA3L9j4plxBOa0AWX3ICSgotSEh4cngvJdKhMQFN2O3x63tVfm1obfpSxkQetPLcfQ%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash6bbb4067151f473d8af2e722f4ee99c8 ea2d2d6b10a0dd42627dd94150592da2f819339e cf74c609c512355b2777c75f84407da09c3a264021f3757b4785349bbe466915
GET /imp?a=KnzF&e=gAAAAABmKIrs5EzdBy4srUMp0HAoqQgzIiG3LjGKkWGcbZCCBabphA6EPjVoluRFEpf5payp1qyrbB0LE9JaQyflomh3UwaY_XssB3OrujFiDMf5KeD3pS3cDD_y_s_GArcImbLnNFL-GPmFctyuU87pZ9PaiHh8NEbYYrrZGFmj3PU3-T7vf4-OzQLU6AjtLjnGXX2GnAMm7DAx6de814yQ95mjBMGr2mjLRB3c-ft_JdQelonCa3-vAc2Qla4C0rnMXXXRQib4hIwnt9tFJVIkwGS6Bp33gRRrC7faFyg-cSuzvkD8H_Ki9Fi5gUUPpttA1TirXSAZsjNsK0koMhqIeF6ZlauIiYhUI_tWTRGqc0wlZEGexInjwzcecguwXgVVXTaP1-3InX-gezy2biK-i2GvPyBHlyPTxgV6nwLgljXyhHo03OSGLNlEd90_LaZB5QJvq0qdFSyfxAQOwG0gZ4-TpAmQxA3L9j4plxBOa0AWX3ICSgotSEh4cngvJdKhMQFN2O3x63tVfm1obfpSxkQetPLcfQ%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| js.onclckmn.com/static/onclicka.js | 45.133.44.52 | 200 OK | 1.7 kB |
URL GET HTTP/2js.onclckmn.com/static/onclicka.js IP45.133.44.52:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectjs.onclckmn.com Fingerprint10:85:AB:08:CF:9B:1C:30:B8:E8:90:C1:5A:1C:05:88:96:F7:2C:77 ValiditySun, 25 Feb 2024 03:00:38 GMT - Sat, 25 May 2024 03:00:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1886), with no line terminators Hash0d8e9eb897ac45d1e8228d70a2826bc7 0bf8815cb789c0821db5286a8de73fe2d06e02d5 8534f45f2fc3c1e92696729e5432e08aac34ba4586c5d307e5bffb7b8eb64622
GET /static/onclicka.js HTTP/1.1
Host: js.onclckmn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 23 Apr 2024 09:45:14 GMT
etag: W/"6627832a-6c6"
content-encoding: gzip
expires: Wed, 24 Apr 2024 04:35:36 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| veepteero.com/?rb=aExLtei2mNTAToZiZ7zm4iiWFxDm1d5L2HCaMS4IaQhjS2ycHg7vh5bzbc_g89c6Hlq1x1hy_lBPYswPlUVTJvcg1zxJ36gNZWKMYglvXcyUF69V2Rcn01Xcf4KpIVUA-iMI7Xjo43LX2l0nKkOMRlJQBjc6BmTZsDzAD8B5GDUh_p788sDTucmkfMzd91G-MC-RqHVmdEDPnTW8wyX_YD5WPjBhsZFi-lYMQwoI17uvi_BcPZ3ZzTrdTLMnUsrS_-l8NA%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.778.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.778.2-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=86b58672-6ff9-4775-8d9b-cc2a0eaa4173&userId=008048b037a2449df30f9a79142ab032&m=link | 139.45.197.242 | 200 OK | 2.4 kB |
URL GET HTTP/2veepteero.com/?rb=aExLtei2mNTAToZiZ7zm4iiWFxDm1d5L2HCaMS4IaQhjS2ycHg7vh5bzbc_g89c6Hlq1x1hy_lBPYswPlUVTJvcg1zxJ36gNZWKMYglvXcyUF69V2Rcn01Xcf4KpIVUA-iMI7Xjo43LX2l0nKkOMRlJQBjc6BmTZsDzAD8B5GDUh_p788sDTucmkfMzd91G-MC-RqHVmdEDPnTW8wyX_YD5WPjBhsZFi-lYMQwoI17uvi_BcPZ3ZzTrdTLMnUsrS_-l8NA%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.778.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.778.2-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=86b58672-6ff9-4775-8d9b-cc2a0eaa4173&userId=008048b037a2449df30f9a79142ab032&m=link IP139.45.197.242:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2377), with no line terminators Hash0a2160969e74dab3ba28811aeee9fc8a 8a82067aeed81af373caba4ad065e833acbc57d9 0c96c41f4c3c3d8ee124f547f47ce9294dc855fcc7719ed15fb60e73d2db4be2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=aExLtei2mNTAToZiZ7zm4iiWFxDm1d5L2HCaMS4IaQhjS2ycHg7vh5bzbc_g89c6Hlq1x1hy_lBPYswPlUVTJvcg1zxJ36gNZWKMYglvXcyUF69V2Rcn01Xcf4KpIVUA-iMI7Xjo43LX2l0nKkOMRlJQBjc6BmTZsDzAD8B5GDUh_p788sDTucmkfMzd91G-MC-RqHVmdEDPnTW8wyX_YD5WPjBhsZFi-lYMQwoI17uvi_BcPZ3ZzTrdTLMnUsrS_-l8NA%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.778.2-auto&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.778.2-auto&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=86b58672-6ff9-4775-8d9b-cc2a0eaa4173&userId=008048b037a2449df30f9a79142ab032&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: application/json
x-trace-id: 6cec62ebad790ffbc22566cc85b7c21e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008048b037a2449df30f9a79142ab032; expires=Thu, 24 Apr 2025 04:30:35 GMT; path=/; secure; SameSite=None
oaidts=1713933035; expires=Thu, 24 Apr 2025 04:30:35 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 01 May 2024 04:30:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 104.21.11.245 | 200 OK | 19 kB |
IP104.21.11.245:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1280
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kr9mWw5oAzRu%2FM7zooleVCadaEhbycc5oKMb95p48M2ILcZ776wZWwebV%2FBn8pUimfeEqGd5m1JDtV4ISs2oC9uZ%2FvKVfrfrvFZ1DIapmGqBBfK%2FJO4XLZzclnlnHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be2acd07131-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/LrfK7A3.js | 135.181.208.216 | 200 OK | 239 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
Size239 kB (239297 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /LrfK7A3.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tiktokaukey.com/cdn/s3/862fd0ff-4d73-41c1-a21a-8fab62501f86-main.webp | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3tiktokaukey.com/cdn/s3/862fd0ff-4d73-41c1-a21a-8fab62501f86-main.webp IP188.114.96.1:443
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerGoogle Trust Services LLC Subjecttiktokaukey.com Fingerprint67:70:DB:05:B4:F0:94:45:9B:83:DE:93:A4:7E:74:26:33:11:26:A9 ValidityFri, 15 Mar 2024 10:57:31 GMT - Thu, 13 Jun 2024 10:57:30 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 626x400, Scaling: [none]x[none], YUV color, decoders should clamp Hash663313bb058903ab12e375079082a8b7 529644d42826341a6621e49c010887574a3ab6c3 ea4632c7829ae50c6c69389c4f84faead7445d60da1b843cfd2e5588f46b8371
GET /cdn/s3/862fd0ff-4d73-41c1-a21a-8fab62501f86-main.webp HTTP/1.1
Host: tiktokaukey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/?utm_source=ds
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: image/webp
cache-control: max-age=14400
cf-cache-status: HIT
age: 3273
last-modified: Wed, 24 Apr 2024 03:36:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLtKBIDFiRj8J7FeIBV8iCtosFkIl9yD9ZGCq4wsTmwdPiecOKL7VhhaVOG65WOWFRMr%2BYA525cnqu2OwFdjqxOwGO3rKsPUS1ryZGQAH8YReFObt6X1Lyti%2BsQkxA1L8X8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be1fefc56c4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 104.22.71.197 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYrsgubd1QERqKDZJSE7ywoyVEYDX%2FUfqwie1zhk5KCK0AsBFZbUIonNn3S9IyOwGLwQWgaN%2Fd9OWmOzJ%2FaVsfev%2BWgkpeYn4BgDHXkT06Lv0gWn%2BR631l%2Bb6sp5koPXRKLYRTPm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11534
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87935bd0ca0d1d02-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-29645"
expires: Fri, 24 May 2024 04:23:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eTPf6CWLbL52YGNORLPQAWVnEtQEn36TPfZVf5I7JC4aDho7G0uqiUHKa8KJ1aoL0wZfBQDucCQbitjiLljV7lwZYnS1hG88YOOhWrBH%2Bs7J7Hhh8ZvhLold6maAxwjl0n2v35ZuawQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bce3f51b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adeumssp.com/get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=tiktokaukey.com_ds&pi= | 168.119.90.97 | 200 OK | 8.3 kB |
URL GET HTTP/2adeumssp.com/get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=tiktokaukey.com_ds&pi= IP168.119.90.97:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjectadeumssp.com FingerprintCF:57:03:F6:85:6B:B5:C2:A2:01:55:E8:DA:5B:A2:A7:C0:DC:D2:38 ValidityMon, 22 May 2023 00:00:00 GMT - Sat, 08 Jun 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (8722), with no line terminators Hash38d5e3fae9339505b0339a5b0377741f 012f7812bc6ea9d962c1a304c092ed57098b7e70 d2c5f6879616699f308041ac456d56f980729b3182fa2aa4dff59a16d7b5087a
GET /get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=tiktokaukey.com_ds&pi= HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tiktokaukey.com
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.97.1 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5129
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhLss3T6T7Wqsqe6J2T0MhPpjD77g5AIJQTegiD2RRWsWRTmmb7vY%2FiUuRkijAzOglidqGouRwv9J%2FEOQ%2BO9B8ov3uyvxGLgkZL4gNs4XhLNH9oy%2BvSgH%2F%2FC9asJ2tCa5Lg3wuENlmli"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bcf6cff56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ittostart.us/assets/css/styles.css?v=893011da | 172.67.198.45 | 200 OK | 11 kB |
URL GET HTTP/3ittostart.us/assets/css/styles.css?v=893011da IP172.67.198.45:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeASCII text, with CRLF line terminators Hashd3df1cf626eeb9c5934015c39d316d86 3ec8f6ce00c8f53a099260a732ddd187215158ca 893011dae859f658f350106ad7a30cd70cd7bb65546eb3aa1930bbe15026f452
GET /assets/css/styles.css?v=893011da HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/?utm_source=ds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:51:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HbWjLOFuywMzFdakGfNTdLT4fInWh3n45umJXPB9C3EmXWismTH%2Fb4eA8XA71Qgdjn6bVm76EiJbJyzF1eHQHOUXB0SveXvTgAehIlcsbk1AgypUaOEikbhih1SIVWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be69e94b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-1762a"
expires: Fri, 24 May 2024 04:20:38 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css | 188.114.96.1 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css IP188.114.96.1:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:33 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:46 GMT
etag: W/"65bbb0f2-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 513156
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wxXLBzJ%2Bn%2Bti%2Fe8l%2BQoX9bgL5w%2BopnU8wvUgJZSuE4ZKGxv3%2BzfM3uTjzcQUJNfR6b5P47MA9PDWs9roBsBKnCR4yvGPhQ4l548gDnZF%2ByLygWOUW1hlg3p07WE1fpWmbFITTzC8xd9N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935bd57bf15695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=173354 | 135.181.208.216 | 200 OK | 638 B |
URL GET HTTP/2tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=173354 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (774), with no line terminators Hashe0ea3841aced67ecc95142df210871f0 9fb844134ea1a0aac0df6dcfe149354943648f53 95e0280e4fe3025d4b11192ef760a0e12a359e360e4f59516ba4bc9bcc34a486
GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-f5cgsbviqpdn.html&sid=f8e98660-2b2c-4c63-bd6d-abd215a7aa01&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=173354 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=WzaxGbT0Bz8qhpclqQw8; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| aistekso.net/401/5708419?oo=1&oaid=008048b037a2449df30f9a79142ab032&sw_version=v1.337.0 | 139.45.197.244 | 200 OK | 2.4 kB |
URL GET HTTP/2aistekso.net/401/5708419?oo=1&oaid=008048b037a2449df30f9a79142ab032&sw_version=v1.337.0 IP139.45.197.244:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2561), with no line terminators Hashf8d95d948e2d97d3c5e2f8c03ffec732 bb7dfcc6ec7d360ae06d3353e1c49d2c69ca1ea7 69f8a74d326c735271dcaa4f0a736bb3e0af45d555fa32c1334f177ae905ea11
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/5708419?oo=1&oaid=008048b037a2449df30f9a79142ab032&sw_version=v1.337.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: OAID=030048574c3a4e6fe9ebc924e71c46ae
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: application/json
x-trace-id: 32c4fe22aa032dc12617e666b3654216
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://videzz.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=008048b037a2449df30f9a79142ab032; expires=Thu, 24 Apr 2025 04:30:35 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ittostart.us/libs/css/bootstrap.min.css?v=a6451ef2 | 172.67.198.45 | 200 OK | 6.4 kB |
URL GET HTTP/3ittostart.us/libs/css/bootstrap.min.css?v=a6451ef2 IP172.67.198.45:443
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeASCII text, with very long lines (6463), with no line terminators Hashe6d90ae338c7148586c155402fd3e46c bd35baea2a82070101088d6bd7928c3b85cd1614 1c6551c66a05617d88e59b768d52f2bbfbbe13f50e70be9ca1a98962aa0e47d8
GET /libs/css/bootstrap.min.css?v=a6451ef2 HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/?utm_source=ds
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 12:51:59 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 444
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDVt21t1dNTGDIo6v%2B8B%2FXM41uAEz0aHwd0W463RiDJv4JzbYP96rvC43N58gNPGKWg8w61xi3OlM1SRllkFBnaGtOkCXpzEoG7me7ZrhPQPWC2EfKVDOUy8rmxfcXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87935be69e99b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-26cb6"
expires: Fri, 24 May 2024 04:20:38 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| tidyllama.com/click?a=AZpa&e=gAAAAABmKIrpimHieThsod1kyrj7Ig8EoTm0EwwKUozKRD097s--RMxDD7rg-fMbU_dpDRSoDuLZmUHK5fe-Q4-woWahmvsHQCXJxTrSCGV22jZqj2BSYJGkD2EroOpSlVGoPv6ZJ2ZPgKatJwW1MdmOeuMCwH3n-7h5lKbi5h1gY2mBqZAL-cGTNVbTR71SzAQ2Qa02e9nuE9rBYGnY3rOQsgdYXn3rDfggqaU7DbrMy1ytXcf2gC7x0WpfNfMuZwIzRE3-o5mjSixs4kSe_FCpAdhDZrYgWuzvDukoOznCkWSlSDryvPN7OLSoxz3RRoLVOrLw6oL-RyJkdH7GuPb2Tza3opS5Ny3jNCsWBYO-TosgZPdvlKGycQZ3yHAQOnMay3Efz68rxxV7INSBdByGqMZLrDQLsLpAa0y8StJ0mUQkPNsNnDHdlizhGYczMZNwfPwB1KhfuCk6P-FfzZZU-OLu6NDZUAqcIN4M_vaOHRHCOzHVpSfCmTazdKR81Mq4xSDSK4o40APEah2J1XSWPd1kypLUZpdW1kFTa6CVG6Grxv5OSi53D0humoEdHBf8-01GFp4Oby4iJQBtK_FvyLqh5EvVlw%3D%3D | 176.9.41.14 | 200 OK | 3.7 kB |
URL GET HTTP/2tidyllama.com/click?a=AZpa&e=gAAAAABmKIrpimHieThsod1kyrj7Ig8EoTm0EwwKUozKRD097s--RMxDD7rg-fMbU_dpDRSoDuLZmUHK5fe-Q4-woWahmvsHQCXJxTrSCGV22jZqj2BSYJGkD2EroOpSlVGoPv6ZJ2ZPgKatJwW1MdmOeuMCwH3n-7h5lKbi5h1gY2mBqZAL-cGTNVbTR71SzAQ2Qa02e9nuE9rBYGnY3rOQsgdYXn3rDfggqaU7DbrMy1ytXcf2gC7x0WpfNfMuZwIzRE3-o5mjSixs4kSe_FCpAdhDZrYgWuzvDukoOznCkWSlSDryvPN7OLSoxz3RRoLVOrLw6oL-RyJkdH7GuPb2Tza3opS5Ny3jNCsWBYO-TosgZPdvlKGycQZ3yHAQOnMay3Efz68rxxV7INSBdByGqMZLrDQLsLpAa0y8StJ0mUQkPNsNnDHdlizhGYczMZNwfPwB1KhfuCk6P-FfzZZU-OLu6NDZUAqcIN4M_vaOHRHCOzHVpSfCmTazdKR81Mq4xSDSK4o40APEah2J1XSWPd1kypLUZpdW1kFTa6CVG6Grxv5OSi53D0humoEdHBf8-01GFp4Oby4iJQBtK_FvyLqh5EvVlw%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (3889), with no line terminators Hash4eaafae8b5338bbdd3d9e6c772adafda badff7d96b997554324f46383fef7c5c32c1e534 1f472e28a77535ffa5561c6a9969cbffc9644b5c2d2d5933443c48b8b1e7d55a
GET /click?a=AZpa&e=gAAAAABmKIrpimHieThsod1kyrj7Ig8EoTm0EwwKUozKRD097s--RMxDD7rg-fMbU_dpDRSoDuLZmUHK5fe-Q4-woWahmvsHQCXJxTrSCGV22jZqj2BSYJGkD2EroOpSlVGoPv6ZJ2ZPgKatJwW1MdmOeuMCwH3n-7h5lKbi5h1gY2mBqZAL-cGTNVbTR71SzAQ2Qa02e9nuE9rBYGnY3rOQsgdYXn3rDfggqaU7DbrMy1ytXcf2gC7x0WpfNfMuZwIzRE3-o5mjSixs4kSe_FCpAdhDZrYgWuzvDukoOznCkWSlSDryvPN7OLSoxz3RRoLVOrLw6oL-RyJkdH7GuPb2Tza3opS5Ny3jNCsWBYO-TosgZPdvlKGycQZ3yHAQOnMay3Efz68rxxV7INSBdByGqMZLrDQLsLpAa0y8StJ0mUQkPNsNnDHdlizhGYczMZNwfPwB1KhfuCk6P-FfzZZU-OLu6NDZUAqcIN4M_vaOHRHCOzHVpSfCmTazdKR81Mq4xSDSK4o40APEah2J1XSWPd1kypLUZpdW1kFTa6CVG6Grxv5OSi53D0humoEdHBf8-01GFp4Oby4iJQBtK_FvyLqh5EvVlw%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 42 kB |
URL GET HTTP/2videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-f5cgsbviqpdn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 24 Apr 2024 04:30:31 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:24 GMT
vary: Accept-Encoding
etag: W/"66163908-a554"
expires: Fri, 24 May 2024 04:20:41 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashf80bebf9471a9840ef5768e8c6b26672 164896726fce06ed3a1b8cbed00ab7c0493b6d24 5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:32 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAj9bBy8VFWleYxcuQusqamZDuEVsGXEZnKD82qZZcZUIP1mTuadJQGrf9I0WKipmmRB%2B5jXxS%2FtwjXbtu0cWebGV9yfks6uAH%2Fk9d9OViwsmqpluGDyqhuY86RtCfKm1PLc9wmq0mk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87935bce4f6bb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrs_tokJq38dZLE9vOtHqLnTs8Vw6rNS7TV1LjMw72v-9-LQGLvklMqhFjqXYI4aG7AUZoABCTamGUMclM7h0VG7kCGs-ICEUjBdaVXEUjgwO306HR-ofhvLHJa7AUnMzCaO_iQFeU9amfXyXWTUwWSbr0J_CE0bk6WWJCrRqG2DV1dFlip1OL4K7m7kST-mIPQ6EpNinG_tw4I32QAzByjERzIePK78bgoF-SgsV2cXNgxnlY7RFvLemMYuLZijXIYYEgTdSq241sydVmooxLzLesuSWIWfZnMWcG4LQIEedPoDP4YE3PdL6dhTvmGLWZTjq5U_eLVcYjTkaHKru39pL4EwpafQeGex6-a73qK3oSDeLLJpxQYftDEUcDvOtYcmiWzxbR6hjUIF_jsUyacQJWUDDfyFDzU1BwUIOovbjemcKikiKEviBzA5Rw9SfNpWUt7PY23J_65BGcmjXf55exuhE5TlYcyemy9Gw6dAl6uSz7pITci0CPrMwmdgL0oQm8BmGDZhknoFOFvD0FfIQry4hUJdq9QZCdSJt3cQdI%3D | 176.9.41.14 | 200 OK | 6.3 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrs_tokJq38dZLE9vOtHqLnTs8Vw6rNS7TV1LjMw72v-9-LQGLvklMqhFjqXYI4aG7AUZoABCTamGUMclM7h0VG7kCGs-ICEUjBdaVXEUjgwO306HR-ofhvLHJa7AUnMzCaO_iQFeU9amfXyXWTUwWSbr0J_CE0bk6WWJCrRqG2DV1dFlip1OL4K7m7kST-mIPQ6EpNinG_tw4I32QAzByjERzIePK78bgoF-SgsV2cXNgxnlY7RFvLemMYuLZijXIYYEgTdSq241sydVmooxLzLesuSWIWfZnMWcG4LQIEedPoDP4YE3PdL6dhTvmGLWZTjq5U_eLVcYjTkaHKru39pL4EwpafQeGex6-a73qK3oSDeLLJpxQYftDEUcDvOtYcmiWzxbR6hjUIF_jsUyacQJWUDDfyFDzU1BwUIOovbjemcKikiKEviBzA5Rw9SfNpWUt7PY23J_65BGcmjXf55exuhE5TlYcyemy9Gw6dAl6uSz7pITci0CPrMwmdgL0oQm8BmGDZhknoFOFvD0FfIQry4hUJdq9QZCdSJt3cQdI%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://tiktokaukey.com/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hashc3a8873e657d0c5fc03c0f1c3756759a 288890ae66f2b3fc93e7ebbb26ef19dbafea4d78 3d2ba065521a95cc7e8c52f90c23f25ee83d0843658e9ccda86fdc224bc5f611
GET /imp?a=KnzF&e=gAAAAABmKIrs_tokJq38dZLE9vOtHqLnTs8Vw6rNS7TV1LjMw72v-9-LQGLvklMqhFjqXYI4aG7AUZoABCTamGUMclM7h0VG7kCGs-ICEUjBdaVXEUjgwO306HR-ofhvLHJa7AUnMzCaO_iQFeU9amfXyXWTUwWSbr0J_CE0bk6WWJCrRqG2DV1dFlip1OL4K7m7kST-mIPQ6EpNinG_tw4I32QAzByjERzIePK78bgoF-SgsV2cXNgxnlY7RFvLemMYuLZijXIYYEgTdSq241sydVmooxLzLesuSWIWfZnMWcG4LQIEedPoDP4YE3PdL6dhTvmGLWZTjq5U_eLVcYjTkaHKru39pL4EwpafQeGex6-a73qK3oSDeLLJpxQYftDEUcDvOtYcmiWzxbR6hjUIF_jsUyacQJWUDDfyFDzU1BwUIOovbjemcKikiKEviBzA5Rw9SfNpWUt7PY23J_65BGcmjXf55exuhE5TlYcyemy9Gw6dAl6uSz7pITci0CPrMwmdgL0oQm8BmGDZhknoFOFvD0FfIQry4hUJdq9QZCdSJt3cQdI%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktokaukey.com/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsDlUR33_8mOaeYIdF51nrSkrUj_2-YGCndTD-wMe3AC64iIRnwzsFAbvBPrHH8BNA7YUr0hDBVTVvmH6eL9r8KNWi7uHghKAONaQVygKL5Yj79J-wQrqtHRwmmATLHYLstscvjmkQddwrRAKbCWeslsyBDRpHP0Rb2KS3oSftmn4FIt2nxDZqcV2QDhGuYPDFpLoNkQjD_i77t-nrFP2TyHOLfXmxYKdg3TC4IQBolD52AH-akSRwbgmKPI9GesYzzBvWat_o3Qe-fe80-oGRrGauTs6LWRgnFMlWfI5yVuGPsjmOOaPLZGAaW72xojcnbqgTIys1eNZ2Fd7ed5nK_fnUc5Rg-Shoc9b7LotjBMW9wGzYHYHJixjzDURaUe_9HfNaBDSRPkEBRy_zEpkKA9EvBBU1NdM6SDUZMjfze7j18G8po3t6yvdmdfE3QWn1ak0HKiH33uV5UFLyFZChUXm87r_TgUna-vbyQ5BKX5gruYhtUcvLFYPMKFpYRRxk3EWpY7Yz6CVkI99gmUEPbQ%3D%3D | 176.9.41.14 | 200 OK | 13 kB |
URL GET HTTP/2tidyllama.com/imp?a=KnzF&e=gAAAAABmKIrsDlUR33_8mOaeYIdF51nrSkrUj_2-YGCndTD-wMe3AC64iIRnwzsFAbvBPrHH8BNA7YUr0hDBVTVvmH6eL9r8KNWi7uHghKAONaQVygKL5Yj79J-wQrqtHRwmmATLHYLstscvjmkQddwrRAKbCWeslsyBDRpHP0Rb2KS3oSftmn4FIt2nxDZqcV2QDhGuYPDFpLoNkQjD_i77t-nrFP2TyHOLfXmxYKdg3TC4IQBolD52AH-akSRwbgmKPI9GesYzzBvWat_o3Qe-fe80-oGRrGauTs6LWRgnFMlWfI5yVuGPsjmOOaPLZGAaW72xojcnbqgTIys1eNZ2Fd7ed5nK_fnUc5Rg-Shoc9b7LotjBMW9wGzYHYHJixjzDURaUe_9HfNaBDSRPkEBRy_zEpkKA9EvBBU1NdM6SDUZMjfze7j18G8po3t6yvdmdfE3QWn1ak0HKiH33uV5UFLyFZChUXm87r_TgUna-vbyQ5BKX5gruYhtUcvLFYPMKFpYRRxk3EWpY7Yz6CVkI99gmUEPbQ%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://ittostart.us/?utm_source=ds CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 199x199, components 3 Hash5a5d0122d309f7ed2756ec0cdd0f538b 6798f1819d453624e8f3fa23ca3584ce295b0dbc 5de492cdfdf69968feea7e5230bd630b2f3f6eacfd72856f2601861592f6edd3
GET /imp?a=KnzF&e=gAAAAABmKIrsDlUR33_8mOaeYIdF51nrSkrUj_2-YGCndTD-wMe3AC64iIRnwzsFAbvBPrHH8BNA7YUr0hDBVTVvmH6eL9r8KNWi7uHghKAONaQVygKL5Yj79J-wQrqtHRwmmATLHYLstscvjmkQddwrRAKbCWeslsyBDRpHP0Rb2KS3oSftmn4FIt2nxDZqcV2QDhGuYPDFpLoNkQjD_i77t-nrFP2TyHOLfXmxYKdg3TC4IQBolD52AH-akSRwbgmKPI9GesYzzBvWat_o3Qe-fe80-oGRrGauTs6LWRgnFMlWfI5yVuGPsjmOOaPLZGAaW72xojcnbqgTIys1eNZ2Fd7ed5nK_fnUc5Rg-Shoc9b7LotjBMW9wGzYHYHJixjzDURaUe_9HfNaBDSRPkEBRy_zEpkKA9EvBBU1NdM6SDUZMjfze7j18G8po3t6yvdmdfE3QWn1ak0HKiH33uV5UFLyFZChUXm87r_TgUna-vbyQ5BKX5gruYhtUcvLFYPMKFpYRRxk3EWpY7Yz6CVkI99gmUEPbQ%3D%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Cookie: a=AZyuSDZwIWccZHdaRugXGW19AVhT6c2N; token_QvBxAQAAAAAAIH3eZ402e6l1OOA28yhUKsSF8Bo=BAYAZiiK6wFmKIrsgAGBAcAAIBn9Ho171YAnK0v0D7GnXPEV7Q8537u8jePeLLilMeIlwQAgHsO3GI-kFWcxQ9eHb98YDA8B4kbJ3Fxq0VR4Hgcr0wE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:36 GMT
content-type: image/jpeg
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| guardedrook.cc/click?a=AZpa&e=gAAAAABmKIrpF9afuIotygsAkpG20EAhQRE0ubfCY_rK7h9klB9rTm_Im8rtiR6YhRlBdPPr5I2GEaC0vD4ERyc1NQXlxezx0At9Cr3JKhlCaK7HvqRMtNfZh9G3sRszE0dypfGWdRkzszLwnwnfioHWxQLOdKslAKTZXoLJgCjQQJKjZoI6Y5S2onddg5TuQ7FenJHrGr87JycB4BhXeFpiynAynHdV2CEhxAEdP55XopCDmqCRbtfCa__6vAns0nsRLdIlQwB_C6YHK60W6K1eeQOB3YT5LwH84aoZ1ExAQ_Cv54HcaMSKYcUy19UIgOLT1L5ZPzPWHa_obq8ugPkdXewKlVpgh6rhpKdYoykB-P4IT0bQRECYtvLd7RrRuOqszTKOTMOt753SZoHL0w1HFkDnHFsqmIDxaD4xjFHNc1clGIjhdE19qZK0cAFI2OmvxwOed-xq-l11vS8zWCCIi0x67l8NOwogzdO67GjHY1KNjHRrceliOXnY7NNB9KYY3YlA8jZrWr81JRK-HOmAwHx59vjfhR6q1C7BhH2qkwklNeAEABJZ7JEVSM1s3S1BATUrFzXZ0RSwGZK9bvOiqEXhPNyhFQ%3D%3D | 176.9.41.14 | 200 OK | 2.7 kB |
URL GET HTTP/2guardedrook.cc/click?a=AZpa&e=gAAAAABmKIrpF9afuIotygsAkpG20EAhQRE0ubfCY_rK7h9klB9rTm_Im8rtiR6YhRlBdPPr5I2GEaC0vD4ERyc1NQXlxezx0At9Cr3JKhlCaK7HvqRMtNfZh9G3sRszE0dypfGWdRkzszLwnwnfioHWxQLOdKslAKTZXoLJgCjQQJKjZoI6Y5S2onddg5TuQ7FenJHrGr87JycB4BhXeFpiynAynHdV2CEhxAEdP55XopCDmqCRbtfCa__6vAns0nsRLdIlQwB_C6YHK60W6K1eeQOB3YT5LwH84aoZ1ExAQ_Cv54HcaMSKYcUy19UIgOLT1L5ZPzPWHa_obq8ugPkdXewKlVpgh6rhpKdYoykB-P4IT0bQRECYtvLd7RrRuOqszTKOTMOt753SZoHL0w1HFkDnHFsqmIDxaD4xjFHNc1clGIjhdE19qZK0cAFI2OmvxwOed-xq-l11vS8zWCCIi0x67l8NOwogzdO67GjHY1KNjHRrceliOXnY7NNB9KYY3YlA8jZrWr81JRK-HOmAwHx59vjfhR6q1C7BhH2qkwklNeAEABJZ7JEVSM1s3S1BATUrFzXZ0RSwGZK9bvOiqEXhPNyhFQ%3D%3D IP176.9.41.14:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-f5cgsbviqpdn.html CertificateIssuerSectigo Limited Subjectguardedrook.cc Fingerprint54:D0:8D:41:7C:EA:FA:B5:33:A5:D1:BF:F4:DE:48:07:14:5A:2E:B1 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2794), with no line terminators Hasha5af5ad64e6a1b14c9007271bd321372 ce75f2b7e7c03c502bab891b1b3173d685b12dbf 8a927abd758ca1acadc79e367c21e901a3f1d43c67bd3cc1e4512c808be4aa3b
GET /click?a=AZpa&e=gAAAAABmKIrpF9afuIotygsAkpG20EAhQRE0ubfCY_rK7h9klB9rTm_Im8rtiR6YhRlBdPPr5I2GEaC0vD4ERyc1NQXlxezx0At9Cr3JKhlCaK7HvqRMtNfZh9G3sRszE0dypfGWdRkzszLwnwnfioHWxQLOdKslAKTZXoLJgCjQQJKjZoI6Y5S2onddg5TuQ7FenJHrGr87JycB4BhXeFpiynAynHdV2CEhxAEdP55XopCDmqCRbtfCa__6vAns0nsRLdIlQwB_C6YHK60W6K1eeQOB3YT5LwH84aoZ1ExAQ_Cv54HcaMSKYcUy19UIgOLT1L5ZPzPWHa_obq8ugPkdXewKlVpgh6rhpKdYoykB-P4IT0bQRECYtvLd7RrRuOqszTKOTMOt753SZoHL0w1HFkDnHFsqmIDxaD4xjFHNc1clGIjhdE19qZK0cAFI2OmvxwOed-xq-l11vS8zWCCIi0x67l8NOwogzdO67GjHY1KNjHRrceliOXnY7NNB9KYY3YlA8jZrWr81JRK-HOmAwHx59vjfhR6q1C7BhH2qkwklNeAEABJZ7JEVSM1s3S1BATUrFzXZ0RSwGZK9bvOiqEXhPNyhFQ%3D%3D HTTP/1.1
Host: guardedrook.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:30:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|