| cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.24.14 | 200 OK | 867 B |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.24.14:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (4034) Hash0680879d9be8b73e90cf1ed3de2724e1 e338268ddd73ef607dbbca2ff375867972f66353 5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857
GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4257843
expires: Tue, 08 Apr 2025 06:37:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k1RU%2BIj41eQPkINNPv0N3pazQFwglaGJ%2FjJZKL1nTRjRPYOhyMFAZeFmVOpTN97gJkxzv2KmGnUYopz6SW1UHa1JTtqCSE8oVuq3ky2eAATAkVWOsj3UXWawd%2FbJtR87uNELnE4Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762a6087f730b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.24.14 | 200 OK | 1.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.24.14:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hashdcb0ac787e2b120c8aeec195cd6decb9 7cdd385b4fbdfd0801af64d9209e7ede132dd954 f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82
GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 529232
expires: Tue, 08 Apr 2025 06:37:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zm0fULWvYa7uvmlVj4ueqo3wucrHMs2DKmSkUAtFHBleGweCuUbSRiI8360px90bICfxej3pjfK8vT4%2BpLQT6Xritpgv5blwtIZoxBtThY8i%2FF0mbnhx0IBeoTd%2BTWGfvQJyS5%2Fd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762a6087f7b0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.17.24.14 | 200 OK | 2.1 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.17.24.14:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (7172), with no line terminators Hasha99386c14c1250b20b42dd0db3df1741 cc8562d8ee2c39a2adea8d09eec3c4096571dd18 de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672
GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 689542
expires: Tue, 08 Apr 2025 06:37:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=251UAyeMDpX9rIF125WlmipN9l1EmWM4AfwuKrxLJFtqUrBaBwtTbkjn0BdB6rfe3VISaPCdI%2BmRSn37%2FOIPejyGIDHt18E3GRaaUaIEX8CAvvwRuPHlUchdEV3J%2BhJHbeN6GlGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762a6087f7d0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-23"
expires: Sat, 18 May 2024 06:35:57 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
etag: "66163902-d3"
expires: Sat, 18 May 2024 06:35:56 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-2074"
expires: Sat, 18 May 2024 06:36:00 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-18e9"
expires: Sat, 18 May 2024 06:36:00 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/henYKwb.js | 135.181.208.216 | 200 OK | 88 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /henYKwb.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.168 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashf226c528999e1d1b8ce47258f8f39387 dc64cf93bb2af90c4fc876c9ffb919a43d476af4 58cbb933a4ccbe9e20f22a2b54bb0f856a4b666095c7a76eb5c3d123158e1283
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:50 GMT
expires: Thu, 18 Apr 2024 06:37:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| vz.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subject123.manga1001.top Fingerprint3D:4F:28:31:3D:1E:BE:47:BA:36:B7:C2:BE:1E:0A:C7:35:27:8C:87 ValiditySat, 24 Feb 2024 00:27:07 GMT - Fri, 24 May 2024 00:27:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 215756
expires: Tue, 08 Apr 2025 06:37:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlvhU0dlYvkaHbLFkOhbKWP9Vlv3z69c4lG6RgiiO0fOqj7UQ72y%2FqYwhlxRJiqHILhRwpcxhdwedQcftQClyOd6pmKggLAxaHP03pcFRx%2BmOBetF3Z%2BzpBaAZl%2FFYD3Fmaf343s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762a60ac8211c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kr.cafenehkikki.com/1clkn/14903 | 23.109.170.198 | 200 OK | 26 B |
URL GET HTTP/1.1kr.cafenehkikki.com/1clkn/14903 IP23.109.170.198:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectkr.cafenehkikki.com Fingerprint50:EE:4F:95:B6:16:97:F3:4B:CE:8F:41:22:EB:63:02:F2:48:7A:F2 ValidityThu, 18 Apr 2024 00:50:14 GMT - Wed, 17 Jul 2024 00:50:13 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: kr.cafenehkikki.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:37:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 19-Apr-2024 06:37:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 19-Apr-2024 06:37:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet | 142.250.74.106 | 200 OK | 75 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet IP142.250.74.106:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hash49160c68f619c6b6767dbdbf94b13438 8e6adee24578b6da953f6b1f90503d059c8aa649 505cfa4aee43d69ab9bed75680d45af5f2ad5a3d9e11a30f60d1d0642e4be5aa
GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:37:51 GMT
date: Thu, 18 Apr 2024 06:37:51 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/logo_60.png | 78.142.18.54 | 200 OK | 14 kB |
URL GET HTTP/2videzz.net/images-newtheme/logo_60.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced Hash650a7f14495bcd9ed2140ed51d8b9fef 47cb64b0bc23739e4e25e7c1bea6d63e438ebee0 aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 14101
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-3715"
expires: Sat, 18 May 2024 06:33:04 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/ico_signup.png | 78.142.18.54 | 200 OK | 1.1 kB |
URL GET HTTP/2videzz.net/images-newtheme/ico_signup.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced Hasheb2e533fce6d10e6f1231e3c07aa7e7a 194f55dab0899b59605972b6a0edd85bfd975488 6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 1094
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-446"
expires: Sat, 18 May 2024 06:35:08 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js | 192.243.61.225 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/97/85/38/9785383bf0d8f2fb611d938245088565.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44070), with no line terminators Hash65577d57b43da6e590dbd9f031d8f7bb 19be02738e84db9c3e7922296e95fd0bfdc46474 6181433731f752c0889b1f0a99baa7b5516767e77d15c3e46f011ebe97bd6b7e
GET /97/85/38/9785383bf0d8f2fb611d938245088565.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:37:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa2397cc84ca886f9157faf6433fd35f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| tr.7vid.net/api/spots/190873?p=1&s1=202079 | 135.181.208.216 | 200 OK | 564 B |
URL GET HTTP/2tr.7vid.net/api/spots/190873?p=1&s1=202079 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typegzip compressed data, from Unix Hashb4a9eecc684fe29efb5f02a7066ef760 ed9b615204416e1ec95d6fc39b8b9a36ee46d7f9 d64af360aea2dd9f091d563060bd48d6c6eed07d783b9e6b88ec876805541646
GET /api/spots/190873?p=1&s1=202079 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=xYcRxHKmttWPe5oyEjM8; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 172.67.39.148 | 200 OK | 79 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeJavaScript source, ASCII text, with very long lines (3003), with no line terminators Hash5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2AC7bE2UDFKM7qC5jDQxDxGBrcVDlnPDaJpMnzeeMpH%2BWmJ3duBGtVLq6wxk1QIfxp7e6MatgiRO5LypYWukV0nng7cUXW9aran8y9cwM8v0JAzIBzS1YQZ9pyCABT%2BXorAHEebwrAhbk61YRrQnUdl"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16209
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6087c64b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 14571
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48208, version 1.0 Hashc49b7c3643f781d71645c5a40a78b5bf e71138026b38afc443fb60da5ffc2244c4f5eb11 8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:58:52 GMT
expires: Tue, 15 Apr 2025 21:58:52 GMT
cache-control: public, max-age=31536000
age: 203939
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/facebook_button.png | 78.142.18.54 | 200 OK | 3.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/facebook_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash7136dd30e8f2bac19a84c71f7051fbe4 9e0386c21a34c2034c5736d083f2aa9d74aa9698 0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 3296
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-ce0"
expires: Sat, 18 May 2024 06:28:07 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/reddit_button.png | 78.142.18.54 | 200 OK | 5.6 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/reddit_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hashe81d26d1620449624337a4d43f931daa f03bec039b900b6668f56c295b6152f206614347 a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 5639
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-1607"
expires: Sat, 18 May 2024 06:35:25 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/telergram_button.png | 78.142.18.54 | 200 OK | 7.1 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/telergram_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash30c0202bb8d66d562c2f6f74e04cecf5 330d3cb6d6e12800458fb4e711f5ad2669ed6418 5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 7130
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-1bda"
expires: Sat, 18 May 2024 06:35:49 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/twitter_button.png | 78.142.18.54 | 200 OK | 7.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/twitter_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hashd680a9ff6f8107a4582fc3da7b95b852 df709fd8b064642697ce5075aef16d7ec3df9475 d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 7332
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-1ca4"
expires: Sat, 18 May 2024 06:36:04 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 108 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Size108 kB (107929 bytes) Hash51bd1fa7337a0c679b5cc59b9593ac5f 02836121559b6c232899853570bcdfe6da5866ee a51b0323e4cc8d122fc96d3e3e849ca6d6458cf903be2c7d11e0347546b01cc9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-65a66"
expires: Sat, 18 May 2024 06:33:23 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/whatsapp_button.png | 78.142.18.54 | 200 OK | 9.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/whatsapp_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash093cb56d9d65dd0ccb57f24eb7444cba 3d862fe04fc38402dfb6e8afcfb9adc526907d54 9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 9402
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-24ba"
expires: Sat, 18 May 2024 06:27:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/locale/spritesheet_25.png | 78.142.18.54 | 200 OK | 3.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/locale/spritesheet_25.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced Hashf114e74e1fb82ce234e7a2503506e2ac 5adb3ddc13861aa417471710f1ceaca66ef71c74 e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 3355
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-d1b"
expires: Sat, 18 May 2024 06:34:55 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 172.67.39.148 | 200 OK | 74 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FN7klxF7wXP63HcRl%2BjCdei7MZiQdLbHTqz87Q9U8JynkbiNBMS1rbdVtmUknMMTPAEW9DWd2%2FJRR1gRNn7DGNrqap17XCipxcat6ZwNX7wMVLUN3VPJR8WgR5HpxT%2BapjjIqHt"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15508
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a60f4ccfb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 216.58.207.227 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 14571
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1303280
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a60fdaa856ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash100265d2e6dc29295bf57ec387e10c46 7459210dd9b3b2f4dff7d3cc319b0825910dd876 1c29f386ea0cd30f654009c5c8cf3e5d8fe7e9a5a6d2fa4b864072ccb1223456
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=52e2815c-d1df-458d-b11f-618a2b381164:1:1; expires=Sun, 16 Apr 2034 06:37:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js | 78.142.18.54 | 200 OK | 15 kB |
IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Hasha23155246201b4ae3c69c380de827225 e1d4cd694e2c547d18b7f45b2505f19607751cf5 074d8228f145b0ce08af8cba6bb9ee414f50bbfea57fc61220b2d7c6df8f26e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-a554"
expires: Sat, 18 May 2024 06:37:40 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 9.0 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashf43a9f52bdd16907856bcccdc018b8c9 260324361bf19dc2ea4982f6fd312f9c8d5039cc 0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPeXHzwULdp0E3vofBQ%2BuHeFMs%2Ft7ibjJk6G7TiX0DVmbli4Ag2c6f3XcNy9w%2B9ysR%2B19Z2Y5%2FpKkxe1tm2OnbITaKFjWmijDGDybMmtlQ1cjeIAAwCfSMyhKEuot4sBIOT%2BWenre%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60dfb79b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| str36.vidoza.net/i/03/07591/rk91hga5cy41.jpg?v=1713422270 | 109.202.99.228 | 200 OK | 12 kB |
URL GET HTTP/2str36.vidoza.net/i/03/07591/rk91hga5cy41.jpg?v=1713422270 IP109.202.99.228:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, baseline, precision 8, 326x480, components 3 Hash560f6d2930b88b6547cc94b63736b0c4 44820937e1d9a9c56314e3509e3c09773b889d15 974e3a01fb3793db599adcb73fdc54323a0b796941e2acaa06b129958e8ecbee
GET /i/03/07591/rk91hga5cy41.jpg?v=1713422270 HTTP/1.1
Host: str36.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: image/jpeg
content-length: 11742
last-modified: Thu, 18 Apr 2024 06:33:45 GMT
etag: "6620bec9-2dde"
expires: Thu, 02 May 2024 06:37:52 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70101?s1=202079&v2=1&fill=0&kw=61563%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0 | 135.181.208.216 | 200 OK | 577 B |
URL GET HTTP/2zv.7vid.net/api/spots/70101?s1=202079&v2=1&fill=0&kw=61563%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typegzip compressed data, from Unix Hash75790ef686d0f3d82ec98723a4d67728 f5f8c12ccc8c82e23fb0c8f7b3c87bf60f97be51 62494dc71e305303daed1f5c8fc5fae49aa82a6043115f088169c1106685ec44
GET /api/spots/70101?s1=202079&v2=1&fill=0&kw=61563%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=Bw2yLMVAxK9CUnfPyf48; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 93 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash83461f7b8b0a12d21ba23cffa1cbbc9f 76823e6636ed9ca7ca306dd3db948ad35af6f2d2 4952410c3d0e4bbb5d403ad019ba6e00c1146d88f3e842219030f5f91c98cf2b
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:52 GMT
expires: Thu, 18 Apr 2024 06:37:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| reorganizeglaze.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js | 172.240.108.84 | 200 OK | 30 kB |
URL GET HTTP/1.1reorganizeglaze.com/57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js IP172.240.108.84:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectreorganizeglaze.com Fingerprint22:89:D6:25:50:57:C4:4F:35:6E:C6:A9:B9:2F:7B:09:20:BF:27:27 ValidityTue, 16 Apr 2024 10:27:09 GMT - Mon, 15 Jul 2024 10:27:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash49408b45b0ab19427a486405a3f427de 9feccb4329502426282b570dd365c9e341864831 56a8a928277c830359b868a4955c6bcde219ffeace031ee9f8cb8b7d7ff49ea2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /57/e9/12/57e9128f004dc8dd272477c7cdb9cf15.js HTTP/1.1
Host: reorganizeglaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:37:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2967-new=0; expires=Mon, 22 Apr 2024 21:37:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 166fe46c4191ff590f222ee529601f6a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash100265d2e6dc29295bf57ec387e10c46 7459210dd9b3b2f4dff7d3cc319b0825910dd876 1c29f386ea0cd30f654009c5c8cf3e5d8fe7e9a5a6d2fa4b864072ccb1223456
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=52e2815c-d1df-458d-b11f-618a2b381164:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| reorganizeglaze.com/sbar.json?key=9785383bf0d8f2fb611d938245088565 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1reorganizeglaze.com/sbar.json?key=9785383bf0d8f2fb611d938245088565 IP172.240.108.84:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectreorganizeglaze.com Fingerprint22:89:D6:25:50:57:C4:4F:35:6E:C6:A9:B9:2F:7B:09:20:BF:27:27 ValidityTue, 16 Apr 2024 10:27:09 GMT - Mon, 15 Jul 2024 10:27:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=9785383bf0d8f2fb611d938245088565 HTTP/1.1
Host: reorganizeglaze.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:37:52 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071529; expires=Fri, 19 Apr 2024 06:37:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1e1f1b905b1d4eab4b92dbc62193ddf3
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1086035083.1713422272>m=45je44f0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=466873572 | 172.217.21.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1086035083.1713422272>m=45je44f0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=466873572 IP172.217.21.163:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68 ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1086035083.1713422272>m=45je44f0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=466873572 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 18 Apr 2024 06:37:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| aloftloan.com/pixel/purst?dl=0&th=0&sc=0&rs=2309&rd=2309&fd=805&bv=24.4.2204&tmpl=136 | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1aloftloan.com/pixel/purst?dl=0&th=0&sc=0&rs=2309&rd=2309&fd=805&bv=24.4.2204&tmpl=136 IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectaloftloan.com Fingerprint0B:B5:B9:1F:E4:C7:72:B5:12:AF:52:EF:CC:7C:EB:CB:AE:0A:24:E1 ValidityTue, 16 Apr 2024 10:19:28 GMT - Mon, 15 Jul 2024 10:19:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2309&rd=2309&fd=805&bv=24.4.2204&tmpl=136 HTTP/1.1
Host: aloftloan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 172.67.39.148 | 200 OK | 508 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (1003), with no line terminators Hashaeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdllmjIIRPRO2sHETKfzSGgQqV%2B5f6wC121kOiSfff%2FleOBxlgQKvNn%2B2DUe%2Fr5kpz9KGft%2FRsHDcGcIpGt%2F42uj0Qb%2BUMIa9aqfRrxL31k1iZW4bD4Y1%2BVj76SQGbCP3FxdALOTUrcyP3H539%2BTGVdC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15509
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6113f50b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash4809a9602dd55d531906123e570b6d77 626fe0b9eeeda00a0ce401ee5a4e13f8256facb9 046c0a16886d7e34df54c815c1fee7740a3608671d33fd56c837dca5a1ac9c9f
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FIm7xVxZgeoNMVAH2aH1eOFY2y6PCCw0A2QkDrU2nCUr4Siye856O2imFN8%2BLMcLWMOEg1GY1xZq3mSlfnto9NQFYyAeUWkTptXT4iO6gLXYyne%2FutKQ1V4spFC%2BmHGJYTXHLehf2Z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a610ad721c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash100265d2e6dc29295bf57ec387e10c46 7459210dd9b3b2f4dff7d3cc319b0825910dd876 1c29f386ea0cd30f654009c5c8cf3e5d8fe7e9a5a6d2fa4b864072ccb1223456
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=52e2815c-d1df-458d-b11f-618a2b381164:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 35.158.46.84 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP35.158.46.84:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash100265d2e6dc29295bf57ec387e10c46 7459210dd9b3b2f4dff7d3cc319b0825910dd876 1c29f386ea0cd30f654009c5c8cf3e5d8fe7e9a5a6d2fa4b864072ccb1223456
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=52e2815c-d1df-458d-b11f-618a2b381164:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843za200&_p=1713422271453&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1086035083.1713422272&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713422272&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&dt=Watch%2061563%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2276 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843za200&_p=1713422271453&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1086035083.1713422272&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713422272&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&dt=Watch%2061563%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2276 IP216.239.34.36:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843za200&_p=1713422271453&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1086035083.1713422272&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713422272&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&dt=Watch%2061563%20mp4&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2276 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Thu, 18 Apr 2024 06:37:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/locale/ru.js | 172.67.39.148 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (2130), with no line terminators Hashc0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSZZPHRQHmmj7W9b8uSrlEOmUNd5EPtJjQ6dGciF28UUVd2CDtNJ%2FBwzXajDEbBux%2FcEjPyaUJyeHlp1cPBVMV3Q2eK944CTAvvX7nWPfNzysCaOl3kzBNgW%2F9nsUG4Ry0l3jQ6qpq%2Bc1bomXdrURWCn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16116
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6111ef8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://animewatch.onionlive.workers.dev/
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| tidyllama.com/sc?t=1713422273344&a=85ho&c=GHiz4EbXG6NECPH3imw2Cf&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmIL_BSPhgxuPVFt1n-fyYG0WnWs-VEscaiRDiS2gNzHnGx4zsYOm54aNQgNL_OaPVSB8tvLOsO0-sg4UhA9oISDrLg971YID9kS5mRdflpIHEGYxSttt2S5W5ObtLAzNw1L40FUYm9aD_C9frMEVq7LOETSu2vUwGPtpFlhrCXlKwMJragDGAijPgcISxaUjmYRRDOvnKaYMfz_6k4AViH_Zzzm7YavRg_hqc_qdLtlEzKnoGI9b-TnYNeXJ1H6XFL31AGWkK4FK_QyRKJ1AIDwvJ1ctzx2u8QsGh33ua1MAisYZolPeM2wX142DO1nQdT8OOGg5aQNRkyxPgQQrURuMW9B1L9uOQHnmMCAac3ynsJMGyuM5JUd3LhNXdmZssp0m_kpj1y-On-4ZD9Be8ZO5SNBq_YVKYcbrEwi2-PV_2dn4P3Nn6fyuAhgHCbN4ZoTjxN-CGafk751CRoxbvxsqtudDu0XEO-wZJ2pgH3Udedms=&f=2048 | 178.63.99.108 | 302 Found | 58 B |
URL GET HTTP/2tidyllama.com/sc?t=1713422273344&a=85ho&c=GHiz4EbXG6NECPH3imw2Cf&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmIL_BSPhgxuPVFt1n-fyYG0WnWs-VEscaiRDiS2gNzHnGx4zsYOm54aNQgNL_OaPVSB8tvLOsO0-sg4UhA9oISDrLg971YID9kS5mRdflpIHEGYxSttt2S5W5ObtLAzNw1L40FUYm9aD_C9frMEVq7LOETSu2vUwGPtpFlhrCXlKwMJragDGAijPgcISxaUjmYRRDOvnKaYMfz_6k4AViH_Zzzm7YavRg_hqc_qdLtlEzKnoGI9b-TnYNeXJ1H6XFL31AGWkK4FK_QyRKJ1AIDwvJ1ctzx2u8QsGh33ua1MAisYZolPeM2wX142DO1nQdT8OOGg5aQNRkyxPgQQrURuMW9B1L9uOQHnmMCAac3ynsJMGyuM5JUd3LhNXdmZssp0m_kpj1y-On-4ZD9Be8ZO5SNBq_YVKYcbrEwi2-PV_2dn4P3Nn6fyuAhgHCbN4ZoTjxN-CGafk751CRoxbvxsqtudDu0XEO-wZJ2pgH3Udedms=&f=2048 IP178.63.99.108:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash3afac32a6b25db10e5d7226aba4a67b1 9e871742f5cd503fd8b55335ce3809ec3337d461 ae89ff7128c03840c463849e47b7d0d8930bafeea780ef7171a076020604272e
GET /sc?t=1713422273344&a=85ho&c=GHiz4EbXG6NECPH3imw2Cf&r=https%3A%2F%2Fbid.bidclickmedia.com%2F&e=gAAAAABmIL_BSPhgxuPVFt1n-fyYG0WnWs-VEscaiRDiS2gNzHnGx4zsYOm54aNQgNL_OaPVSB8tvLOsO0-sg4UhA9oISDrLg971YID9kS5mRdflpIHEGYxSttt2S5W5ObtLAzNw1L40FUYm9aD_C9frMEVq7LOETSu2vUwGPtpFlhrCXlKwMJragDGAijPgcISxaUjmYRRDOvnKaYMfz_6k4AViH_Zzzm7YavRg_hqc_qdLtlEzKnoGI9b-TnYNeXJ1H6XFL31AGWkK4FK_QyRKJ1AIDwvJ1ctzx2u8QsGh33ua1MAisYZolPeM2wX142DO1nQdT8OOGg5aQNRkyxPgQQrURuMW9B1L9uOQHnmMCAac3ynsJMGyuM5JUd3LhNXdmZssp0m_kpj1y-On-4ZD9Be8ZO5SNBq_YVKYcbrEwi2-PV_2dn4P3Nn6fyuAhgHCbN4ZoTjxN-CGafk751CRoxbvxsqtudDu0XEO-wZJ2pgH3Udedms=&f=2048 HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tidyllama.com/click?a=85ho&e=gAAAAABmIL_A7K8zBuH0Ot9DU91Cls9MYsZF_vV3wd9S4j4BrQeH__132UGZFEpQfl4hRiHWORPlhYxEKO-fZcIS6GqHrl7RfL_eS2ZSx9V-JG13P6qlybl_gspy8Qjnf0NUutql-fTAWRNDxkbAWO1EXms4rbP6kGG0664t16jmeVzSM07L0EnFVBlBjY8l6xd_dMr-piEVIvxF6BbygNHsMISt46e1qsRBS0DZnweq-VWXgP9UOoUzROZnwWv2HkCCbkK9kMNdGhhPX0ZDEA5bmiqetqocQyh9-rLxrykNIrYM9DrAutQEzWuAkB-dX1rpvldKxSxzMaKKt2iOwLxCFznuUbvKoe2w3NV4nmvm1lDtNagQR5H2RuTyHRNpGLaSo6-tYe2Zp-uiMH-stcJgMih8_cMbpez93i4NjnaME5Kd8oyguXT4aykgEgw_nlIw5A1sKtFrIEGwCybOKCN1Olhp6rDQXv-wDoeyrfiOENwb5blqEfA%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html; charset=utf-8
content-length: 58
location: https://ittostart.us/?utm_source=ds
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-119774978-7 | 142.250.74.168 | | 55 kB |
URL www.googletagmanager.com/gtag/js?id=UA-119774978-7 IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1900) Hashdae91d37f13fe425e73eced356620f37 cb4a0fea5b0fc54b36eb1fd02e37cdb13ca29c13 726dd4771622943c708aa0688ad0d3c85eca16887db0a149e1b40b896410dca4
GET /gtag/js?id=UA-119774978-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:53 GMT
expires: Thu, 18 Apr 2024 06:37:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55274
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK | 142.250.74.168 | | 101 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size101 kB (101131 bytes) Hash74719cc84472a23841d47bc4bd5ed0a5 150d5ed93c065f9e5add34a96f776a8deef42f54 702e614fde19127448fefcedb117330dd135b23235a57d5ea875647789145523
GET /gtag/js?id=G-HJ5MMKB9WK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:53 GMT
expires: Thu, 18 Apr 2024 06:37:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c | 142.250.74.168 | | 92 kB |
URL www.googletagmanager.com/gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3034) Hash1553e41851fa2a52714af73ab057d6be 84b717fd792f00e6b724c17a10aa94526c2532a9 6c6162a8b5e439d023898fabf88cf050eacacac53a925fac16837e1656db20d5
GET /gtag/js?id=G-DQF56C4WPV&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:53 GMT
expires: Thu, 18 Apr 2024 06:37:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRuiYIXG62T5hKTqo6kL4wVz2gAtenc6I3E27vkukY1y21d3co7we0tjbtYDso3ZsLeOdmLOU6V4jyYU69kY38fvrN9SCtdw%2FbMBSlu2IIODdf%2FMjZpT0VyLkm9BXiNqvfgx84rengc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a6129f4d1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c | 142.250.74.168 | | 100 kB |
URL www.googletagmanager.com/gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size100 kB (100088 bytes) Hash1de8abf3f6f2d7227a37d4cf00833dee baaba2cac3d04edc56cec535f07ffff9715336b9 3ba61e55d19a98ce0a482d3aa0e4abe4a5069582f80ace840b5dfc1aa7694638
GET /gtag/js?id=G-HJ5MMKB9WK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:53 GMT
expires: Thu, 18 Apr 2024 06:37:53 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100088
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0&i=1&kw=61563%2Cmp4&s1=202079 | 135.181.208.216 | 200 OK | 83 kB |
URL GET HTTP/2tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0&i=1&kw=61563%2Cmp4&s1=202079 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typegzip compressed data, from Unix Hashaa6b18960dd08ace6f160215175f9645 d389ac5ba8e677465d81a73bd424f05bb0cdf4cb a56a869b75635af7ab1dee8145f8947b722a0478258f6fe4da4cfcd8e290a016
GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0&i=1&kw=61563%2Cmp4&s1=202079 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=xYcRxHKmttWPe5oyEjM8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| go.bbrdbr.com/smartpop/46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=00000000-0000-0000-0000-000000000000&sourceId=14866&p1=64257&p2=79559&p3=36016&no_bb=1 | 104.18.17.106 | 302 Found | 0 B |
URL GET HTTP/2go.bbrdbr.com/smartpop/46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=00000000-0000-0000-0000-000000000000&sourceId=14866&p1=64257&p2=79559&p3=36016&no_bb=1 IP104.18.17.106:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerCloudflare, Inc. Subjectbbrdbr.com Fingerprint54:D2:62:A8:E8:91:19:F3:B4:1C:47:61:81:1B:D4:97:94:1B:26:9E ValidityFri, 26 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf?userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=00000000-0000-0000-0000-000000000000&sourceId=14866&p1=64257&p2=79559&p3=36016&no_bb=1 HTTP/1.1
Host: go.bbrdbr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://impactserving.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 18 Apr 2024 06:37:53 GMT
content-length: 0
location: https://creative.rmhfrtnd.com/LPAkira?action=sbSignupWithModel&autoplay=allInFocus&autoplayForce=1&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&memberId=00000000-0000-0000-0000-000000000000&mlView=1&no_bb=1&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: _var=32853325.32818_MTlkOWI5ZjY=; Path=/; Expires=Sat, 18 May 2024 06:37:53 GMT; HttpOnly; Secure; SameSite=None
__cflb=04dToPfSdwpmYL4m1jLmKA6zXQ14ZzF6hiTK8LV8xc; SameSite=None; Secure; path=/; expires=Fri, 19-Apr-24 06:37:53 GMT; HttpOnly
server: cloudflare
cf-ray: 8762a61bacf65688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| offmantiner.com/sftouch?userId=008042431f5d4dc2e5d13fbd7e96868e&z=6120639&p_rid=b51ad350-bda2-4cdf-abfe-f18fdcbd71f0&p_src=sf&branchId=0&rb=GGYUI05g7JZWUG8FJfBTS8hu9Zp9Q0wHIuJuCtkOPKcrIzKsLncKMv1s0mhbJNgiTma4_nxdSXhHTa2bjek1QhFonDKmczEEfl8DisgW3d78wZ4m1PW84nOjrKnNe4qlRzAhLl-0l-Bv3q4mahEmbvNo0-DXzp27xEBKaHZiTvKd2kC57MuCRTFjTcQ5SIG7VuVnbI5wtCAvmlWo2GHblRKhr_zI7eInLicUJlrK6ks9F8-okVaeIxDqRSVE3q_3SRrxXF4qyOf2anq9bMGAI4PgwhSgKCjxrWaepQ== | 139.45.197.245 | | 2 B |
URL offmantiner.com/sftouch?userId=008042431f5d4dc2e5d13fbd7e96868e&z=6120639&p_rid=b51ad350-bda2-4cdf-abfe-f18fdcbd71f0&p_src=sf&branchId=0&rb=GGYUI05g7JZWUG8FJfBTS8hu9Zp9Q0wHIuJuCtkOPKcrIzKsLncKMv1s0mhbJNgiTma4_nxdSXhHTa2bjek1QhFonDKmczEEfl8DisgW3d78wZ4m1PW84nOjrKnNe4qlRzAhLl-0l-Bv3q4mahEmbvNo0-DXzp27xEBKaHZiTvKd2kC57MuCRTFjTcQ5SIG7VuVnbI5wtCAvmlWo2GHblRKhr_zI7eInLicUJlrK6ks9F8-okVaeIxDqRSVE3q_3SRrxXF4qyOf2anq9bMGAI4PgwhSgKCjxrWaepQ== IP139.45.197.245:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=008042431f5d4dc2e5d13fbd7e96868e&z=6120639&p_rid=b51ad350-bda2-4cdf-abfe-f18fdcbd71f0&p_src=sf&branchId=0&rb=GGYUI05g7JZWUG8FJfBTS8hu9Zp9Q0wHIuJuCtkOPKcrIzKsLncKMv1s0mhbJNgiTma4_nxdSXhHTa2bjek1QhFonDKmczEEfl8DisgW3d78wZ4m1PW84nOjrKnNe4qlRzAhLl-0l-Bv3q4mahEmbvNo0-DXzp27xEBKaHZiTvKd2kC57MuCRTFjTcQ5SIG7VuVnbI5wtCAvmlWo2GHblRKhr_zI7eInLicUJlrK6ks9F8-okVaeIxDqRSVE3q_3SRrxXF4qyOf2anq9bMGAI4PgwhSgKCjxrWaepQ== HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/4/6120639/
Cookie: OAID=008042431f5d4dc2e5d13fbd7e96868e; oaidts=1713422273
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/plain
content-length: 2
x-trace-id: d540bc028371dc1dd4c9b11880dec920
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=526328&cat=25&sub_id=1641500486
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash8c6e4895da5c5b48888faceae2c20c4f 69dad1d518bcb805f58f3285c72ba648462040bf 85dd6a5b21367347155e970a54ce165d275ca4753206ca8b6b64b773f80570cd
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cp5JK34bU8y2LIhYA3yu0%2BTmegKgYcHjCZW5e%2BIuONXeoKN0TeGLpXGCRAQePJ5gxQC%2Bw%2BbcGYlMSYhY7GGQqm%2F8Yf4Vn7Z%2FnpjnXxKvj%2BaHZU%2FM0J1Q9QlktzGIKlJNmKH1izA9mww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a612bf6d1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| unseenreport.com/pxf.gif?uuid=52e2815c-d1df-458d-b11f-618a2b381164&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=52e2815c-d1df-458d-b11f-618a2b381164&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=52e2815c-d1df-458d-b11f-618a2b381164&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=9785383bf0d8f2fb611d938245088565&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff1a4e45e56c843b31787041a65a999c
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=52e2815c-d1df-458d-b11f-618a2b381164&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 | 192.243.61.227 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=52e2815c-d1df-458d-b11f-618a2b381164&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=52e2815c-d1df-458d-b11f-618a2b381164&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=57e9128f004dc8dd272477c7cdb9cf15&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edbc8fa25cb929d68f6ba97f1b8efe02
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash0afbc42662d610b514f5be89bfd0d53a 0e5f0faddf5910a3c68deb940bb23924d244f1ff a850e0db4b9fad13d0cb77a0f6599bfaf2d068dea62db64a43c06dadb12bbc38
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1Nkk9NdQtfLaC%2BvwZMWaMzpyeDO0XOmj02Hur9WJfE7ZqpF8EpwFk2lu5RWwkq6JwK2FDRMXrSwlLzOj9t5rUTyw%2F2u%2F%2F08yfweAb6FHq6eB8ZA%2Fq6gEN80R5zOtOAJVTpvODJe%2BNw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a6110dd11c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/img.gif?f=merge&userId=008042431f5d4dc2e5d13fbd7e96868e&z=6120639&p_rid=b51ad350-bda2-4cdf-abfe-f18fdcbd71f0&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=008042431f5d4dc2e5d13fbd7e96868e&z=6120639&p_rid=b51ad350-bda2-4cdf-abfe-f18fdcbd71f0&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=008042431f5d4dc2e5d13fbd7e96868e&z=6120639&p_rid=b51ad350-bda2-4cdf-abfe-f18fdcbd71f0&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008042431f5d4dc2e5d13fbd7e96868e; expires=Fri, 18 Apr 2025 06:37:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-603Z0GEQ06 | 142.250.74.168 | | 100 kB |
URL www.googletagmanager.com/gtag/js?id=G-603Z0GEQ06 IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (5955) Size100 kB (100038 bytes) Hash5fdc14c1b19ca976dd9638099c1bc7c4 38855f24e3d1b6679aeafca85ce3b6f2db68309e 8c5db9823ec1cfa45e52a9cc713a3bec1b7268432af3335b0aa95c7fb53cdece
GET /gtag/js?id=G-603Z0GEQ06 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:54 GMT
expires: Thu, 18 Apr 2024 06:37:54 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100038
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 172.67.205.77 | 200 OK | 149 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash3e4f8d950f382330e0d32f9aa59bb11b 0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d 25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWRuiRdvSGUOTnHG0YXpabLA5ACzeVgxGUVgpmT8zf5NaZYdju5rbU%2F%2B%2Bl8j1sqP6FNXeylUCqK11bLAo2%2FQh%2F%2BJPItcwz%2BBpqWVfv3f49Kt7f9x2SBVMrs2QaWgvkYNl3ZKYJoQH7g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60f6c6e1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| adeumssp.com/js/deumbld.js | 168.119.32.94 | | 10 kB |
URL adeumssp.com/js/deumbld.js IP168.119.32.94:0 ASN#24940 Hetzner Online GmbH
File typeJavaScript source, ASCII text, with CRLF line terminators Hashe2199caaa92618d4c1c00ab983557812 28472c5cfbf1661d14028ca171058e0d35f2564f d12d54000df41885ecf12fbd0dbcb72681f4dd06a02e1c3fc223516b3d8c6f0e
GET /js/deumbld.js HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: text/javascript; charset=utf-8
content-length: 10515
accept-ranges: bytes
last-modified: Tue, 02 Apr 2024 13:15:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| js.onclckmn.com/static/onclicka.js | 45.133.44.52 | | 850 B |
URL js.onclckmn.com/static/onclicka.js IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, ASCII text, with very long lines (1734), with no line terminators Hash8b7247e161d471ff6bebe6c31ff2f55f fb0b0b34f6b31d2b50dade01175ffffae9608db3 cda46ed2c3a79a0ddf3c79277ad51b6545660648d6c10b8ef7516ec87c50ab44
GET /static/onclicka.js HTTP/1.1
Host: js.onclckmn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 13:35:49 GMT
etag: W/"661e7eb5-6c6"
content-encoding: gzip
expires: Thu, 18 Apr 2024 06:42:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-MJ8CKM9D | 142.250.74.168 | | 48 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-MJ8CKM9D IP142.250.74.168:0
CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1900) Hashe932028d4c61fe2139cd6350b3519af1 64984c5570d9dd08aed2837732a07d9ea00d87e2 4f69487302b7d2d279394d2a426a66277354f65a3752187aa9fbf45a5cc5d413
GET /gtm.js?id=GTM-MJ8CKM9D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:54 GMT
expires: Thu, 18 Apr 2024 06:37:54 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 48031
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash8c6e4895da5c5b48888faceae2c20c4f 69dad1d518bcb805f58f3285c72ba648462040bf 85dd6a5b21367347155e970a54ce165d275ca4753206ca8b6b64b773f80570cd
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1zb6ZALJs1L3YDb4lOVE%2BbqXprqKegSWhKdOgCpZefYEppO0tewfiNYTmJWb48pqVe4VKbXu76mv951zOGQScwLmoBwCMOCTV1uoGQwFPilzneyC8OyxA29f46nTQ2wAhuwkZKdmbo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a6129f571c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| creative.rmhfrtnd.com/LPAkira/HelveticaNeue.ttf | 104.18.16.106 | | 642 kB |
URL creative.rmhfrtnd.com/LPAkira/HelveticaNeue.ttf IP104.18.16.106:0
File typeTrueType Font data, 17 tables, 1st "FFTM", 40 names, Macintosh Size642 kB (642156 bytes) Hash072a79d376f0a5e40562e538e3e8f383 17ff561d277b3122ab93bca89fad1fa26db44ce8 c5a5905988a91d018626c0e194ba6a01eb4047c4b08f7e893dd1d663fe02dd35
GET /LPAkira/HelveticaNeue.ttf HTTP/1.1
Host: creative.rmhfrtnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/LPAkira/main.745f45a0e3f9de2d8204.css
Cookie: __cflb=0H28upDCGznfDm9XVE9Kb8v5TrfcnGBoGUSG5LfSwpY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/octet-stream
content-length: 642156
last-modified: Tue, 16 Apr 2024 15:38:51 GMT
etag: "661e9b8b-9cc6c"
expires: Thu, 18 Apr 2024 06:38:01 GMT
cache-control: max-age=10
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a61fed0d0b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| intothespirits.com/click?trvid=12632&clickid=804713942223167595&cost=0.000035&language=en&creaid=20536676&zoneid=6120639&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 | 3.126.48.135 | 200 OK | 1.2 kB |
URL GET HTTP/2intothespirits.com/click?trvid=12632&clickid=804713942223167595&cost=0.000035&language=en&creaid=20536676&zoneid=6120639&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 IP3.126.48.135:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectintothespirits.com Fingerprint42:86:B7:FB:4F:91:02:C7:75:E2:06:41:56:85:74:4B:D8:97:BE:C3 ValidityMon, 25 Mar 2024 22:01:23 GMT - Sun, 23 Jun 2024 22:01:22 GMT
File typeHTML document, ASCII text, with very long lines (389) Hash787842620b12b584e8ccd26fbdea8a8f e49850a6bff5e86b06b613e81a1492562f3e1fe0 9292f52ffaf83621f5c0c5948f3baf1c337bd217cd2b2dacf221ab2a51af64dc
GET /click?trvid=12632&clickid=804713942223167595&cost=0.000035&language=en&creaid=20536676&zoneid=6120639&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0 HTTP/1.1
Host: intothespirits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: text/html; charset=utf-8
content-length: 1226
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
set-cookie: ClickDataNG=H4sIAAAAAAAA_2SU-2_jNgzH_5WAP22A4Ui24zQ6GIdeir3Qx4auhw0YUCgS7WpVJEMPX3KP_32Q7QTZ9TeT_IqkqA_9BQZ0XlkDDGhOcgIZhGOPwEgGPu7-PH0LawZ0ASWwlmuPGQitxOuvEhhUx9vio_vDPv37yyfIQPKAwOiallVRFOsqA8H3PVedSWpa1GWRgfLb36_PuZwNPCg7Coq6LDNwUWOySAYOpXIowh2GFyuBrTLwNjoxxmkGmhupTDerZ-vJaWAAGdi2RTcVvlplsHPciJdZO8Ym5UsIvWfLpc_He-VcKzz0Dr3Phd0vcfl881r9pv4O73nbfHdhYX2YOx3QxGlgPT_amNw5nQtto3NoxBEYPD3eQAbRqYvKygQbXtD3yqkwVR1beR_coGQzzu2fSEhRj24lmytSrWm5SVMuab1ebVZz3PrQkJwQQsrZpbnpIu-wQTNrHHIlm4Ksyrpe15PzszWoZFPTgtTlZvLtnP3k0c2YNJtZan2jlYmH_4maVjls7ex02KUTpDx1ZQyK9Mp5IqzZOcvljht5SngqEY3vUahWoXy-qOHjLvX3rGSTKFX9tZTpfYDBhuYbkldFTlfVZaieEIge3XWHJgCDO_tZac2Xq5wsfviL0neL21Ricbiqn-vq3cINbFPn5MfFzyhe7bIglBBK6OKn6WbLFIT00i06dFN-iYMSeF4Vm1oasyb8_MfzgkHCbxwUMJgTno9_cNzIy3x3VqK-dNzzPU62mGrBlu80Lm8eb9OlfQ8MPmh1WDxaHdOc_chmNMEl5u4fxr67qZf7h69fH7y2i20SHJNSheNFABLCDk3YJtrmXXKqU-a2v3AFx43nYlpeD8xErTMQ0Qe7B_Zl3g040QgZ4CGgM1yPv463CEMGAwEGaNIXBQYnRpNdAIMZz2SW6fHHQAUM9DzzYQUM2vN8h4QBKdPXGhicuUuOK2DwhrcU2KQz8O3bfwEAAP__q2SteSEFAAA=; Expires=Sat, 18 May 2024 06:37:54 GMT; SameSite=None; Secure
ClickDataNgFall=H4sIAAAAAAAA_2SU-2_jNgzH_5WAP22A4Ui24zQ6GIdeir3Qx4auhw0YUCgS7WpVJEMPX3KP_32Q7QTZ9TeT_IqkqA_9BQZ0XlkDDGhOcgIZhGOPwEgGPu7-PH0LawZ0ASWwlmuPGQitxOuvEhhUx9vio_vDPv37yyfIQPKAwOiallVRFOsqA8H3PVedSWpa1GWRgfLb36_PuZwNPCg7Coq6LDNwUWOySAYOpXIowh2GFyuBrTLwNjoxxmkGmhupTDerZ-vJaWAAGdi2RTcVvlplsHPciJdZO8Ym5UsIvWfLpc_He-VcKzz0Dr3Phd0vcfl881r9pv4O73nbfHdhYX2YOx3QxGlgPT_amNw5nQtto3NoxBEYPD3eQAbRqYvKygQbXtD3yqkwVR1beR_coGQzzu2fSEhRj24lmytSrWm5SVMuab1ebVZz3PrQkJwQQsrZpbnpIu-wQTNrHHIlm4Ksyrpe15PzszWoZFPTgtTlZvLtnP3k0c2YNJtZan2jlYmH_4maVjls7ex02KUTpDx1ZQyK9Mp5IqzZOcvljht5SngqEY3vUahWoXy-qOHjLvX3rGSTKFX9tZTpfYDBhuYbkldFTlfVZaieEIge3XWHJgCDO_tZac2Xq5wsfviL0neL21Ricbiqn-vq3cINbFPn5MfFzyhe7bIglBBK6OKn6WbLFIT00i06dFN-iYMSeF4Vm1oasyb8_MfzgkHCbxwUMJgTno9_cNzIy3x3VqK-dNzzPU62mGrBlu80Lm8eb9OlfQ8MPmh1WDxaHdOc_chmNMEl5u4fxr67qZf7h69fH7y2i20SHJNSheNFABLCDk3YJtrmXXKqU-a2v3AFx43nYlpeD8xErTMQ0Qe7B_Zl3g040QgZ4CGgM1yPv463CEMGAwEGaNIXBQYnRpNdAIMZz2SW6fHHQAUM9DzzYQUM2vN8h4QBKdPXGhicuUuOK2DwhrcU2KQz8O3bfwEAAP__q2SteSEFAAA=; Expires=Sat, 18 May 2024 06:37:54 GMT
X-Firefox-Spdy: h2
|
|
| js.onclckmn.com/static/onclicka.m.js | 45.133.44.52 | | 36 kB |
URL js.onclckmn.com/static/onclicka.m.js IP45.133.44.52:0 ASN#39572 DataWeb Global Group B.V.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash82e9c7e091e986e5c9c376d682605f82 12269d8c7f45a10c8db98854233a450900c8c1e8 0dbd0b26ce6771e51846343685596b2efff22f0ddd5b0b707f7c7307284b9f4f
GET /static/onclicka.m.js HTTP/1.1
Host: js.onclckmn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 16 Apr 2024 13:35:53 GMT
etag: W/"661e7eb9-1aba3"
content-encoding: gzip
expires: Thu, 18 Apr 2024 06:42:54 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| video.ktkjmp.com/adsbygoogle.js | 104.18.48.21 | | 16 B |
URL video.ktkjmp.com/adsbygoogle.js IP104.18.48.21:0
Hash3d7f7a60216d40dea48e495fef6903c9 fecdb5184f55cf012563d78940eb97b10b9cc99b 96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.rmhfrtnd.com/
Origin: https://creative.rmhfrtnd.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: nlQOj97GNk7lLMudsT2i/TbFoLgF7OX6nkfz9xtCE5W2caz16XEDcVKDrsJnFTg8+oypWQBnEBQ=
x-amz-request-id: DNJ3NFHTJTWQR7R6
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.rmhfrtnd.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 1838
expires: Thu, 18 Apr 2024 10:37:54 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a6215fcf569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.onclcktg.com/tags/169449?version_name=a | 45.133.44.24 | | 1.2 kB |
URL bid.onclcktg.com/tags/169449?version_name=a IP45.133.44.24:0 ASN#39572 DataWeb Global Group B.V.
Hash6223bf28508ce0c562a4f72d5147502b da5cebf0113b6ec92f01423a987816767980b2e0 45a9ce6eea2a191834b501f8a6a7f60ba16b8e1340e5ce84e068655125765359
GET /tags/169449?version_name=a HTTP/1.1
Host: bid.onclcktg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/json
content-length: 1170
server: nginx/1.24.0
cache-control: max-age=300, public
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI5NzczNTkxNyIsInNzcCI6Mzc1OCwic3BvdF9pZCI6NTQzMzE0LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjU0MzMxNCIsInBhZ2UiOiJodHRwczovL2JpZC5iaWRjbGlja21lZGlhLmNvbS8iLCJjYXQiOlsiSUFCMjUiXX0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjZ5ZHp1Znphbjl5cnduOGp3Z2JqcSJ9LCJleHQiOnsiZHQiOjE3MTM0MjIyNzQ0NzN9fQ== | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI5NzczNTkxNyIsInNzcCI6Mzc1OCwic3BvdF9pZCI6NTQzMzE0LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjU0MzMxNCIsInBhZ2UiOiJodHRwczovL2JpZC5iaWRjbGlja21lZGlhLmNvbS8iLCJjYXQiOlsiSUFCMjUiXX0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjZ5ZHp1Znphbjl5cnduOGp3Z2JqcSJ9LCJleHQiOnsiZHQiOjE3MTM0MjIyNzQ0NzN9fQ== IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI5NzczNTkxNyIsInNzcCI6Mzc1OCwic3BvdF9pZCI6NTQzMzE0LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjU0MzMxNCIsInBhZ2UiOiJodHRwczovL2JpZC5iaWRjbGlja21lZGlhLmNvbS8iLCJjYXQiOlsiSUFCMjUiXX0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjZ5ZHp1Znphbjl5cnduOGp3Z2JqcSJ9LCJleHQiOnsiZHQiOjE3MTM0MjIyNzQ0NzN9fQ== HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Thu, 18 Apr 2024 06:37:54 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://boloptrex.com/popunder/in/click/?mid=188209555238311319&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=f0dc0ab6d01182c09b633b667a7bcfde&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo
X-Firefox-Spdy: h2
|
|
| boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxNjQxNTAwNDg2Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1MjYzMjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTI2MzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNnlkenVmemFuOXlyd244andnYmpxIn0sImV4dCI6eyJkdCI6MTcxMzQyMjI3NDQ1Nn19 | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxNjQxNTAwNDg2Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1MjYzMjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTI2MzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNnlkenVmemFuOXlyd244andnYmpxIn0sImV4dCI6eyJkdCI6MTcxMzQyMjI3NDQ1Nn19 IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIxNjQxNTAwNDg2Iiwic3NwIjozNzU4LCJzcG90X2lkIjo1MjYzMjgsInJjaGFuZ2UiOmZhbHNlfX1dLCJzaXRlIjp7ImlkIjoiNTI2MzI4IiwicGFnZSI6Imh0dHBzOi8vYmlkLmJpZGNsaWNrbWVkaWEuY29tLyIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjEyODAsImgiOjEwMjR9LCJ1c2VyIjp7ImlkIjoiNnlkenVmemFuOXlyd244andnYmpxIn0sImV4dCI6eyJkdCI6MTcxMzQyMjI3NDQ1Nn19 HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Thu, 18 Apr 2024 06:37:54 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://boloptrex.com/popunder/in/click/?mid=2218748043967215840&pid=0&site=526328&sc=NO&usage_type=DCH&subid=1641500486&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=526328&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=36e7e5c0d339fed05ec8b35624d9ea72&score=230.15520421494335&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1641500486%26site_id%3D526328%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D526328%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D230.15520421494335%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo
X-Firefox-Spdy: h2
|
|
| boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI5NzczNTkxNyIsInNzcCI6Mzc1OCwic3BvdF9pZCI6NTQzMzE0LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjU0MzMxNCIsInBhZ2UiOiJodHRwczovL2JpZC5iaWRjbGlja21lZGlhLmNvbS8iLCJjYXQiOlsiSUFCMjUiXX0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjZ5ZHp1Znphbjl5cnduOGp3Z2JqcSJ9LCJleHQiOnsiZHQiOjE3MTM0MjIyNzQ1Mjl9fQ== | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI5NzczNTkxNyIsInNzcCI6Mzc1OCwic3BvdF9pZCI6NTQzMzE0LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjU0MzMxNCIsInBhZ2UiOiJodHRwczovL2JpZC5iaWRjbGlja21lZGlhLmNvbS8iLCJjYXQiOlsiSUFCMjUiXX0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjZ5ZHp1Znphbjl5cnduOGp3Z2JqcSJ9LCJleHQiOnsiZHQiOjE3MTM0MjIyNzQ1Mjl9fQ== IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI5NzczNTkxNyIsInNzcCI6Mzc1OCwic3BvdF9pZCI6NTQzMzE0LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjU0MzMxNCIsInBhZ2UiOiJodHRwczovL2JpZC5iaWRjbGlja21lZGlhLmNvbS8iLCJjYXQiOlsiSUFCMjUiXX0sImRldmljZSI6eyJ3IjoxMjgwLCJoIjoxMDI0fSwidXNlciI6eyJpZCI6IjZ5ZHp1Znphbjl5cnduOGp3Z2JqcSJ9LCJleHQiOnsiZHQiOjE3MTM0MjIyNzQ1Mjl9fQ== HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Thu, 18 Apr 2024 06:37:54 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://boloptrex.com/popunder/in/click/?mid=7733371789266578193&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=e58ea5991e96223911f523c7670d073b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo
X-Firefox-Spdy: h2
|
|
| www.animezeno.sbs/ | 104.21.47.57 | 200 OK | 1.3 kB |
IP104.21.47.57:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectanimezeno.sbs FingerprintD1:88:3B:4F:6E:24:62:91:E5:7C:D7:4B:24:7E:37:2C:B4:E6:81:07 ValidityFri, 12 Apr 2024 00:39:53 GMT - Thu, 11 Jul 2024 00:39:52 GMT
File typeHTML document, ASCII text, with very long lines (1014) Hash7b37bd4f62d715a0873bac41a0aa4f50 cc82e2e935fed4fdf428d295101fe51a9d835da6 41073afd70d67192731d0e6330e0c56eef44eac903dca4baa6b319d8a87928ed
GET / HTTP/1.1
Host: www.animezeno.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MeF%2FJJRgAB4CG84uZJpTrnivrP5%2BrNAGYSQjU%2BxpGQ3pVo6toJVITrjn7WaG9Gm7snblqpnYm8su1cNzN9pbcmt0iTir5VyMbAL5ZI2QSYm3P0tgg4EmkgfMVpXhqFWkNN309g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a6217f5e568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| creative.rmhfrtnd.com/widgets/AgeVerification/lang/en.json | 104.18.16.106 | | 323 kB |
URL creative.rmhfrtnd.com/widgets/AgeVerification/lang/en.json IP104.18.16.106:0
Size323 kB (323400 bytes) Hash9ffcdd312529a9b28e65156dd0014fdb 4133e29495bac1f320ecec0a17f9b9bb8d4f09bb 142fe2a082dfe43f2eab11533885dba53ecbad12813475b89aa518424bfc062f
GET /widgets/AgeVerification/lang/en.json HTTP/1.1
Host: creative.rmhfrtnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.rmhfrtnd.com/LPAkira?action=sbSignupWithModel&autoplay=allInFocus&autoplayForce=1&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&memberId=00000000-0000-0000-0000-000000000000&mlView=1&no_bb=1&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818
DNT: 1
Connection: keep-alive
Cookie: __cflb=0H28upDCGznfDm9XVE9Kb8v5TrfcnGBoGUSG5LfSwpY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/json
last-modified: Tue, 16 Apr 2024 15:40:30 GMT
etag: W/"661e9bee-f06"
expires: Thu, 18 Apr 2024 06:38:01 GMT
cache-control: max-age=10
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a620ee270b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| creative.rmhfrtnd.com/LPAkira/HelveticaNeue-Medium.ttf | 104.18.16.106 | | 256 kB |
URL creative.rmhfrtnd.com/LPAkira/HelveticaNeue-Medium.ttf IP104.18.16.106:0
File typeTrueType Font data, 18 tables, 1st "FFTM", 40 names, Macintosh Size256 kB (256020 bytes) Hash5d6f90814caed5e3c4d5e2bf78714fc6 88b761e46449399b29e10fb66dc73e63e59c3e93 70da8ef2f79c1da6a9c25c8935f04b8fcd44d80d7efd9f23feca51596811645e
GET /LPAkira/HelveticaNeue-Medium.ttf HTTP/1.1
Host: creative.rmhfrtnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/LPAkira/main.745f45a0e3f9de2d8204.css
Cookie: __cflb=0H28upDCGznfDm9XVE9Kb8v5TrfcnGBoGUSG5LfSwpY
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:55 GMT
content-type: application/octet-stream
content-length: 256020
last-modified: Tue, 16 Apr 2024 15:38:51 GMT
etag: "661e9b8b-3e814"
expires: Thu, 18 Apr 2024 06:38:01 GMT
cache-control: max-age=10
access-control-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a62328750b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| boloptrex.com/popunder/in/click/?mid=188209555238311319&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=f0dc0ab6d01182c09b633b667a7bcfde&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/popunder/in/click/?mid=188209555238311319&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=f0dc0ab6d01182c09b633b667a7bcfde&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=188209555238311319&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=f0dc0ab6d01182c09b633b667a7bcfde&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Thu, 18 Apr 2024 06:37:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| go.rmhfrtnd.com/config?url=https%3A%2F%2Fcreative.rmhfrtnd.com%2FLPAkira%3Faction%3DsbSignupWithModel%26autoplay%3DallInFocus%26autoplayForce%3D1%26campaignId%3D46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf%26campaignType%3Dsmartpop%26creativeId%3D12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c%26iterationId%3D833277%26masterSmartpopId%3D1603%26memberId%3D00000000-0000-0000-0000-000000000000%26mlView%3D1%26no_bb%3D1%26p1%3D64257%26p2%3D79559%26p3%3D36016%26ruleId%3D345%26smartpopId%3D4028%26sourceId%3D14866%26userId%3Da29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d%26variationId%3D32818 | 104.18.17.106 | | 1.6 kB |
URL go.rmhfrtnd.com/config?url=https%3A%2F%2Fcreative.rmhfrtnd.com%2FLPAkira%3Faction%3DsbSignupWithModel%26autoplay%3DallInFocus%26autoplayForce%3D1%26campaignId%3D46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf%26campaignType%3Dsmartpop%26creativeId%3D12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c%26iterationId%3D833277%26masterSmartpopId%3D1603%26memberId%3D00000000-0000-0000-0000-000000000000%26mlView%3D1%26no_bb%3D1%26p1%3D64257%26p2%3D79559%26p3%3D36016%26ruleId%3D345%26smartpopId%3D4028%26sourceId%3D14866%26userId%3Da29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d%26variationId%3D32818 IP104.18.17.106:0
Hash244ea4005c64fcce6564a49068ead089 6a3d041ebc9583dca4d1a267b5a23241c518cfec dfb37bc438c89fe1527bdf3b90aa8def0828328c3db8240e9c2969ea182b6856
GET /config?url=https%3A%2F%2Fcreative.rmhfrtnd.com%2FLPAkira%3Faction%3DsbSignupWithModel%26autoplay%3DallInFocus%26autoplayForce%3D1%26campaignId%3D46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf%26campaignType%3Dsmartpop%26creativeId%3D12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c%26iterationId%3D833277%26masterSmartpopId%3D1603%26memberId%3D00000000-0000-0000-0000-000000000000%26mlView%3D1%26no_bb%3D1%26p1%3D64257%26p2%3D79559%26p3%3D36016%26ruleId%3D345%26smartpopId%3D4028%26sourceId%3D14866%26userId%3Da29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d%26variationId%3D32818 HTTP/1.1
Host: go.rmhfrtnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.rmhfrtnd.com/
Origin: https://creative.rmhfrtnd.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/json
access-control-allow-origin: https://creative.rmhfrtnd.com
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
last-modified: Thu, 18 Apr 2024 05:57:58 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuDFRFiBZBvMSLtqFVfs5Aboo4dwjqSnY2TJQQvaqi; SameSite=None; Secure; path=/; expires=Fri, 19-Apr-24 06:37:54 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a6215a98b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| adeumssp.com/get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=ittostart.us_ds&pi= | 168.119.32.94 | | 8.5 kB |
URL adeumssp.com/get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=ittostart.us_ds&pi= IP168.119.32.94:0 ASN#24940 Hetzner Online GmbH
Hash9c62fa96a318bc12847155cc4ed7f145 809e1613a0d2fd0b88f6f31efa42af37a51f4750 d0d7383fd7ca184966c98b5422fa9411b267b0a6e634655d38bd0f194b96c29e
GET /get_rtb_ad?a=4&p=KnzF7PRx&c=6&t=3&d=2&s=ittostart.us_ds&pi= HTTP/1.1
Host: adeumssp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ittostart.us
DNT: 1
Connection: keep-alive
Referer: https://ittostart.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| boloptrex.com/popunder/in/click/?mid=7733371789266578193&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=e58ea5991e96223911f523c7670d073b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/popunder/in/click/?mid=7733371789266578193&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=e58ea5991e96223911f523c7670d073b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=7733371789266578193&pid=0&site=543314&sc=NO&usage_type=DCH&subid=97735917&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=543314&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=e58ea5991e96223911f523c7670d073b&score=1&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D97735917%26site_id%3D543314%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D543314%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D1%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Thu, 18 Apr 2024 06:37:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 172.67.39.148 | 200 OK | 6.0 MB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (360), with no line terminators Size6.0 MB (6014545 bytes) Hash48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rS6p7wFnFl7fkJw7fLG2A4znYwIH3MQ0wRM8iq4hiAUKTt95h0HUv0gE1X%2BxhNFe5NpA65SxgDVKQH2MWG8Tn0P%2BjYr297yGtzRJc%2FzpKzNH1%2BOg75hSsVnjZj9iezTg3kCEOC9X8UOzN6i49HViMtne"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15509
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6112f42b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| go.rmhfrtnd.com/abc.gif?action=sbSignupWithModel&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818&language=en&agev=0&nonNudeContent=0&stripcashR=0&thumbFit=cover&quality=original&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=5&segment=hls-newAPI&landing=LPAkira&referrer=https%3A%2F%2Fimpactserving.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A0%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A606%2C%22duration%22%3A101%2C%22transferSize%22%3A118062%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A606%2C%22duration%22%3A87%2C%22transferSize%22%3A13631%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A831%2C%22duration%22%3A240%2C%22transferSize%22%3A0%7D%5D&mh=-1504716399 | 104.18.16.106 | | 103 B |
URL go.rmhfrtnd.com/abc.gif?action=sbSignupWithModel&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818&language=en&agev=0&nonNudeContent=0&stripcashR=0&thumbFit=cover&quality=original&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=5&segment=hls-newAPI&landing=LPAkira&referrer=https%3A%2F%2Fimpactserving.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A0%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A606%2C%22duration%22%3A101%2C%22transferSize%22%3A118062%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A606%2C%22duration%22%3A87%2C%22transferSize%22%3A13631%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A831%2C%22duration%22%3A240%2C%22transferSize%22%3A0%7D%5D&mh=-1504716399 IP104.18.16.106:0
Hash8c99886486b9a004383cb4df29011c43 d79ca4754481fc59598bc08fcdf354900918bffe bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?action=sbSignupWithModel&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818&language=en&agev=0&nonNudeContent=0&stripcashR=0&thumbFit=cover&quality=original&thumbType=default&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=5&segment=hls-newAPI&landing=LPAkira&referrer=https%3A%2F%2Fimpactserving.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A0%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A606%2C%22duration%22%3A101%2C%22transferSize%22%3A118062%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A606%2C%22duration%22%3A87%2C%22transferSize%22%3A13631%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A831%2C%22duration%22%3A240%2C%22transferSize%22%3A0%7D%5D&mh=-1504716399 HTTP/1.1
Host: go.rmhfrtnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/
Cookie: __cflb=02DiuDFRFiBZBvMSLtqG3jTHqF85wnSu1KFuUvCLvYc4c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:55 GMT
content-type: image/gif
content-length: 103
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8762a62449de0b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| img.strpst.com/thumbs/1713422220/68330290_webp | 104.17.11.106 | | 4.0 kB |
URL img.strpst.com/thumbs/1713422220/68330290_webp IP104.17.11.106:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp Hash22d0865359408064d7a18eb626a1ce1f 44d9b509d2af47f82b0a98c07de5a192c888fccb b7e63fa0c9e0459efc15b7209a1c0d417c2777e9a3b7e2236aa18a50954863c2
GET /thumbs/1713422220/68330290_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:55 GMT
content-type: image/webp
content-length: 4040
etag: "22d0865359408064d7a18eb626a1ce1f"
last-modified: Thu, 18 Apr 2024 06:36:06 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 49
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a6277e80b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.strpst.com/thumbs/1713422220/72718184_webp | 104.17.11.106 | | 7.1 kB |
URL img.strpst.com/thumbs/1713422220/72718184_webp IP104.17.11.106:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp Hash09a38191493528a4ed4683411ea154ea dafea8792bac5c08e5dc748286e0722a60df485c 6db1a3b8a6e4c88c4667d151bb02bde5d069550a041288b3e7ceda0a7cdd02f5
GET /thumbs/1713422220/72718184_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:56 GMT
content-type: image/webp
content-length: 7144
etag: "09a38191493528a4ed4683411ea154ea"
last-modified: Thu, 18 Apr 2024 06:36:03 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 50
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a62d0c45b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.strpst.com/thumbs/1713422220/135905778_webp | 104.17.11.106 | | 10 kB |
URL img.strpst.com/thumbs/1713422220/135905778_webp IP104.17.11.106:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp Hash1436ef107608ee776be9bce176c73228 47b7c1f9673dce6cc34df1f2b4b2b976ec8b67c2 bc4f5d05432524bf78c2adc959c79e0c733c41425b3cfad3331fd998ae2957ae
GET /thumbs/1713422220/135905778_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:56 GMT
content-type: image/webp
content-length: 10082
etag: "1436ef107608ee776be9bce176c73228"
last-modified: Thu, 18 Apr 2024 06:36:40 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 51
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a62d1c58b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.strpst.com/thumbs/1713422220/72195463_webp | 104.17.11.106 | | 14 kB |
URL img.strpst.com/thumbs/1713422220/72195463_webp IP104.17.11.106:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp Hashd69519bad7205de69d0f635abfda87c0 1073f0358f7089d79252cbf6e042eaf7bc0129c9 7c71fcd2e291aa8dc75a9f8c05402a0657aff01f5ccc2bfb4aa21cdd6eb37294
GET /thumbs/1713422220/72195463_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:56 GMT
content-type: image/webp
content-length: 14202
etag: "d69519bad7205de69d0f635abfda87c0"
last-modified: Thu, 18 Apr 2024 06:36:11 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 40
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a62d1c4db509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img.strpst.com/thumbs/1713422220/90182656_webp | 104.17.11.106 | | 8.8 kB |
URL img.strpst.com/thumbs/1713422220/90182656_webp IP104.17.11.106:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp Hashaa5284b5fa1d1b62bf318071b4404e34 e58ab90ff3762c31724c2a5eaa9fc4d9fa528bf1 160e6f76e1fcd9b7d73095826b212d8b7bc63ba8b8bbc4b0c419d2d5f1a9c9a5
GET /thumbs/1713422220/90182656_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.rmhfrtnd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:56 GMT
content-type: image/webp
content-length: 8752
etag: "aa5284b5fa1d1b62bf318071b4404e34"
last-modified: Thu, 18 Apr 2024 06:36:13 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 50
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a62d3c70b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843z8832020053za200&_p=1713422271453&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1086035083.1713422272&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713422272&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&dt=Watch%2061563%20mp4&en=error_network&tfd=7519 | 216.239.34.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843z8832020053za200&_p=1713422271453&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1086035083.1713422272&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713422272&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&dt=Watch%2061563%20mp4&en=error_network&tfd=7519 IP216.239.34.36:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44f0v9104348843z8832020053za200&_p=1713422271453&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1086035083.1713422272&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713422272&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&dt=Watch%2061563%20mp4&en=error_network&tfd=7519 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Thu, 18 Apr 2024 06:37:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 172.67.39.148 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWKI1OdsgbKSSTP8GoOtOhOKwQZxTKwLszgx9k%2BDMGmsGKC5miCWXMTCDxhml1%2BDIyezqjP%2F1TFlvruSrPSHWyFchgoghrBAuphUoHmG9VP4ODKiD5REkfluPD1gVIjmFYN898HTH2wMXNp45zD%2BhTqy"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15509
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6116f7fb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offmantiner.com/?z=6120639&syncedCookie=true&rhd=false | 139.45.197.245 | 302 Found | 1.2 kB |
URL POST HTTP/2offmantiner.com/?z=6120639&syncedCookie=true&rhd=false IP139.45.197.245:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=6120639&syncedCookie=true&rhd=false HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 632
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/afu.php?zoneid=6120639&var=6120639&rid=IUzYL-eT4VvoQwPRHmPGTA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=008042431f5d4dc2e5d13fbd7e96868e; oaidts=1713422273
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 06:37:54 GMT
content-length: 0
location: https://intothespirits.com/click?trvid=12632&clickid=804713942223167595&cost=0.000035&language=en&creaid=20536676&zoneid=6120639&browserversion=96&os=linux&browser=firefox®ion=03&connection.type=broadband&osversion=unspecified_linux&subzone_id=0
x-trace-id: 775644f3ea57c8deb8fb2cae3d708c70
link: <https://intothespirits.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008042431f5d4dc2e5d13fbd7e96868e; expires=Fri, 18 Apr 2025 06:37:54 GMT; path=/; secure; SameSite=None
oaidts=1713422273; expires=Fri, 18 Apr 2025 06:37:54 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 25 Apr 2024 06:37:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| animewatch.onionlive.workers.dev/ | 104.21.9.35 | 200 OK | 1.8 kB |
URL GET HTTP/3animewatch.onionlive.workers.dev/ IP104.21.9.35:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT
File typeHTML document, ASCII text, with very long lines (1795), with no line terminators Hash9dc1e04cc7affd8cf80ad5feefa89210 4c11c71a6f83138bd24602a1c996ad82364573b1 654082713403f7d1acc1d1fdfb9fca90222fd0a411be1fb02f64e973cdf054b5
GET / HTTP/1.1
Host: animewatch.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9dkq%2B0zX6A8GUlWzXlqXVrIWEAwDQVDUto6zhF4iUDqaweOP%2BgUouBu4k1y%2BbBXriBHuSP8wZGAUkQ2NvbwyJ7XojIglab5LrNeD56xOmAFrzXk%2FpEyWh%2Bv%2B48jBoLO71HqYulrqqW1Euykl1d%2BUrlKNEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a6196b8056b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5ce30f7181d5dcc5c28d2653254ff85f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 06:37:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zqx2LTuFtHwNpRzaRPJSoY6%2FPDPlrgukCP3fhcqOLzmujucXarXDruhdxUrTzh2tcpYXEtzEns9a7Xj%2FbZZWiUhJn41LHyoNpBBs6GAtgPEVu%2BPTryvImM89xwlJ72mHQCXRflvCVBSUWJJMXbtEog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a613ea1356a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| meetbenjen.com/in/p/?spot_id=526328&cat=25&sub_id=1641500486 | 109.206.191.198 | 200 OK | 5.4 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=526328&cat=25&sub_id=1641500486 IP109.206.191.198:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5503), with no line terminators Hashc93262c2ba43d620e629755515ea0af9 860185c9c340cfc04276feb70628f0cf3bef7dd8 52638b6f9e9771e5922eb5f3542b30a9ad25cc503d88c810cfff20a6dc0084e4
GET /in/p/?spot_id=526328&cat=25&sub_id=1641500486 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
set-cookie: 1095.0=1; expires=Fri, 19 Apr 2024 06:37:54 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=543314&cat=25&sub_id=97735917 | 109.206.191.198 | 200 OK | 5.4 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=543314&cat=25&sub_id=97735917 IP109.206.191.198:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5503), with no line terminators Hashc93262c2ba43d620e629755515ea0af9 860185c9c340cfc04276feb70628f0cf3bef7dd8 52638b6f9e9771e5922eb5f3542b30a9ad25cc503d88c810cfff20a6dc0084e4
GET /in/p/?spot_id=543314&cat=25&sub_id=97735917 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: 1095.0=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Fri, 19 Apr 2024 06:37:54 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| myliveforyoudreder.com/vidozza.js | 104.21.40.134 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP104.21.40.134:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1633
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHKSs%2Bhbi%2Fa75xxb2JpqTISZ6zFccoK422PZYILU%2BJZYtlcZCjThDGw7g%2FvfuxvTiYn36B1s1D4iaZBSC9p%2F3bnJH%2F%2FN5cQUYA8ceIAdTAuQPXJI76LP3z3TvUIAlRdk9%2BX1NgBww9ry"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a610ac3bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://becast.onionlive.workers.dev/
|
|
| tr.7vid.net/api/users/88464?v2=1&fill=0&kw=61563%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2tr.7vid.net/api/users/88464?v2=1&fill=0&kw=61563%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/users/88464?v2=1&fill=0&kw=61563%2Cmp4&i=1&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: nauid=xYcRxHKmttWPe5oyEjM8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NaSewwDk8OVcw%2B77zpgrBKvG4Lbee1uj%2F5p7u%2BKFS9IFVdShGpK0FiR5gnpNRk3%2BDKxn3HVUVZbE8lfZtrsRZkDA6eZvpMYrZJ4ZmDmmVZRCe80DdoKz6V3wL55GM9JjR8BoIu6sK1g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60f5c5c1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| boloptrex.com/popunder/in/click/?mid=2218748043967215840&pid=0&site=526328&sc=NO&usage_type=DCH&subid=1641500486&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=526328&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=36e7e5c0d339fed05ec8b35624d9ea72&score=230.15520421494335&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1641500486%26site_id%3D526328%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D526328%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D230.15520421494335%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo | 94.130.197.239 | 302 Found | 0 B |
URL GET HTTP/2boloptrex.com/popunder/in/click/?mid=2218748043967215840&pid=0&site=526328&sc=NO&usage_type=DCH&subid=1641500486&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=526328&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=36e7e5c0d339fed05ec8b35624d9ea72&score=230.15520421494335&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1641500486%26site_id%3D526328%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D526328%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D230.15520421494335%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo IP94.130.197.239:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=2218748043967215840&pid=0&site=526328&sc=NO&usage_type=DCH&subid=1641500486&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=526328&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.0984&placement_type_id=7&skin_test=&verify_hash=36e7e5c0d339fed05ec8b35624d9ea72&score=230.15520421494335&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.0984&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D1641500486%26site_id%3D526328%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D526328%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D230.15520421494335%26bf%3D0.0984%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo HTTP/1.1
Host: boloptrex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Thu, 18 Apr 2024 06:37:55 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=1641500486&site_id=526328&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=526328&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=230.15520421494335&bf=0.0984&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| tidyllama.com/click?a=85ho&e=gAAAAABmIL_A7K8zBuH0Ot9DU91Cls9MYsZF_vV3wd9S4j4BrQeH__132UGZFEpQfl4hRiHWORPlhYxEKO-fZcIS6GqHrl7RfL_eS2ZSx9V-JG13P6qlybl_gspy8Qjnf0NUutql-fTAWRNDxkbAWO1EXms4rbP6kGG0664t16jmeVzSM07L0EnFVBlBjY8l6xd_dMr-piEVIvxF6BbygNHsMISt46e1qsRBS0DZnweq-VWXgP9UOoUzROZnwWv2HkCCbkK9kMNdGhhPX0ZDEA5bmiqetqocQyh9-rLxrykNIrYM9DrAutQEzWuAkB-dX1rpvldKxSxzMaKKt2iOwLxCFznuUbvKoe2w3NV4nmvm1lDtNagQR5H2RuTyHRNpGLaSo6-tYe2Zp-uiMH-stcJgMih8_cMbpez93i4NjnaME5Kd8oyguXT4aykgEgw_nlIw5A1sKtFrIEGwCybOKCN1Olhp6rDQXv-wDoeyrfiOENwb5blqEfA%3D | 178.63.99.108 | 200 OK | 2.4 kB |
URL GET HTTP/2tidyllama.com/click?a=85ho&e=gAAAAABmIL_A7K8zBuH0Ot9DU91Cls9MYsZF_vV3wd9S4j4BrQeH__132UGZFEpQfl4hRiHWORPlhYxEKO-fZcIS6GqHrl7RfL_eS2ZSx9V-JG13P6qlybl_gspy8Qjnf0NUutql-fTAWRNDxkbAWO1EXms4rbP6kGG0664t16jmeVzSM07L0EnFVBlBjY8l6xd_dMr-piEVIvxF6BbygNHsMISt46e1qsRBS0DZnweq-VWXgP9UOoUzROZnwWv2HkCCbkK9kMNdGhhPX0ZDEA5bmiqetqocQyh9-rLxrykNIrYM9DrAutQEzWuAkB-dX1rpvldKxSxzMaKKt2iOwLxCFznuUbvKoe2w3NV4nmvm1lDtNagQR5H2RuTyHRNpGLaSo6-tYe2Zp-uiMH-stcJgMih8_cMbpez93i4NjnaME5Kd8oyguXT4aykgEgw_nlIw5A1sKtFrIEGwCybOKCN1Olhp6rDQXv-wDoeyrfiOENwb5blqEfA%3D IP178.63.99.108:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subjecttidyllama.com Fingerprint3D:18:B7:36:50:EF:95:7B:2F:C8:1D:A4:B8:59:76:2D:03:B0:56:52 ValidityTue, 12 Dec 2023 00:00:00 GMT - Thu, 12 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2470), with no line terminators Hash02ef109b4d9d2a0ef8c10a816d1ba1aa 77eba91850dd365fe5e246d27a06dd2b73e1470b 554f9df5c098af2da4e849be5c23a93ca87eb7e33ceee112e11921de8802aaa9
GET /click?a=85ho&e=gAAAAABmIL_A7K8zBuH0Ot9DU91Cls9MYsZF_vV3wd9S4j4BrQeH__132UGZFEpQfl4hRiHWORPlhYxEKO-fZcIS6GqHrl7RfL_eS2ZSx9V-JG13P6qlybl_gspy8Qjnf0NUutql-fTAWRNDxkbAWO1EXms4rbP6kGG0664t16jmeVzSM07L0EnFVBlBjY8l6xd_dMr-piEVIvxF6BbygNHsMISt46e1qsRBS0DZnweq-VWXgP9UOoUzROZnwWv2HkCCbkK9kMNdGhhPX0ZDEA5bmiqetqocQyh9-rLxrykNIrYM9DrAutQEzWuAkB-dX1rpvldKxSxzMaKKt2iOwLxCFznuUbvKoe2w3NV4nmvm1lDtNagQR5H2RuTyHRNpGLaSo6-tYe2Zp-uiMH-stcJgMih8_cMbpez93i4NjnaME5Kd8oyguXT4aykgEgw_nlIw5A1sKtFrIEGwCybOKCN1Olhp6rDQXv-wDoeyrfiOENwb5blqEfA%3D HTTP/1.1
Host: tidyllama.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1762a"
expires: Sat, 18 May 2024 06:28:28 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 111 kB |
URL GET HTTP/2videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size111 kB (111387 bytes) Hash6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-1b31b"
expires: Sat, 18 May 2024 06:34:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| str36.vidoza.net/nvl4hxe5pqfeieno3uaangffgyxx6zy73imvldf3dzfnumeaoe66nyg4oypa/v.mp4 | 109.202.99.228 | 206 Partial Content | 0 B |
URL GET HTTP/2str36.vidoza.net/nvl4hxe5pqfeieno3uaangffgyxx6zy73imvldf3dzfnumeaoe66nyg4oypa/v.mp4 IP109.202.99.228:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4hxe5pqfeieno3uaangffgyxx6zy73imvldf3dzfnumeaoe66nyg4oypa/v.mp4 HTTP/1.1
Host: str36.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: video/mp4
content-length: 6014310
last-modified: Thu, 18 Apr 2024 06:33:44 GMT
etag: "6620bec8-5bc566"
content-range: bytes 0-6014309/6014310
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8967ef3d426ad56053211da9b27d05a5
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 06:37:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Wm%2FPWQl9MMNN0K7NT2FZ4aRZD2RKyQQ7YlVdhsUSUwjUwo45TMG7Ugtm3OGovGM46XgbwqmxkRQmyKd7dxgPMiu83fBFQaVoTe3YPC4LFuSVRlWq%2FohUQTE1%2F5jsF66%2By7xfv1rljt4EMdYyUr3ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a60fbfdc56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 5.4 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=543314&cat=25&sub_id=97735917
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 203 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Size203 kB (203027 bytes) Hasheff52328f9fe0ff67b7ec68406e0e247 6c86633679e97883aaae56c624c3b7a70192070f f0c634e792c6c50e6feaf47c818d1d85329e658acabe4dee567b7aedcdca37da
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 06:37:51 GMT
expires: Thu, 18 Apr 2024 06:37:51 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 71925
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwK57c%2F98oIgE9QLUYXzWYrH2FXltRxN1BRsDguRXUSqsdbD2%2BOYSFuwuP5PvrYl59LPXUCplU%2FeFOIvTj%2FS6%2FjSm84UIXhNenC9Ofxk4x2OvfQfMSIbxXtPIFwhY7GqWWXAcbGp82E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60f7c861c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| becast.onionlive.workers.dev/ | 104.21.9.35 | 200 OK | 1.4 kB |
URL GET HTTP/2becast.onionlive.workers.dev/ IP104.21.9.35:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT
File typeHTML document, ASCII text, with very long lines (1382), with no line terminators Hashf00afc8448987fa11d44221fa5292cae 9f4c400dce037e70bcb6db008b9419b99bdcb42e 1363ed26fa6dfa94a18ffef1fc03bf9e8be0ea9e769c641dd052bc8b77fc6891
GET / HTTP/1.1
Host: becast.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shOFF7HtrC6GozP66tnRSTJdBh55JIdm34fZ1dfDSQ46YbrgARE8%2Fjlgby1K%2Fuw3Zj9XI5z7LOFFAm8zv3tJCHShJP9%2FcMwcUZN48AIahlXLMKacEuo%2BLw6fefZdPi2bB2MEiXE89m1kLhnmYa%2Bq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a6181910b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels= | 0.0.0.0 | | 0 B |
URL GET popdemission.com/in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels= IP0.0.0.0:0
Requested byhttps://videzz.net/rk91hga5cy41.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| hoddlegamey.com/itLmTlMrHisAt/67652 | 23.109.170.77 | 200 OK | 52 B |
URL GET HTTP/1.1hoddlegamey.com/itLmTlMrHisAt/67652 IP23.109.170.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecthoddlegamey.com Fingerprint1B:5C:15:27:EF:A2:01:71:8F:CD:3B:D3:3A:95:06:2B:03:02:7D:1E ValidityTue, 13 Feb 2024 00:12:16 GMT - Mon, 13 May 2024 00:12:15 GMT
File typeHTML document, ASCII text, with no line terminators Hash86733bb66fb84b851592d733e51f0cbd 42eaf19a5ca195667a9212b0ea3557eee76954a8 927676bdf7f1bdcd71f06cc0d9fa573791b12c905629d806851624687c4b4a0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /itLmTlMrHisAt/67652 HTTP/1.1
Host: hoddlegamey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://animewatch.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:37:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Fri, 19-Apr-2024 06:37:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Fri, 19-Apr-2024 06:37:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7 | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7 IP104.18.10.207:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5a80fdb25a1f4c70c38767b1307ad4b6
cdn-cache: HIT
cf-cache-status: HIT
age: 12456562
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6087eec56b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-29645"
expires: Sat, 18 May 2024 06:30:49 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1; file_id=37956103; aff=202079; _ga_HEX1BG8H46=GS1.1.1713422272.1.0.1713422272.60.0.0; _ga=GA1.1.1086035083.1713422272; sb_main_9785383bf0d8f2fb611d938245088565=1; sb_count_9785383bf0d8f2fb611d938245088565=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-47e"
expires: Sat, 18 May 2024 06:30:54 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.o333o.com/vast-im.js | 54.230.111.62 | 200 OK | 310 kB |
IP54.230.111.62:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
Size310 kB (310487 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: IE7inRQu6eeTlDv3aOWDu4q65w1OKl5i8UU1rSCfv81bj1pMJTdTxg==
age: 594369
X-Firefox-Spdy: h2
|
|
| creative.rmhfrtnd.com/LPAkira?action=sbSignupWithModel&autoplay=allInFocus&autoplayForce=1&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&memberId=00000000-0000-0000-0000-000000000000&mlView=1&no_bb=1&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818 | 104.18.16.106 | 200 OK | 1.2 kB |
URL GET HTTP/2creative.rmhfrtnd.com/LPAkira?action=sbSignupWithModel&autoplay=allInFocus&autoplayForce=1&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&memberId=00000000-0000-0000-0000-000000000000&mlView=1&no_bb=1&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818 IP104.18.16.106:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectrmhfrtnd.com Fingerprint95:AA:CE:CD:C6:90:DF:41:90:57:91:42:D3:72:42:16:26:61:2D:61 ValidityMon, 25 Mar 2024 15:18:08 GMT - Sun, 23 Jun 2024 15:18:07 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1231), with no line terminators Hasha7a313354c5ca6b3d2e33c541042b59c 148a26cd238c62c650cb4a53875fcae409fe5ab3 e001e46a960b576950e24dd8a6c649ca7d5be8a9f97d65f13c2d5c9c9d3255f3
GET /LPAkira?action=sbSignupWithModel&autoplay=allInFocus&autoplayForce=1&campaignId=46bac198e84ccd4440e7f474b8c1be5d2a1fedc65b84ab48795350550a4f64cf&campaignType=smartpop&creativeId=12036f42ace491ec5774cf25375046521201474515efad1c518630c6115a420c&iterationId=833277&masterSmartpopId=1603&memberId=00000000-0000-0000-0000-000000000000&mlView=1&no_bb=1&p1=64257&p2=79559&p3=36016&ruleId=345&smartpopId=4028&sourceId=14866&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=32818 HTTP/1.1
Host: creative.rmhfrtnd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://impactserving.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html
last-modified: Tue, 16 Apr 2024 15:38:51 GMT
expires: Thu, 18 Apr 2024 06:38:00 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
set-cookie: __cflb=0H28upDCGznfDm9XVE9Kb8v5TrfcnGBoGUSG5LfSwpY; SameSite=None; Secure; path=/; expires=Fri, 19-Apr-24 06:37:53 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762a61c2bb95691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-26cb6"
expires: Sat, 18 May 2024 06:33:24 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.animezeno.sbs/
|
|
| str36.vidoza.net/nvl4hxe5pqfeieno3uaangffgyxx6zy73imvldf3dzfnumeaoe66nyg4oypa/v.mp4 | 109.202.99.228 | 206 Partial Content | 6.0 MB |
URL GET HTTP/2str36.vidoza.net/nvl4hxe5pqfeieno3uaangffgyxx6zy73imvldf3dzfnumeaoe66nyg4oypa/v.mp4 IP109.202.99.228:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Size6.0 MB (6014310 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4hxe5pqfeieno3uaangffgyxx6zy73imvldf3dzfnumeaoe66nyg4oypa/v.mp4 HTTP/1.1
Host: str36.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: video/mp4
content-length: 6014310
last-modified: Thu, 18 Apr 2024 06:33:44 GMT
etag: "6620bec8-5bc566"
content-range: bytes 0-6014309/6014310
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| ittostart.us/?utm_source=ds | 104.21.68.201 | 200 OK | 8.8 kB |
URL GET HTTP/2ittostart.us/?utm_source=ds IP104.21.68.201:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectittostart.us Fingerprint9A:AA:E6:7F:AA:7A:3B:35:C6:89:DA:5C:6D:3A:38:2E:DA:9F:28:F9 ValidityWed, 28 Feb 2024 10:49:21 GMT - Tue, 28 May 2024 10:49:20 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (9181), with no line terminators Hash2f5a571a4e324159566577d3af3c0f83 5358ab39f8de255839b7694e4933e81c81875094 91210fe7b8f08e59c08226c77022738c472a080e2f3703f85ef4142d989b64b0
GET /?utm_source=ds HTTP/1.1
Host: ittostart.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tidyllama.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TrLFJs6PWOQQmXj8cjEoDoVIVRTvakTBEc8q%2BwgRSNbYu2Nxups%2ByjGv3EMpewbAtZxuJn8nOvxrL%2Fkw12rciZ8VhM2xRbXMZ%2FCgHscHsB6RnJwKb37ooO6i7nEvZTw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a61a8a420b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOysn4ifyuYzPPgdK494jdGOh5pKT5wVw4McbUnoGG9P8pBCZNy9bBIoDeLN5fnrmjk01UOFw18KEy%2BwWl11hC2mqmdQ9CQy3PgLCCWIyGrHHy0l1uhryFyKLZSNSc3F2KzTK6JUSL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60f7c831c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 172.67.39.148 | 200 OK | 429 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (439), with no line terminators Hash874e1638740e061f9fa55eda3180724c 108a7e30fa0f7d50b961845ec970a2745f3c821f d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6GJdn8sjfSnuFPLDtJ%2FQfURHSV9%2BVKFPN%2BoVMIE1WLd%2FjnFWUFJ2yQt7T11BUY%2FmaD3PEQ7eEP6%2Bz96%2BX%2BOzAKq%2BjuM95%2B0V1zYfujak10jOE9EJBhjR6qVVwcABhbLdH5ABU1D%2FXBghUl5L%2FyVYWLhC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15509
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6112f3cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/0YDX8OE IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5RjJgYmgOSdysgjPRzjqStSZDfj46UxC7pLDh2bgbtpTRHfB22HhXLkT9hYMcrC7sEipSI8emGE0%2FeaYpsITcpN%2FRsBb5C3QGHOWSJGPjEv6uEHQjgzKvm9aDuH64NdSRMHmTGEU580%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60f5c511c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| intothespirits.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs0SmlZdD9hZj00eUwyVnJRb1VqSHciLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 | 3.126.48.135 | 200 OK | 693 B |
URL GET HTTP/2intothespirits.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs0SmlZdD9hZj00eUwyVnJRb1VqSHciLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 IP3.126.48.135:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectintothespirits.com Fingerprint42:86:B7:FB:4F:91:02:C7:75:E2:06:41:56:85:74:4B:D8:97:BE:C3 ValidityMon, 25 Mar 2024 22:01:23 GMT - Sun, 23 Jun 2024 22:01:22 GMT
File typeHTML document, ASCII text, with very long lines (731), with no line terminators Hashed9f1d34994f4f441f92f53f6faa9b73 48d9ab8079d41b7bed5eea1c01c964a6fececfde 54875093cebf15404e908fe46c91541fe944a90ef525b958c89d0ac137effbed
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRGs0SmlZdD9hZj00eUwyVnJRb1VqSHciLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjQxMDV9 HTTP/1.1
Host: intothespirits.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_2SU-2_jNgzH_5WAP22A4Ui24zQ6GIdeir3Qx4auhw0YUCgS7WpVJEMPX3KP_32Q7QTZ9TeT_IqkqA_9BQZ0XlkDDGhOcgIZhGOPwEgGPu7-PH0LawZ0ASWwlmuPGQitxOuvEhhUx9vio_vDPv37yyfIQPKAwOiallVRFOsqA8H3PVedSWpa1GWRgfLb36_PuZwNPCg7Coq6LDNwUWOySAYOpXIowh2GFyuBrTLwNjoxxmkGmhupTDerZ-vJaWAAGdi2RTcVvlplsHPciJdZO8Ym5UsIvWfLpc_He-VcKzz0Dr3Phd0vcfl881r9pv4O73nbfHdhYX2YOx3QxGlgPT_amNw5nQtto3NoxBEYPD3eQAbRqYvKygQbXtD3yqkwVR1beR_coGQzzu2fSEhRj24lmytSrWm5SVMuab1ebVZz3PrQkJwQQsrZpbnpIu-wQTNrHHIlm4Ksyrpe15PzszWoZFPTgtTlZvLtnP3k0c2YNJtZan2jlYmH_4maVjls7ex02KUTpDx1ZQyK9Mp5IqzZOcvljht5SngqEY3vUahWoXy-qOHjLvX3rGSTKFX9tZTpfYDBhuYbkldFTlfVZaieEIge3XWHJgCDO_tZac2Xq5wsfviL0neL21Ricbiqn-vq3cINbFPn5MfFzyhe7bIglBBK6OKn6WbLFIT00i06dFN-iYMSeF4Vm1oasyb8_MfzgkHCbxwUMJgTno9_cNzIy3x3VqK-dNzzPU62mGrBlu80Lm8eb9OlfQ8MPmh1WDxaHdOc_chmNMEl5u4fxr67qZf7h69fH7y2i20SHJNSheNFABLCDk3YJtrmXXKqU-a2v3AFx43nYlpeD8xErTMQ0Qe7B_Zl3g040QgZ4CGgM1yPv463CEMGAwEGaNIXBQYnRpNdAIMZz2SW6fHHQAUM9DzzYQUM2vN8h4QBKdPXGhicuUuOK2DwhrcU2KQz8O3bfwEAAP__q2SteSEFAAA=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:55 GMT
content-type: text/html; charset=utf-8
content-length: 693
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
X-Firefox-Spdy: h2
|
|
| videzz.net/rk91hga5cy41.html | 78.142.18.54 | 200 OK | 50 kB |
URL User Request GET HTTP/2videzz.net/rk91hga5cy41.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rk91hga5cy41.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Wed, 17 Apr 2024 06:37:50 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Wed, 19-Apr-2023 06:37:50 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0&i=1&kw=61563%2Cmp4&s1=202079 | 135.181.208.216 | 200 OK | 657 B |
URL GET HTTP/2tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0&i=1&kw=61563%2Cmp4&s1=202079 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (791), with no line terminators Hash52455838a7b7dd8adbc6d78c692b61d5 14b1a581279d8532eb7532ccc5864dae19bb9b36 8e3a93141e2da66bf3a7b225ed062a14da5e50c7da3caebaf24582f6e650b725
GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Frk91hga5cy41.html&sid=5c19ae11-e04d-406d-93b0-36768b2928b0&i=1&kw=61563%2Cmp4&s1=202079 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=xYcRxHKmttWPe5oyEjM8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/social/viber_button.png | 78.142.18.54 | 200 OK | 7.6 kB |
URL GET HTTP/2videzz.net/images-newtheme/social/viber_button.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 250 x 95, 8-bit colormap, non-interlaced Hash36454bc0a71ba0919c38f4b072ea1792 b90bd02d15eb470070f5767b12f8879cfa54033f 795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: image/png
content-length: 7583
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-1d9f"
expires: Sat, 18 May 2024 06:27:54 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| impactserving.com/Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_f9481244-d87c-41c7-a1fe-88286ca73334&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=6AWUDNqBdWAaupIDrYJ6PpfnFcXZYma587HmH3FQMLo3nFFRGSu426JR_k-TyL80IyDwJwKSQ8QuvU3gnCJLd5NhId65iZcbCjYKaNCT-Zna3rloj-d8jMElHR0X55GdDGyz71gsQtxEf1EwsrpG-bsf7Z6u89OOntyc0wFoEBGZlAzdRGJ05wMblFUCbZ9vM4K2we47i-Ys7nytEF6OTrABCacU0uEvqirctaaxMYlQ8EvLwD-0BGclj9trO77miWZRviFSYLTzGx7wxkMjJVwu2PoTSC_p9THRrpq8qT8mBBciul3MU4g-S3CsUhdCiQqoo9A_3NV93Ef6Y-cfIUMNKWK2raPe4Zy7YPTyq8FaVyakr2d6nVy0bIRvrcriK0XccD1LT6Q73BEovZunTiF5XZ_RN3O1pnlFKDVIYdnPUj9mnfgRtUNW8PaPZ0JOCklPPO0gSntEYo8Nd_goXUdC8HcMp-hHtrXkGaOdThuTflJ4DsQu2uEMHGl9uHEcigrJDQOps_qqveY3xJcTJv6-vfvEVe1D2bQ0Q3DPck3Wqj8lq3ZgD2ddbTFOz1V6y5ivNBSaZ2-J4plKW2cC9FrlTeh1Lu2Jy9tYjPefOtjdl1Uy6gbPL1BHWVKBgR8skaOysBDRomFc5DaYllXK3cAPO1zgjIMmL6xjcpU7hYde0bRk3C1DuwiXSYs1kSBAwT6agsUL-7trLlxIQQllK1jsHgPaXLR9ruH0Gin_A2h_oWVioRE5lfoCu6cfZbOQjnJAvT95ppOwcC-Rv6QLBR6EurnGRcyanq0lyaCugnE6ViuS5USgcXC2GWmMP3cyAYYs9knMT678AhlfKo5PJkBADMT4TEROrmoA7iplO1FNlPEE07genHKLtQI-34eqossV_4CCh7B51Wl0OrcR7QirUgvGnGwo2DlUZQCr2EdjRrq8niiJ2ENFlrLfOlrDAg2ioVf6mLkl1HoJsaHUJFtMgKM9AaFYacmw60uWBi81&kw=&mw=1024&mh=768&xml=1&at= | 104.16.79.217 | 200 OK | 409 B |
URL GET HTTP/2impactserving.com/Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_f9481244-d87c-41c7-a1fe-88286ca73334&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=6AWUDNqBdWAaupIDrYJ6PpfnFcXZYma587HmH3FQMLo3nFFRGSu426JR_k-TyL80IyDwJwKSQ8QuvU3gnCJLd5NhId65iZcbCjYKaNCT-Zna3rloj-d8jMElHR0X55GdDGyz71gsQtxEf1EwsrpG-bsf7Z6u89OOntyc0wFoEBGZlAzdRGJ05wMblFUCbZ9vM4K2we47i-Ys7nytEF6OTrABCacU0uEvqirctaaxMYlQ8EvLwD-0BGclj9trO77miWZRviFSYLTzGx7wxkMjJVwu2PoTSC_p9THRrpq8qT8mBBciul3MU4g-S3CsUhdCiQqoo9A_3NV93Ef6Y-cfIUMNKWK2raPe4Zy7YPTyq8FaVyakr2d6nVy0bIRvrcriK0XccD1LT6Q73BEovZunTiF5XZ_RN3O1pnlFKDVIYdnPUj9mnfgRtUNW8PaPZ0JOCklPPO0gSntEYo8Nd_goXUdC8HcMp-hHtrXkGaOdThuTflJ4DsQu2uEMHGl9uHEcigrJDQOps_qqveY3xJcTJv6-vfvEVe1D2bQ0Q3DPck3Wqj8lq3ZgD2ddbTFOz1V6y5ivNBSaZ2-J4plKW2cC9FrlTeh1Lu2Jy9tYjPefOtjdl1Uy6gbPL1BHWVKBgR8skaOysBDRomFc5DaYllXK3cAPO1zgjIMmL6xjcpU7hYde0bRk3C1DuwiXSYs1kSBAwT6agsUL-7trLlxIQQllK1jsHgPaXLR9ruH0Gin_A2h_oWVioRE5lfoCu6cfZbOQjnJAvT95ppOwcC-Rv6QLBR6EurnGRcyanq0lyaCugnE6ViuS5USgcXC2GWmMP3cyAYYs9knMT678AhlfKo5PJkBADMT4TEROrmoA7iplO1FNlPEE07genHKLtQI-34eqossV_4CCh7B51Wl0OrcR7QirUgvGnGwo2DlUZQCr2EdjRrq8niiJ2ENFlrLfOlrDAg2ioVf6mLkl1HoJsaHUJFtMgKM9AaFYacmw60uWBi81&kw=&mw=1024&mh=768&xml=1&at= IP104.16.79.217:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectimpactserving.com FingerprintD9:04:86:A2:90:A6:8B:E0:A8:02:17:F0:5F:E9:A4:20:80:AB:F4:F8 ValiditySun, 10 Mar 2024 00:37:12 GMT - Sat, 08 Jun 2024 00:37:11 GMT
File typeHTML document, ASCII text, with very long lines (429), with no line terminators Hashec5414d2807066a48c02f81413d0c0dd 84a8a4580ea1f73188ff33cbec78ae9a54881266 cc823c3d784586a49ef6ceb3ba6d7f6a7aea3134ef18128c56b293e5991ceef3
GET /Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_f9481244-d87c-41c7-a1fe-88286ca73334&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=6AWUDNqBdWAaupIDrYJ6PpfnFcXZYma587HmH3FQMLo3nFFRGSu426JR_k-TyL80IyDwJwKSQ8QuvU3gnCJLd5NhId65iZcbCjYKaNCT-Zna3rloj-d8jMElHR0X55GdDGyz71gsQtxEf1EwsrpG-bsf7Z6u89OOntyc0wFoEBGZlAzdRGJ05wMblFUCbZ9vM4K2we47i-Ys7nytEF6OTrABCacU0uEvqirctaaxMYlQ8EvLwD-0BGclj9trO77miWZRviFSYLTzGx7wxkMjJVwu2PoTSC_p9THRrpq8qT8mBBciul3MU4g-S3CsUhdCiQqoo9A_3NV93Ef6Y-cfIUMNKWK2raPe4Zy7YPTyq8FaVyakr2d6nVy0bIRvrcriK0XccD1LT6Q73BEovZunTiF5XZ_RN3O1pnlFKDVIYdnPUj9mnfgRtUNW8PaPZ0JOCklPPO0gSntEYo8Nd_goXUdC8HcMp-hHtrXkGaOdThuTflJ4DsQu2uEMHGl9uHEcigrJDQOps_qqveY3xJcTJv6-vfvEVe1D2bQ0Q3DPck3Wqj8lq3ZgD2ddbTFOz1V6y5ivNBSaZ2-J4plKW2cC9FrlTeh1Lu2Jy9tYjPefOtjdl1Uy6gbPL1BHWVKBgR8skaOysBDRomFc5DaYllXK3cAPO1zgjIMmL6xjcpU7hYde0bRk3C1DuwiXSYs1kSBAwT6agsUL-7trLlxIQQllK1jsHgPaXLR9ruH0Gin_A2h_oWVioRE5lfoCu6cfZbOQjnJAvT95ppOwcC-Rv6QLBR6EurnGRcyanq0lyaCugnE6ViuS5USgcXC2GWmMP3cyAYYs9knMT678AhlfKo5PJkBADMT4TEROrmoA7iplO1FNlPEE07genHKLtQI-34eqossV_4CCh7B51Wl0OrcR7QirUgvGnGwo2DlUZQCr2EdjRrq8niiJ2ENFlrLfOlrDAg2ioVf6mLkl1HoJsaHUJFtMgKM9AaFYacmw60uWBi81&kw=&mw=1024&mh=768&xml=1&at= HTTP/1.1
Host: impactserving.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:53 GMT
set-cookie: IKSR=%7B%7D; path=/; secure; samesite=none
INF_DFL8=false; path=/; secure; samesite=none
IUID=318f2aa3-33e9-40c8-aedb-daed20fb9f82; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none
ISSH=72B809; path=/; secure; samesite=none
VMI=c843bd7b-0215-4621-84d2-6edfbb957de4; path=/; secure; samesite=none
IPLH=%23%7B%2264257%22%3A%5B%7B%22SId%22%3A%2272B809%22%2C%22D%22%3A%2224%2F4%2F17T23%3A37%3A53%22%7D%5D%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IPLH_Q=%23%5B64257%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
CHN=%23%5B%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
MSSH=%23%7B%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
MSRH=%23%7B%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ILP=null; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none
ILPLU=%231%2F1%2F0001%2012%3A00%3A00%20AM; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ILEALC=%231%2F1%2F0001%2012%3A00%3A00%20AM; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ILMPF=%23False; expires=Thu, 18 Apr 2024 10:37:53 GMT; path=/; secure; samesite=none; httponly
IPMPLU=%231%2F1%2F0001%2012%3A00%3A00%20AM; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IPMUID=%23; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
BSWUID=%23; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IKSR=%7B%7D; path=/; secure; samesite=none
IBL=%23%5B%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none
IPLSH=%23%7B%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IPLSH_Q=%23%5B%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IZH=%23%7B%2260545%22%3A%5B%7B%22SId%22%3A%2272B809%22%2C%22D%22%3A%2224%2F4%2F17T23%3A37%3A53%22%7D%5D%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IZH_Q=%23%5B60545%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IMCH=%23%7B%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IMCH_Q=%23%5B%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IMH=%23%7B%2279559%22%3A%5B%7B%22SId%22%3A%2272B809%22%2C%22D%22%3A%2224%2F4%2F17T23%3A37%3A53%22%7D%5D%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
IMH_Q=%23%5B79559%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ISH=%23%7B%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ISH_Q=%23%5B%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ISPH=%23%7B%2214866%22%3A%5B%7B%22SId%22%3A%2272B809%22%2C%22D%22%3A%2224%2F4%2F17T23%3A37%3A53%22%7D%5D%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ISPH_Q=%23%5B14866%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ICH=%23%7B%2236016%22%3A%5B%7B%22SId%22%3A%2272B809%22%2C%22D%22%3A%2224%2F4%2F17T23%3A37%3A53%22%7D%5D%7D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
ICH_Q=%23%5B36016%5D; expires=Tue, 18 Apr 2034 06:37:53 GMT; path=/; secure; samesite=none; httponly
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8762a617c9ab56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.17.24.14 | 200 OK | 77 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.17.24.14:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4281487
expires: Tue, 08 Apr 2025 06:37:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufZNWT%2BPI7jJGAOoLddZvpOMDDmCAQ5pm%2B%2FUwDNneCP700T6VCcfV0et6j6%2BRbxO5oBoBTVoXARLBvE7dJ5rw2ItRjWFpv6z7sgBOGp1Tg1JO1j15gBkEGxHP8X03J6Ff1oP2LeE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8762a60dbaff1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bedrapiona.com/4/5615727/ | 0.0.0.0 | | 0 B |
URL GET bedrapiona.com/4/5615727/ IP0.0.0.0:0
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /4/5615727/ HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.animezeno.sbs/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| popdemission.com/in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels= | 0.0.0.0 | | 0 B |
URL GET popdemission.com/in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels= IP0.0.0.0:0
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=97735917&site_id=543314&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=543314&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=1&bf=0.0984&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 409 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://impactserving.com/Redirect.eng?MediaSegmentId=32782&dcid=3_ctx_f9481244-d87c-41c7-a1fe-88286ca73334&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=6AWUDNqBdWAaupIDrYJ6PpfnFcXZYma587HmH3FQMLo3nFFRGSu426JR_k-TyL80IyDwJwKSQ8QuvU3gnCJLd5NhId65iZcbCjYKaNCT-Zna3rloj-d8jMElHR0X55GdDGyz71gsQtxEf1EwsrpG-bsf7Z6u89OOntyc0wFoEBGZlAzdRGJ05wMblFUCbZ9vM4K2we47i-Ys7nytEF6OTrABCacU0uEvqirctaaxMYlQ8EvLwD-0BGclj9trO77miWZRviFSYLTzGx7wxkMjJVwu2PoTSC_p9THRrpq8qT8mBBciul3MU4g-S3CsUhdCiQqoo9A_3NV93Ef6Y-cfIUMNKWK2raPe4Zy7YPTyq8FaVyakr2d6nVy0bIRvrcriK0XccD1LT6Q73BEovZunTiF5XZ_RN3O1pnlFKDVIYdnPUj9mnfgRtUNW8PaPZ0JOCklPPO0gSntEYo8Nd_goXUdC8HcMp-hHtrXkGaOdThuTflJ4DsQu2uEMHGl9uHEcigrJDQOps_qqveY3xJcTJv6-vfvEVe1D2bQ0Q3DPck3Wqj8lq3ZgD2ddbTFOz1V6y5ivNBSaZ2-J4plKW2cC9FrlTeh1Lu2Jy9tYjPefOtjdl1Uy6gbPL1BHWVKBgR8skaOysBDRomFc5DaYllXK3cAPO1zgjIMmL6xjcpU7hYde0bRk3C1DuwiXSYs1kSBAwT6agsUL-7trLlxIQQllK1jsHgPaXLR9ruH0Gin_A2h_oWVioRE5lfoCu6cfZbOQjnJAvT95ppOwcC-Rv6QLBR6EurnGRcyanq0lyaCugnE6ViuS5USgcXC2GWmMP3cyAYYs9knMT678AhlfKo5PJkBADMT4TEROrmoA7iplO1FNlPEE07genHKLtQI-34eqossV_4CCh7B51Wl0OrcR7QirUgvGnGwo2DlUZQCr2EdjRrq8niiJ2ENFlrLfOlrDAg2ioVf6mLkl1HoJsaHUJFtMgKM9AaFYacmw60uWBi81&kw=&mw=1024&mh=768&xml=1&at=
|
|
| meetbenjen.com/in/p/?spot_id=543314&cat=25&sub_id=97735917 | 109.206.191.198 | 200 OK | 5.4 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=543314&cat=25&sub_id=97735917 IP109.206.191.198:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5503), with no line terminators Hashc93262c2ba43d620e629755515ea0af9 860185c9c340cfc04276feb70628f0cf3bef7dd8 52638b6f9e9771e5922eb5f3542b30a9ad25cc503d88c810cfff20a6dc0084e4
GET /in/p/?spot_id=543314&cat=25&sub_id=97735917 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 18 Apr 2024 06:37:54 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Fri, 19 Apr 2024 06:37:53 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 172.67.39.148 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKI8JfGHLgDLQMxgjIu6uq9y5sFahBx8LFeIv85H4LGXkFnp9HWSnK6sZVx299a1mbU%2BjomK2FHlABBJnwQDJeYe4yJMdIkipFw6Yt2WeRGl5RDOvuaLloy6P%2F%2BRZw9yvyADzctlodc7WNv6iH7eoGMR"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15509
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6112f40b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| allvideometrika.com/f.php?sid=212515 | 172.67.214.245 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP172.67.214.245:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com FingerprintA7:8E:7D:C9:07:A5:B6:A9:6D:38:81:8F:95:98:D9:44:DD:EA:AD:21 ValiditySat, 24 Feb 2024 11:56:27 GMT - Fri, 24 May 2024 11:56:26 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qfic7PbZXNA5o9V2bZvDIo%2BRXdA%2F1iSLDBSvWPzhPh9wgDFt%2FakyoZKCs5EhFJ8uBG69iGf4cAd3iWQhbh9nusyTiqZJmffvEefi7rvLwvBwdnlezP4QYj%2FvnubgwDvOoLpsFUW%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a6128954712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/settings/59845 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2tr.7vid.net/api/settings/59845 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59845 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIsDZM5wkxeMaIKM1SPIFHYDJrNL1P3vr4pzKkF5XBWJX5gbqXp4Y5H%2Bgf87ZoTBik%2FP8NYvl9ybNdEiOMj%2BjHyDaN2LqyHKdn365rQhsVZGSzgJeDaf4VvlUg5jVDWvA8Ny0jq7cdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60dfb81b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=1641500486&site_id=526328&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=526328&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=230.15520421494335&bf=0.0984&iabcat=IAB25&allowed_labels= | 0.0.0.0 | | 0 B |
URL GET popdemission.com/in/849/?source=1641500486&site_id=526328&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=526328&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=230.15520421494335&bf=0.0984&iabcat=IAB25&allowed_labels= IP0.0.0.0:0
Requested byhttps://videzz.net/rk91hga5cy41.html
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=1641500486&site_id=526328&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=526328&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=230.15520421494335&bf=0.0984&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 2.4 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tidyllama.com/click?a=85ho&e=gAAAAABmIL_A7K8zBuH0Ot9DU91Cls9MYsZF_vV3wd9S4j4BrQeH__132UGZFEpQfl4hRiHWORPlhYxEKO-fZcIS6GqHrl7RfL_eS2ZSx9V-JG13P6qlybl_gspy8Qjnf0NUutql-fTAWRNDxkbAWO1EXms4rbP6kGG0664t16jmeVzSM07L0EnFVBlBjY8l6xd_dMr-piEVIvxF6BbygNHsMISt46e1qsRBS0DZnweq-VWXgP9UOoUzROZnwWv2HkCCbkK9kMNdGhhPX0ZDEA5bmiqetqocQyh9-rLxrykNIrYM9DrAutQEzWuAkB-dX1rpvldKxSxzMaKKt2iOwLxCFznuUbvKoe2w3NV4nmvm1lDtNagQR5H2RuTyHRNpGLaSo6-tYe2Zp-uiMH-stcJgMih8_cMbpez93i4NjnaME5Kd8oyguXT4aykgEgw_nlIw5A1sKtFrIEGwCybOKCN1Olhp6rDQXv-wDoeyrfiOENwb5blqEfA%3D
|
|
| fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate | 142.250.74.106 | 200 OK | 27 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate IP142.250.74.106:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeASCII text, with very long lines (634) Hashb38e93359bf408137b205df1dc494995 c8a136dea93305a6be1a7341e5b1d34145415b37 24b63ecac66577632b7277c0105fedc08608171a8ca4335fa5f8e07104962320
GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 06:37:51 GMT
date: Thu, 18 Apr 2024 06:37:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 172.67.39.148 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no0s8wf%2B47RtY8CEer2btpxxEiQg64a2epQXM1gVeuJI2MFbat7D2FpnM2CTnrpqF8xhWPrS4hZNCEW3DGu0x8AI7gl43a8FCrFs3fa3QDBL33XfcQ%2F%2Bao27VUMmVJ9PHZZcsnwPTuha9DeAmuHyZVOg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15509
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a6112f45b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 5.4 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 18 Apr 2024 06:37:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=543314&cat=25&sub_id=97735917
|
|
| s.click.aliexpress.com/e/_Dk4JiYt?af=4yL2VrQoUjHw | 0.0.0.0 | | 0 B |
URL GET s.click.aliexpress.com/e/_Dk4JiYt?af=4yL2VrQoUjHw IP0.0.0.0:0
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerDigiCert Inc Subjectae01.alicdn.com Fingerprint3B:6B:34:80:95:44:11:F7:71:DE:95:B7:C7:7C:A0:9C:BC:00:BC:AA ValidityWed, 10 Apr 2024 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/_Dk4JiYt?af=4yL2VrQoUjHw HTTP/1.1
Host: s.click.aliexpress.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| videzz.net/js/videojs.stm.5.min.js?0.145151748192845 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.145151748192845 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.145151748192845 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-1c25"
expires: Sat, 18 May 2024 06:37:50 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP172.67.39.148:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 16214
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8762a60e5bb0b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offmantiner.com/4/6120639/ | 139.45.197.245 | 200 OK | 34 kB |
URL GET HTTP/2offmantiner.com/4/6120639/ IP139.45.197.245:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
File typeHTML document, ASCII text, with very long lines (18491) Hash63b22c65182454396dbc047be102756b 070be5b27adc987c3453ed61a4b254b8c65e1a27 fe16c9e3253187829994fb42c3eae875a49624c166c66035c2cb12e92c6c9599
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/6120639/ HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://becast.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:37:53 GMT
content-type: text/html; charset=utf8
x-trace-id: 469fed0b71e4d2621d08b1caed103d0c
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008042431f5d4dc2e5d13fbd7e96868e; expires=Fri, 18 Apr 2025 06:37:53 GMT; path=/; secure; SameSite=None
oaidts=1713422273; expires=Fri, 18 Apr 2025 06:37:53 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-22364"
expires: Sat, 18 May 2024 06:34:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:37:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6TQ5tucjqQ6Xi78HTZst0ObnEE9ICkIN9Aa1JXQgRs5V34RRqb8QvnrkVbcthIZaZ5WcWm2m%2Bj%2FwGIusW15iBHYc%2Fu0etpPLAqa9Xf46vzZQVPbm68tPVST4jbdvU%2FqTd3v6eX0o5E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762a60f5c611c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 11 kB |
URL GET HTTP/2videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (11269), with no line terminators Hashf2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-2c05"
expires: Sat, 18 May 2024 06:34:47 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 1.4 MB |
URL GET HTTP/2videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/rk91hga5cy41.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size1.4 MB (1360962 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/rk91hga5cy41.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Thu, 18 Apr 2024 06:37:50 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-14c442"
expires: Sat, 18 May 2024 06:28:48 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|