| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.136 | 200 OK | 73 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.136:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashf05d94bc221785da7e751eadbcf05e2c 5f42c267454d065b8262376c3e9ef827571a5f13 e09a62187b1071de8dce0b9bbe0ad51edfe7551d9d37a13cba2b02cdb9b95b22
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 02:16:56 GMT
expires: Fri, 26 Apr 2024 02:16:56 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-23"
expires: Sun, 26 May 2024 02:14:50 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
etag: "66163909-d3"
expires: Sun, 26 May 2024 02:14:55 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| vz.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.cpbj8ddae04d.shop Fingerprint05:51:C2:15:91:D1:D4:BC:15:B2:36:C5:1A:40:61:CC:74:87:18:53 ValidityTue, 23 Apr 2024 10:27:07 GMT - Mon, 22 Jul 2024 10:27:06 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: vz.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-2074"
expires: Sun, 26 May 2024 02:15:02 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-18e9"
expires: Sun, 26 May 2024 02:15:27 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/henYKwb.js | 135.181.208.216 | 200 OK | 88 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hash04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286
GET /henYKwb.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
content-length: 87996
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-157bc"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: EXPIRED
cf-ray: 8685cee83a6f8d55-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/Sb7AkA7.js | 135.181.208.216 | 200 OK | 77 kB |
IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /Sb7AkA7.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 891301
expires: Wed, 16 Apr 2025 02:16:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJkMZ66oglo8eW2sHXGRuCRmisNwvQg4ho0fftnDoNnv7VHFbNvhaRPP%2BztTKCvto4xWzKgfyYdyXrKOYec%2B7%2B738MxaTR0OIQIBe5MQXpR87aiR%2FW9H0gkWpgdHgwDVDiRSTVkE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87a312daf8aeb4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.136 | 200 OK | 72 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.136:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Hashdb14c42a9088ebc98554b40f76b3e480 13cd70f8d7082a1446178b5fa9e1a531da6141c4 372319921aa8973971e472ff480f81fb7f128c7727f99fe44fbcf438b221c56b
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 02:16:56 GMT
expires: Fri, 26 Apr 2024 02:16:56 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 424 kB |
URL GET HTTP/2videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typegzip compressed data, from Unix Size424 kB (424321 bytes) Hash5e8c926c78e6f0c30d9a6c86ab8674ec 11d9e4a89562ef9ba497c11dffdd3a067af618e5 2163638790abd95efe9a38584e6f4fcdecf13f468909cd6309adde5af72d52e0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-a554"
expires: Sun, 26 May 2024 02:16:11 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.136 | 200 OK | 94 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.136:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Hash1b35616827b42339c2a0cab0e4b1f6a4 8cd88d895d1b29d09a2c60b0ac343ab9fb781450 8b3f73ebc5c7b558eeeff4304b3c4b4d25827b6ac84b31f5158d685cbf45b923
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 02:16:57 GMT
expires: Fri, 26 Apr 2024 02:16:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93625
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 104.21.37.74 | 200 OK | 77 kB |
URL GET HTTP/3bid.bidclickmedia.com/sub/31bV2Jy IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashc1555c052dde7c63577b65ee2e032228 d3edbfc34af2949d589c6b978d7f3505d259def1 6355368aaf575ec49fad1013f7b100d3b4af0e08aa190538daaa7e1966141c31
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIlSgqTZ0Dz2qDx43QGGfNmwEYh089P%2FywYEMu9XCYgidfZn834kLEGwmuhG1NJPprnKmJPwUrcQFSq%2Fm4aZjvGjE1kVgkoPxT4Lvx6%2Fmy36jHVg4dJaGBc7zR41mcFxYa%2FAd1P59%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312dfba24b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1348535936.1714097818>m=45je44o0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1151164300 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1348535936.1714097818>m=45je44o0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1151164300 IP142.250.74.163:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint4E:BD:F9:72:97:67:A2:4B:EE:E4:B0:03:CD:C8:F3:30:53:27:53:1D ValidityMon, 18 Mar 2024 20:50:06 GMT - Mon, 10 Jun 2024 20:50:05 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1348535936.1714097818>m=45je44o0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1151164300 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 26 Apr 2024 02:16:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 104.21.37.74 | 200 OK | 651 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash3e4f8d950f382330e0d32f9aa59bb11b 0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d 25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPzkeRBpNa6lPSZHhfEjdvn1ROXraQlxok9ohMMs%2FFw%2F%2FuGGm6xXlNG8Q5q3uiP5F8TTqTVt5bc040Heq0JwA1XfMt4ErpWrHG3G8gheaVB%2FfdEgZgRp26IlSMsyYiTvgWUEMjmjR2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312df7a0ab52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44o0v9104348843za200&_p=1714097816911&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1348535936.1714097818&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714097817&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2376 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44o0v9104348843za200&_p=1714097816911&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1348535936.1714097818&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714097817&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2376 IP216.239.32.36:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44o0v9104348843za200&_p=1714097816911&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1348535936.1714097818&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1714097817&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2376 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Fri, 26 Apr 2024 02:16:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 104.21.37.74 | 200 OK | 511 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashe151e24dc5b354ea8ee36534a8264594 4b5f293d59d009ee46087f164ee86d066e8e83f4 b2fdeeef5c48f24499731fdd7aae1650ad1bc6fa9ee58cf88fafe175658e888f
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nGM2NdZ7SzN9Nvw4KnN5Ktx%2BcoC5Tp4hV3s7w9yuZOth5MvLxCqaXjt44lO9ShRJMsHqEOFTBIclAV%2Btx3%2F2RTNlMMEC%2B7JzuGCsxBcxbBemaLzKfBzUrpgbskUzBRKYpTq2QFN6ITI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312ddcae856c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 361 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash6610c77cad5adb691fd5f9ffa06b9486 d003b0d6d8bb61e5fd17dc635c017f6393e0c24c 83695861f8ded5db81f9c1e185cdf9177d18c57bfe1196b03468f2d8ac22bc50
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZIkxn17up9UdKFJ3%2F1J8XfukFDwxPBKqlsPhUP6C2489af3qaYdT0BEWoVOz5GospoBCWByVNG1rLT6xFH18ySEJ0SUYG2R%2FxzTSdkKCLJg9IyYZOulw1LvEXq3fDxhlBdtHCOfqvj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e27b7db52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/e6yMnW6 | 104.21.37.74 | 200 OK | 148 B |
URL GET HTTP/3bid.bidclickmedia.com/sub/e6yMnW6 IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash3e4f8d950f382330e0d32f9aa59bb11b 0ddcd35cedb3e5ebf73cd067ddc04bca8066b93d 25840ab9693f257546a4e14431441fd50b4fd5198125125ed68bcd521c51c958
GET /sub/e6yMnW6 HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZTyKN3ZZu%2BNBtZ8GKi36MWOCLpbfRg4GFKMU6pWw6rkeduYQasinKvPNRyPhhGcHN6Evw8v50xES4fvLFvCWH5P122uGVTvmOu9xOP%2FFo1uZAcm%2F2U%2FvRp0xkv%2F7hbK7UyRhz9YD5%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312df9a15b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashb8207054b13fda020d58a7f94425b36f 9b577687e561e17e9823e7fb83ad648dede4c74c 6dafbda0e014e02f234cd8025d827edc22403b87e4cd22270c86db55dd8bc4a6
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLaY%2FoSmtXhfUXIeK4Fmgh3MAXkOGIURXX22Bc8PKwdctDd8aI32ay8l8tHDX0GoUOWFMCkXWjerUPt%2Bu9QGyOgoXEgZNFlZl5xClvE%2BsLae1OwBrreosmURMz8%2BSiBIzo65IzV1iJA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e38bbeb52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tfosrv.com/show_std.php?id_site=13101&id_channel=60771&uf=true | 216.18.168.29 | 302 Found | 0 B |
URL GET HTTP/1.1tfosrv.com/show_std.php?id_site=13101&id_channel=60771&uf=true IP216.18.168.29:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.tfosrv.com Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80 ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /show_std.php?id_site=13101&id_channel=60771&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Fri, 26 Apr 2024 02:16:58 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=60771&id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2&site_id=13101&uuid=f98f4a9c-2ca2-48a3-9be8-bddd351a5893
set-cookie: sppc_uuid=d6a0dbfc-8767-4fe6-84f8-efae2def940d; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 104.21.37.74 | 200 OK | 939 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashf43a9f52bdd16907856bcccdc018b8c9 260324361bf19dc2ea4982f6fd312f9c8d5039cc 0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bI91QXsYOBFSkoqqfzpZfBdKn%2Bqq1XsWoezQ6lycvKIKZCwSTn0pN2kTAFLysP9FtdmsQyYRTw%2FwxSuQLxzShUvDZFeKIDFKp1QGSsQolGIi0GE%2BpnTVIMy%2FaugBQxYPwhJVSOEt%2FWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312ddaadd56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash8c6e4895da5c5b48888faceae2c20c4f 69dad1d518bcb805f58f3285c72ba648462040bf 85dd6a5b21367347155e970a54ce165d275ca4753206ca8b6b64b773f80570cd
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TniFmlq4xNyrjwc%2FY9qGtACaUMUlhk4wsb872AywLH6ZvSC9nTLNykN528DMt7ClmJhaOsPdwYlugK%2BwbXmcAYLZFjGWszEDZamcdtnreSOzmd%2FRDlrnose6qThv%2Fnl0jC56DHCvE9Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e36bb3b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tfosrv.com/impression.php?channel_id=60771&id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2&site_id=13101&uuid=f98f4a9c-2ca2-48a3-9be8-bddd351a5893 | 216.18.168.29 | 302 Found | 0 B |
URL GET HTTP/1.1tfosrv.com/impression.php?channel_id=60771&id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2&site_id=13101&uuid=f98f4a9c-2ca2-48a3-9be8-bddd351a5893 IP216.18.168.29:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.tfosrv.com Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80 ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression.php?channel_id=60771&id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2&site_id=13101&uuid=f98f4a9c-2ca2-48a3-9be8-bddd351a5893 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=d6a0dbfc-8767-4fe6-84f8-efae2def940d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Fri, 26 Apr 2024 02:16:59 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2
set-cookie: sppc_uuid=f98f4a9c-2ca2-48a3-9be8-bddd351a5893; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| trafforsrv.com/click.php?id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2 | 216.18.168.28 | 302 Found | 0 B |
URL GET HTTP/1.1trafforsrv.com/click.php?id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2 IP216.18.168.28:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.trafforsrv.com FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00 ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click.php?id=908cf29d-c3bb-42a5-9ae8-9d15155c2d89%3A0f367850-19c9-496e-a53b-71562d85a9e2 HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
server: nginx
date: Fri, 26 Apr 2024 02:16:59 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=4a4f7898-2f12-4423-b8e3-50e495937ec7; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
|
|
| filter.adxnexus.com/filter?q=&i=kDHswDEqeGg_0&ci=-6052789982724466820&t=275153547 | 174.137.133.17 | 200 OK | 13 kB |
URL GET HTTP/1.1filter.adxnexus.com/filter?q=&i=kDHswDEqeGg_0&ci=-6052789982724466820&t=275153547 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.adxnexus.com FingerprintEF:8C:9E:A5:2D:18:DD:8E:D1:6A:63:E5:B6:62:AB:BA:E6:43:A0:69 ValidityThu, 14 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (524) Hashb4de10de36a5bd53bc4017e268927a75 55d45e205a709deb1c188e21524ebcbf05413416 8e40dbe84955a1485ee868d43c4ac9289af4a0f5bfd4bc1df347411c34ab1e1f
GET /filter?q=&i=kDHswDEqeGg_0&ci=-6052789982724466820&t=275153547 HTTP/1.1
Host: filter.adxnexus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 12895
Connection: keep-alive
Referrer-Policy: unsafe-url
Cache-Control: no-store
Set-Cookie: c-1800835917=-445255079
x3331534=445255079; Domain=.adxnexus.com
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 104.22.71.197 | 200 OK | 3.3 MB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (360), with no line terminators Size3.3 MB (3331870 bytes) Hash48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jty8znFib0KWLtGhjMAg%2BxsjKXe7JzL7YJbtSlJe7kph2rpky7WRd1yEbqG%2B%2BjIQdAdIEgC6yml2kYICcTp3ijclEgiX9QtrVqm04z7h3YAKWGtr1zqXmPl17EI4scLjMpIy7oH0C8DC5dMe2Nt5EA4B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3098
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e09e2692da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://meetbenjen.com/in/p/?spot_id=434888&cat=25&sub_id=350391741
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xmlclick.adokutrtb.com/nrtb/click?bid=oODDm5N7qh2GDVirguOB2l_FiHdmw8O6ogfSAxUa5I5yZfjGxBYTenr99nHUA6xO_0_5
|
|
| tr.7vid.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225 | 135.181.208.216 | 200 OK | 592 B |
URL GET HTTP/2tr.7vid.net/api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typegzip compressed data, from Unix Hashbda622277bfe872c770ace294a301300 f38b36c309ea6d021a6587b1e66d17062c7bbb3c ca09c28ac249b6b5f13bfde2490978158cbf130c52c5f6bd78dbb271a7b65f06
GET /api/users/88464?v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=impDvmVR3r0ziH80DarW; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/splash.php?idzone=5040978&type=8 | 95.211.229.247 | 200 OK | 478 B |
URL GET HTTP/1.1s.pemsrv.com/splash.php?idzone=5040978&type=8 IP95.211.229.247:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
File typeHTML document, ASCII text, with very long lines (717) Hash0a0facbef164c9e58f80ef97a1a0827e 11213522b288f0683c8f640b87b1e4e246ad8030 8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf
GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b0e9b3fc158.63856437931303102%22%3B%7D; expires=Sun, 26 Apr 2026 02:16:59 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hash8c6e4895da5c5b48888faceae2c20c4f 69dad1d518bcb805f58f3285c72ba648462040bf 85dd6a5b21367347155e970a54ce165d275ca4753206ca8b6b64b773f80570cd
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/e6yMnW6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lknzamkwQgakI%2FBMyAOIp9xao7iYMNpoSpKqzS1%2FAGOKSooWkx5GKBwEeKzr%2BgKneNScT1IgPSiLFTJEeT%2BTDddpE9oSfApHPQuSBI4fMzHKAd%2BNiyiw3MAXN0M6eyjqPtY342t8NQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e36bb1b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mnymkr.net/61140215-3e40-4623-8bda-dbb7d050d361?campaignname=AdSupply%20-%20Norway%20-%20Rotator%20%28Mark%29%28A%29&placementname=AdSupply_-_Norway_-_Rotator_%28Anna%29_Norway_Popunder_1_1&bid=0.10&totalcpv=0.0001&channel=Traffic+Marketplace&subchannel=Traffic+Marketplace&medianame=AdSupply%20-%20Norway%20-%20Rotator%20%28Anna%291&keywords=&cpv=0.0001&s2sParam={s2sParam} | 104.21.87.72 | 302 Found | 0 B |
URL GET HTTP/2mnymkr.net/61140215-3e40-4623-8bda-dbb7d050d361?campaignname=AdSupply%20-%20Norway%20-%20Rotator%20%28Mark%29%28A%29&placementname=AdSupply_-_Norway_-_Rotator_%28Anna%29_Norway_Popunder_1_1&bid=0.10&totalcpv=0.0001&channel=Traffic+Marketplace&subchannel=Traffic+Marketplace&medianame=AdSupply%20-%20Norway%20-%20Rotator%20%28Anna%291&keywords=&cpv=0.0001&s2sParam={s2sParam} IP104.21.87.72:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectmnymkr.net Fingerprint56:5B:32:97:47:60:96:41:76:ED:C1:3B:E1:27:C7:09:7A:BA:BE:7B ValidityThu, 14 Mar 2024 01:48:25 GMT - Wed, 12 Jun 2024 01:48:24 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /61140215-3e40-4623-8bda-dbb7d050d361?campaignname=AdSupply%20-%20Norway%20-%20Rotator%20%28Mark%29%28A%29&placementname=AdSupply_-_Norway_-_Rotator_%28Anna%29_Norway_Popunder_1_1&bid=0.10&totalcpv=0.0001&channel=Traffic+Marketplace&subchannel=Traffic+Marketplace&medianame=AdSupply%20-%20Norway%20-%20Rotator%20%28Anna%291&keywords=&cpv=0.0001&s2sParam={s2sParam} HTTP/1.1
Host: mnymkr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://engine.blehcourt.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 02:16:59 GMT
content-length: 0
location: https://topbrandsnews.com/r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw9jhurfoja1h6qr0jsitc964
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 61140215-3e40-4623-8bda-dbb7d050d361-v4=VAxG8i-7ak1KCWFX1o6R7BW6zisbZbhY1j-EKCQ1B0Y; Max-Age=86400; Expires=Sat, 27-Apr-2024 02:16:59 GMT; Domain=mnymkr.net; Path=/; HttpOnly
cc-v4=u2ROnyDwYoYLTlkXyT%2FGAatCOTmwRXo27QSb9gCGQ5RtBdbFzgYKrFkrvCfS%2BcjqqNnaFeaWaFB6kUcjFHDW1J1f6Dhpu5f1Fnu9Kjt9T6ty%2Fx5VZUs6UsRq4zRs18e66gY6UmeIeRLqEZk%2BDhY46A%3D%3D; Max-Age=31536000; Expires=Sat, 26-Apr-2025 02:16:59 GMT; Domain=mnymkr.net; Path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKXfhniVzUzDK58ZMuFfE2wJLe%2F68OS9iLdP98iEJa03jz5oSq3ZZORggiY3Kvb%2Fvo06NjSwWip5bD8TOkqzi1zRFfe0kzK7thI0%2FlmvPYq1Go4jK5RfAogUUDjM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312ec48165684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 | 95.211.229.247 | 302 Found | 0 B |
URL GET HTTP/1.1s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 IP95.211.229.247:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectpemsrv.com FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1916x1076&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b0e9b3fc158.63856437931303102%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22662b0e9b3fc158.63856437931303102%22%3B%7D; expires=Sun, 26 Apr 2026 02:16:59 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C662b0e9b3fc158.63856437931303102%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1714097819%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C96f2d3930bcaf010c297192b2b19a442%7Cok%22%7D; expires=Thu, 25 Jul 2024 02:16:59 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrn0l3u0o41mqtjrotqrposuomolomlndrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUy3WWzXOc6V0rpXSuldK6V0rpXSuur4n2ouol01z4lml1nusmun0n0muzppncH2A-
Accept-CH:
X-Robots-Tag: noindex, follow
|
|
| xmlclick.adokutrtb.com/nrtb/click?bid=oODDm5N7qh2GDVirguOB2l_FiHdmw8O6ogfSAxUa5I5yZfjGxBYTenr99nHUA6xO_0_5 | 23.226.122.79 | 302 Found | 69 B |
URL GET HTTP/2xmlclick.adokutrtb.com/nrtb/click?bid=oODDm5N7qh2GDVirguOB2l_FiHdmw8O6ogfSAxUa5I5yZfjGxBYTenr99nHUA6xO_0_5 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerUnizeto Technologies S.A. Subject*.adokutrtb.com FingerprintFE:8D:59:6C:AC:C6:8C:40:28:AE:A4:B8:B8:6C:4B:B0:1F:1D:1E:AC ValidityTue, 19 Mar 2024 12:12:32 GMT - Wed, 19 Mar 2025 12:12:31 GMT
File typeHTML document, ASCII text Hash7872ab6743f609a6e95009456b19863c 10e586ccaece3835b2b42c13aba929399a945a60 fcc4aab48db62dc7bb46d020b29de0ce08f7989f81b3f89eca96875044af4437
GET /nrtb/click?bid=oODDm5N7qh2GDVirguOB2l_FiHdmw8O6ogfSAxUa5I5yZfjGxBYTenr99nHUA6xO_0_5 HTTP/1.1
Host: xmlclick.adokutrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html; charset=utf-8
content-length: 69
location: https://xml-v4.tri.media/click?i=zMnhZdM8lQo_0
X-Firefox-Spdy: h2
|
|
| xmlclick.adokutrtb.com/nrtb/click?bid=oODDm5N7qh2GDVirguOB2nvPG-00im09b2VCSXXd8n2k4QVId1hXqo4gCfovzCSZ_0_5 | 23.226.122.79 | 302 Found | 69 B |
URL GET HTTP/2xmlclick.adokutrtb.com/nrtb/click?bid=oODDm5N7qh2GDVirguOB2nvPG-00im09b2VCSXXd8n2k4QVId1hXqo4gCfovzCSZ_0_5 IP23.226.122.79:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerUnizeto Technologies S.A. Subject*.adokutrtb.com FingerprintFE:8D:59:6C:AC:C6:8C:40:28:AE:A4:B8:B8:6C:4B:B0:1F:1D:1E:AC ValidityTue, 19 Mar 2024 12:12:32 GMT - Wed, 19 Mar 2025 12:12:31 GMT
File typeHTML document, ASCII text Hash9fc8dcfa32434690ab463b3f87d8d4f9 ba5ed896798c5a153ec341b3c681ff29ee67a922 a2f60ff557c6ffc1301604c14214dc351b150e2c5e36db1809bc2093cb12d705
GET /nrtb/click?bid=oODDm5N7qh2GDVirguOB2nvPG-00im09b2VCSXXd8n2k4QVId1hXqo4gCfovzCSZ_0_5 HTTP/1.1
Host: xmlclick.adokutrtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html; charset=utf-8
content-length: 69
location: https://xml-v4.tri.media/click?i=IFUNfwgtwl8_0
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/sftouch?userId=00804a0bc8314eb6e23f4adeb4d93b5d&z=5615727&p_rid=6f92fee7-0780-4ff0-9f8e-1a6b28340461&p_src=sf&branchId=0&rb=kByTlHKMajiLrzK6JetYD83KTw4uu6MoUaIT13v1fSXv4iaVj8i9IfrgLhjsfEc2eXR8THTPasBAJIotLZae8qTvy2gwwlX1g2Nw9Hxo1fmOZAKt-mVuri2inl8qPIQTdihVa51BoRwteFUP67h0Ds1d2keY9bS9LzScqSLqVW2c2U0XVdWEbxHlZqoCIRgtxYhD5ANYNwhq-Rwc40lvJh8wWoSKsm63urCHuHaP3AbbuM_eH2gWiacZJRj7SEKAw0NqD99bC_rV4O0A66V3ng== | 139.45.197.234 | | 2 B |
URL bedrapiona.com/sftouch?userId=00804a0bc8314eb6e23f4adeb4d93b5d&z=5615727&p_rid=6f92fee7-0780-4ff0-9f8e-1a6b28340461&p_src=sf&branchId=0&rb=kByTlHKMajiLrzK6JetYD83KTw4uu6MoUaIT13v1fSXv4iaVj8i9IfrgLhjsfEc2eXR8THTPasBAJIotLZae8qTvy2gwwlX1g2Nw9Hxo1fmOZAKt-mVuri2inl8qPIQTdihVa51BoRwteFUP67h0Ds1d2keY9bS9LzScqSLqVW2c2U0XVdWEbxHlZqoCIRgtxYhD5ANYNwhq-Rwc40lvJh8wWoSKsm63urCHuHaP3AbbuM_eH2gWiacZJRj7SEKAw0NqD99bC_rV4O0A66V3ng== IP139.45.197.234:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /sftouch?userId=00804a0bc8314eb6e23f4adeb4d93b5d&z=5615727&p_rid=6f92fee7-0780-4ff0-9f8e-1a6b28340461&p_src=sf&branchId=0&rb=kByTlHKMajiLrzK6JetYD83KTw4uu6MoUaIT13v1fSXv4iaVj8i9IfrgLhjsfEc2eXR8THTPasBAJIotLZae8qTvy2gwwlX1g2Nw9Hxo1fmOZAKt-mVuri2inl8qPIQTdihVa51BoRwteFUP67h0Ds1d2keY9bS9LzScqSLqVW2c2U0XVdWEbxHlZqoCIRgtxYhD5ANYNwhq-Rwc40lvJh8wWoSKsm63urCHuHaP3AbbuM_eH2gWiacZJRj7SEKAw0NqD99bC_rV4O0A66V3ng== HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bedrapiona.com
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/4/5615727/
Cookie: OAID=00804a0bc8314eb6e23f4adeb4d93b5d; oaidts=1714097819
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/plain
content-length: 2
x-trace-id: 2e47431d999c5d9ac1320c73487be3c1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bedrapiona.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 864 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashe6672326973a873bed578f6faf8fd95e 354891dc63c40b2f71c7b685aa4d021a948834e8 dffafad3943957486748f209133c21f44e33ebf14a6e45cc69f9794b007629cc
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1E4JXlI0khGIeF5Ttj%2BwLr%2F7SRdtkZumOg9kueog0DGAevy6t3WdgCJDq05klGlCzk2xMP9mfGdlB0bncBoxLJbew6CRDScjJK3nJ3hULB7ejx9m%2FNKgW9hGFAJUHW1yJ%2FfK92aA3ac%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e2ab84b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| topbrandsnews.com/r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw9jhurfoja1h6qr0jsitc964 | 104.26.5.128 | 308 Permanent Redirect | 479 B |
URL GET HTTP/2topbrandsnews.com/r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw9jhurfoja1h6qr0jsitc964 IP104.26.5.128:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjecttopbrandsnews.com Fingerprint5E:65:A8:5B:A7:01:99:CC:2D:F6:70:02:17:5A:69:ED:DD:D8:18:C1 ValidityWed, 03 Apr 2024 14:17:26 GMT - Tue, 02 Jul 2024 14:17:25 GMT
File typeHTML document, ASCII text, with very long lines (414) Hashff44c4231def1dc9f8b8627340f1d670 448116d180261d1956d0ea21bcf2b2ebf9799882 06e3fbbd3521efc6791ca003d1a69e7f4f32ffc5d5152675cdaa5b45d2cfd37d
GET /r.php?tg=https%3A%2F%2Fr.linksprf.com%2Fv1%2Fredirect%3Ftype%3DlinkId%26id%3Df26dd7fa37f24f46b0c2391acccde803%26api_key%3D9705c66008eb291ff1cf7463b862cbab%26site_id%3D549da8f368554c7cbde84b3ae883b5f7%26dch%3Dfeed%26ad_t%3Dadvertiser%26yk_tag%3Dw9jhurfoja1h6qr0jsitc964 HTTP/1.1
Host: topbrandsnews.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://engine.blehcourt.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 308 Permanent Redirect
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html; charset=UTF-8
location: https://r.linksprf.com/v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w9jhurfoja1h6qr0jsitc964
x-powered-by: PHP/8.2.18, PleskLin
referrer-policy: no-referrer
x-endurance-cache-level: 0
x-nginx-cache: WordPress
x-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DD46WPxJSx8pNDWDUJTlNLLQHA66C0acpKyKvIC%2FN88wzfFa4ZdrdyJhkdKxz8DdoUFqEb8Dfet9NK25kiE%2FlqE2Y4Rit%2Bg%2BD24wyLvG3dX4So85%2FB1HQ3VP3ikCO1OW94n4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cflb=0H28vHozRJJ2U2zMtR6mkpLBtqXxMEm6JFm85Hh5CJ9; SameSite=None; Secure; path=/; expires=Fri, 26-Apr-24 02:46:59 GMT; HttpOnly
server: cloudflare
cf-ray: 87a312ee2a1c56bf-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=00804a0bc8314eb6e23f4adeb4d93b5d&z=5615727&p_rid=6f92fee7-0780-4ff0-9f8e-1a6b28340461&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=00804a0bc8314eb6e23f4adeb4d93b5d&z=5615727&p_rid=6f92fee7-0780-4ff0-9f8e-1a6b28340461&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=00804a0bc8314eb6e23f4adeb4d93b5d&z=5615727&p_rid=6f92fee7-0780-4ff0-9f8e-1a6b28340461&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00804a0bc8314eb6e23f4adeb4d93b5d; expires=Sat, 26 Apr 2025 02:17:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 104.21.37.74 | 302 Found | 371 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashb8207054b13fda020d58a7f94425b36f 9b577687e561e17e9823e7fb83ad648dede4c74c 6dafbda0e014e02f234cd8025d827edc22403b87e4cd22270c86db55dd8bc4a6
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R3RvxFSyZlvV%2BBtGpXHwExoBFwy0sYnhR1rz3BU8BBDFF73Nu%2F38dGt3cpCSUoAp1QIuDt33mKWVEIQvvGLjHGQD1yTen%2FWMMLv2s8GFwIG%2F5R9%2FORCRgkbjPCHZgKzEIi10pggIhtw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e37bbab52d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f92fee7-0780-4ff0-9f8e-1a6b28340461 | 37.48.68.71 | | 2 B |
URL datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f92fee7-0780-4ff0-9f8e-1a6b28340461 IP37.48.68.71:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=6f92fee7-0780-4ff0-9f8e-1a6b28340461 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1411
Origin: https://bedrapiona.com
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 26 Apr 2024 02:17:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://bedrapiona.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false | 139.45.197.234 | 302 Found | 0 B |
URL POST HTTP/2bedrapiona.com/?z=5615727&syncedCookie=true&rhd=false IP139.45.197.234:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5615727&syncedCookie=true&rhd=false HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 604
Origin: https://bedrapiona.com
DNT: 1
Connection: keep-alive
Referer: https://bedrapiona.com/afu.php?zoneid=5615727&var=5615727&rid=e8DJqkaKU-A8kEnzk7U3FA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=00804a0bc8314eb6e23f4adeb4d93b5d; oaidts=1714097819
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 02:17:00 GMT
content-length: 0
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
x-trace-id: c5ca9335d356fa1963aad2ead937cd5c
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bedrapiona.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804a0bc8314eb6e23f4adeb4d93b5d; expires=Sat, 26 Apr 2025 02:17:00 GMT; path=/; secure; SameSite=None
oaidts=1714097819; expires=Sat, 26 Apr 2025 02:17:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 03 May 2024 02:17:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offmantiner.com/sftouch?userId=00804ac4976b4a83e1bfbf9b97d57a5e&z=6120639&p_rid=225d1db8-af97-49ca-b311-e5042f40190b&p_src=sf&branchId=0&rb=CD30X6lOmVjQCzUN8pLYvB9TnrFRII-YKpZcuxCKHeSB8DBtb8L00vkhRyD1tImepNHALpyJSEr66mKmcE3ugqKhckV_l7N7-NqjdgLyJg8HtjGUMNgTIr1A0SGRtGWbK7rWqQChZWNYnKk-rKkWapNnYoGibD6nHK9BodbI_ieXIQewKAjbQO5jlqG6h6wZPkFFVzq-xK_cFLw90KavdBxBFgGv1MPRHDc4eugLUU1QOP5jqeeqKkS41STpNv3anWkoqLeucA9qRXUXrbDKmsBxKc_RMDu2RcqpLw== | 139.45.197.245 | | 2 B |
URL offmantiner.com/sftouch?userId=00804ac4976b4a83e1bfbf9b97d57a5e&z=6120639&p_rid=225d1db8-af97-49ca-b311-e5042f40190b&p_src=sf&branchId=0&rb=CD30X6lOmVjQCzUN8pLYvB9TnrFRII-YKpZcuxCKHeSB8DBtb8L00vkhRyD1tImepNHALpyJSEr66mKmcE3ugqKhckV_l7N7-NqjdgLyJg8HtjGUMNgTIr1A0SGRtGWbK7rWqQChZWNYnKk-rKkWapNnYoGibD6nHK9BodbI_ieXIQewKAjbQO5jlqG6h6wZPkFFVzq-xK_cFLw90KavdBxBFgGv1MPRHDc4eugLUU1QOP5jqeeqKkS41STpNv3anWkoqLeucA9qRXUXrbDKmsBxKc_RMDu2RcqpLw== IP139.45.197.245:0
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sftouch?userId=00804ac4976b4a83e1bfbf9b97d57a5e&z=6120639&p_rid=225d1db8-af97-49ca-b311-e5042f40190b&p_src=sf&branchId=0&rb=CD30X6lOmVjQCzUN8pLYvB9TnrFRII-YKpZcuxCKHeSB8DBtb8L00vkhRyD1tImepNHALpyJSEr66mKmcE3ugqKhckV_l7N7-NqjdgLyJg8HtjGUMNgTIr1A0SGRtGWbK7rWqQChZWNYnKk-rKkWapNnYoGibD6nHK9BodbI_ieXIQewKAjbQO5jlqG6h6wZPkFFVzq-xK_cFLw90KavdBxBFgGv1MPRHDc4eugLUU1QOP5jqeeqKkS41STpNv3anWkoqLeucA9qRXUXrbDKmsBxKc_RMDu2RcqpLw== HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/4/6120639/
Cookie: OAID=00804ac4976b4a83e1bfbf9b97d57a5e; oaidts=1714097820
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/plain
content-length: 2
x-trace-id: 5dfb70c299d693299cd2ed4a249a4b80
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/img.gif?f=merge&userId=00804ac4976b4a83e1bfbf9b97d57a5e&z=6120639&p_rid=225d1db8-af97-49ca-b311-e5042f40190b&p_src=sf | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=merge&userId=00804ac4976b4a83e1bfbf9b97d57a5e&z=6120639&p_rid=225d1db8-af97-49ca-b311-e5042f40190b&p_src=sf IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /img.gif?f=merge&userId=00804ac4976b4a83e1bfbf9b97d57a5e&z=6120639&p_rid=225d1db8-af97-49ca-b311-e5042f40190b&p_src=sf HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/
Cookie: ID=00804a0bc8314eb6e23f4adeb4d93b5d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=00804a0bc8314eb6e23f4adeb4d93b5d; expires=Sat, 26 Apr 2025 02:17:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| xml-v4.tri.media/click?i=zMnhZdM8lQo_0 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml-v4.tri.media/click?i=zMnhZdM8lQo_0 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGlobalSign nv-sa Subject*.tri.media FingerprintF0:E0:10:3C:1C:04:86:9A:3B:2D:62:02:B3:CE:28:21:EB:2D:CE:7E ValidityTue, 22 Aug 2023 16:04:55 GMT - Sun, 22 Sep 2024 16:04:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=zMnhZdM8lQo_0 HTTP/1.1
Host: xml-v4.tri.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:17:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=UVNBqYCR16g
|
|
| datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=225d1db8-af97-49ca-b311-e5042f40190b | 37.48.68.71 | | 2 B |
URL datatechone.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=225d1db8-af97-49ca-b311-e5042f40190b IP37.48.68.71:0 ASN#60781 LeaseWeb Netherlands B.V.
File typeASCII text, with no line terminators Hash444bcb3a3fcf8389296c49467f27e1d6 7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=225d1db8-af97-49ca-b311-e5042f40190b HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1423
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 26 Apr 2024 02:17:00 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://offmantiner.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| offmantiner.com/?z=6120639&syncedCookie=true&rhd=false | 139.45.197.245 | 302 Found | 0 B |
URL POST HTTP/2offmantiner.com/?z=6120639&syncedCookie=true&rhd=false IP139.45.197.245:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?z=6120639&syncedCookie=true&rhd=false HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 632
Origin: https://offmantiner.com
DNT: 1
Connection: keep-alive
Referer: https://offmantiner.com/afu.php?zoneid=6120639&var=6120639&rid=IUzYL-eT4VvoQwPRHmPGTA%3D%3D&rhd=false&ab2r=0&sf=1
Cookie: OAID=00804ac4976b4a83e1bfbf9b97d57a5e; oaidts=1714097820
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 02:17:00 GMT
content-length: 0
location: https://adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB
x-trace-id: 0d99a462db3ab10c4628897d995824dc
link: <https://adserving.unibet.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
referrer-policy: no-referrer
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://offmantiner.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804a0bc8314eb6e23f4adeb4d93b5d; expires=Sat, 26 Apr 2025 02:17:00 GMT; path=/; secure; SameSite=None
oaidts=1714097820; expires=Sat, 26 Apr 2025 02:17:00 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 03 May 2024 02:17:00 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| xml-v4.tri.media/click?i=IFUNfwgtwl8_0 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml-v4.tri.media/click?i=IFUNfwgtwl8_0 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGlobalSign nv-sa Subject*.tri.media FingerprintF0:E0:10:3C:1C:04:86:9A:3B:2D:62:02:B3:CE:28:21:EB:2D:CE:7E ValidityTue, 22 Aug 2023 16:04:55 GMT - Sun, 22 Sep 2024 16:04:54 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=IFUNfwgtwl8_0 HTTP/1.1
Host: xml-v4.tri.media
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:17:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=roH6s3Wr0ro
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIzNTAzOTE3NDEiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjQzNDg4OCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI0MzQ4ODgiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJldTRyaWtqM2dicjZyNTBoNDg3OWwyIn0sImV4dCI6eyJkdCI6MTcxNDA5NzgyMDAzMH19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIzNTAzOTE3NDEiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjQzNDg4OCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI0MzQ4ODgiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJldTRyaWtqM2dicjZyNTBoNDg3OWwyIn0sImV4dCI6eyJkdCI6MTcxNDA5NzgyMDAzMH19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiIzNTAzOTE3NDEiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjQzNDg4OCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI0MzQ4ODgiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJldTRyaWtqM2dicjZyNTBoNDg3OWwyIn0sImV4dCI6eyJkdCI6MTcxNDA5NzgyMDAzMH19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Fri, 26 Apr 2024 02:17:00 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=3599469499318284920&pid=0&site=434888&sc=NO&usage_type=DCH&subid=350391741&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=434888&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=10b31d6d34897d9bd5406f6c337c664b&score=298.2087919423178&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D350391741%26site_id%3D434888%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D434888%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D298.2087919423178%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=UVNBqYCR16g | 143.204.55.106 | 302 Found | 0 B |
URL GET HTTP/2track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=UVNBqYCR16g IP143.204.55.106:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerAmazon Subjecttrack.jajaloop.com FingerprintB2:8B:F7:DA:FA:DB:BD:98:DB:88:6D:5F:F8:30:A6:60:19:63:73:FE ValidityWed, 17 Apr 2024 00:00:00 GMT - Fri, 16 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=UVNBqYCR16g HTTP/1.1
Host: track.jajaloop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://www.linkbux.com/track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=wqgqagn227f52qr03se23u0q&uid2=6354964
date: Fri, 26 Apr 2024 02:17:00 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 717a0983-e961-4ed5-98dc-35fbb30c40f8-v4=v40b2lXSB1PzldP3YtE3R7DtxEs0YemPaC-tuykNqGw; Max-Age=86400; Expires=Sat, 27-Apr-2024 02:17:00 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wqgqagn227f52qr03se23u0q%22%2C%22caid%22%3A%22717a0983-e961-4ed5-98dc-35fbb30c40f8%22%7D; Max-Age=31536000; Expires=Sat, 26-Apr-2025 02:17:00 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7gCdtQEA-rzKLYlTe-0A5_xhVSHmhCgHV0C0LT6TzmyDFfI-7XLmbA==
X-Firefox-Spdy: h2
|
|
| track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=roH6s3Wr0ro | 143.204.55.106 | 302 Found | 0 B |
URL GET HTTP/2track.jajaloop.com/717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=roH6s3Wr0ro IP143.204.55.106:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerAmazon Subjecttrack.jajaloop.com FingerprintB2:8B:F7:DA:FA:DB:BD:98:DB:88:6D:5F:F8:30:A6:60:19:63:73:FE ValidityWed, 17 Apr 2024 00:00:00 GMT - Fri, 16 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /717a0983-e961-4ed5-98dc-35fbb30c40f8?banner=6354964&pubfeed=568216&siteid=656252&cost=0.0006&conversion=roH6s3Wr0ro HTTP/1.1
Host: track.jajaloop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-length: 0
location: https://www.linkbux.com/track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=w9o7npr6tc6obqr03is38feo&uid2=6354964
date: Fri, 26 Apr 2024 02:17:00 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 717a0983-e961-4ed5-98dc-35fbb30c40f8-v4=tIeMJ4HjJ2ezbHAgRazoWTqaq9NNGbmpVMqw-H0MLwQ; Max-Age=86400; Expires=Sat, 27-Apr-2024 02:17:00 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22w9o7npr6tc6obqr03is38feo%22%2C%22caid%22%3A%22717a0983-e961-4ed5-98dc-35fbb30c40f8%22%7D; Max-Age=31536000; Expires=Sat, 26-Apr-2025 02:17:00 GMT; Domain=track.jajaloop.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0rJiARoISwaeotb6mFwDuow_o48dWfHab0Y-vpXBGq0ia8EwklDVCg==
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=3599469499318284920&pid=0&site=434888&sc=NO&usage_type=DCH&subid=350391741&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=434888&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=10b31d6d34897d9bd5406f6c337c664b&score=298.2087919423178&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D350391741%26site_id%3D434888%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D434888%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D298.2087919423178%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=3599469499318284920&pid=0&site=434888&sc=NO&usage_type=DCH&subid=350391741&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=434888&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=10b31d6d34897d9bd5406f6c337c664b&score=298.2087919423178&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D350391741%26site_id%3D434888%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D434888%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D298.2087919423178%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint53:1A:81:DB:A5:78:D8:1D:93:BF:BA:0F:71:6B:43:8D:3F:33:58:D1 ValidityFri, 01 Mar 2024 09:39:36 GMT - Thu, 30 May 2024 09:39:35 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=3599469499318284920&pid=0&site=434888&sc=NO&usage_type=DCH&subid=350391741&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-3&site_id=0&spot_id=434888&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=10b31d6d34897d9bd5406f6c337c664b&score=298.2087919423178&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D350391741%26site_id%3D434888%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D434888%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D298.2087919423178%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Fri, 26 Apr 2024 02:17:00 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=350391741&site_id=434888&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=434888&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=298.2087919423178&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB | 13.107.246.53 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html
content-length: 0
cache-control: private,no-cache, no-store
pragma: no-cache
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714097820638)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024426217%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2211360394547%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 26-Apr-3023 02:17:00 GMT; path=/; secure; SameSite=Strict
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 20240426T021700Z-16c4f695cc5rfvs2nkzu5z9xsc00000004tg0000000024m4
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB | 13.107.246.53 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2adserving.unibet.com/redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB IP13.107.246.53:443 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerTrustwave Holdings, Inc. Subjectaffiliates.kindredplc.com Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37950&pid=79982261&sref=GIG&GIG=NO_DESK_SB HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 307 Temporary Redirect
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html
content-length: 0
cache-control: private,no-cache, no-store
pragma: no-cache
location: https://www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
x-aspnet-version: 4.0.30319
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714097820638)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024426217%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2211360394546%7c1%22%7d%5d; domain=.unibet.com; expires=Sat, 26-Apr-3023 02:17:00 GMT; path=/; secure; SameSite=Strict
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 20240426T021700Z-16c4f695cc5rfvs2nkzu5z9xsc00000004tg0000000024m5
x-cache: CONFIG_NOCACHE
X-Firefox-Spdy: h2
|
|
| becast.onionlive.workers.dev/ | 172.67.141.108 | 200 OK | 593 B |
URL GET HTTP/2becast.onionlive.workers.dev/ IP172.67.141.108:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectonionlive.workers.dev Fingerprint15:4B:F2:93:81:D8:8E:E8:03:9A:C3:E3:2F:78:10:77:9B:80:FD:9F ValiditySun, 03 Mar 2024 23:51:41 GMT - Sat, 01 Jun 2024 23:51:40 GMT
File typeHTML document, ASCII text, with very long lines (1015) Hash8a515f4d8c9b4b73ad7e79bb1e04f177 b02ee0e66a0db210d9b73d7f0a190bfd1d3ac7d3 9b0c0d2a8f6bcda99c2333c8c387d9b6aff2f00333aafa9d66fcd34dc2a4c7b1
GET / HTTP/1.1
Host: becast.onionlive.workers.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2w7OWkEyi0LvOVlme060qoYNJK%2FHP1%2FhS3jAVIi3Lf3CF3pUc5ePayhJraDAvQe5BzdPp6iMKHuAYmzxgIhUOaftLPp8q9qMrlJbpDwbU0VAUw1X4qx%2FLko%2FrGWYM7qFOmf8ox%2FAw1MYDPlYgI2D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312ec789c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=350391741&site_id=434888&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=434888&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=298.2087919423178&bf=0.1224&iabcat=IAB25&allowed_labels= | 62.122.173.18 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=350391741&site_id=434888&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=434888&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=298.2087919423178&bf=0.1224&iabcat=IAB25&allowed_labels= IP62.122.173.18:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=350391741&site_id=434888&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=434888&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=298.2087919423178&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=350391741&site_id=434888&spot_id=434888
pragma: no-cache
vary: *
cache-control: no-cache, no-store, must-revalidate
set-cookie: 849.0=1; expires=Sat, 27 Apr 2024 02:17:00 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 | 85.184.96.28 | 302 Found | 138 B |
URL GET HTTP/2www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714097820638)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024426217%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html
content-length: 138
location: https://www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: U
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 | 85.184.96.28 | 302 Found | 138 B |
URL GET HTTP/2www.unibet.com/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashaff950cab4c0265e21d401db15f1026d f03e18461817f7a6546c8bf8fa8d686d7e30aca0 753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714097820638)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024426217%22%7d%5d
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html
content-length: 138
location: https://www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: U
x-os-class: M
x-ooops-debug: /500-pages/www.unibet.com/index.html
set-cookie: clientId=polopoly_desktop; Domain=www.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
|
|
| offmantiner.com/4/6120639/ | 139.45.197.245 | 200 OK | 14 kB |
URL GET HTTP/2offmantiner.com/4/6120639/ IP139.45.197.245:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectoffmantiner.com FingerprintD7:99:54:4F:68:91:39:12:41:98:52:CC:F1:74:C6:3C:1F:93:F3:04 ValidityMon, 25 Mar 2024 05:10:58 GMT - Sun, 23 Jun 2024 05:10:57 GMT
File typegzip compressed data, max speed, from Unix Hash96916d3189f9705b660f6537664a1aeb f63f0148ab299cbf92f991b02c5ac5198235c72b a76d830006f7658b4e781dd6361c0e046966d22e0e26f82c820d4d675bf8307e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /4/6120639/ HTTP/1.1
Host: offmantiner.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://becast.onionlive.workers.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html; charset=utf8
x-trace-id: aef64ddc6d9c6b386c533eea2870ba7f
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804ac4976b4a83e1bfbf9b97d57a5e; expires=Sat, 26 Apr 2025 02:17:00 GMT; path=/; secure; SameSite=None
oaidts=1714097820; expires=Sat, 26 Apr 2025 02:17:00 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| olivedinflats.space/redirect?tid=926092&subid=481949.633376 | 143.204.55.43 | 204 No Content | 0 B |
URL GET HTTP/2olivedinflats.space/redirect?tid=926092&subid=481949.633376 IP143.204.55.43:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerAmazon Subjectolivedinflats.space FingerprintB8:33:05:64:86:FB:77:78:F9:E4:EE:40:9E:67:DB:10:D2:EE:BB:EF ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=926092&subid=481949.633376 HTTP/1.1
Host: olivedinflats.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://filter.adxnexus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 02:17:01 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=8ac620b2-a6d0-4853-b72c-77e18e28c070
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gRpdOEqatcXdSeFxRVzhsDdCcHtQpfLovCw5G3zL_RZ8lRIDqQP5Wg==
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/8B/zK.jpg | 104.21.93.203 | | 40 kB |
URL porn13.com/thumbs/AA/8B/zK.jpg IP104.21.93.203:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x198, components 3 Hash42603449437ac1d1ddd744443472f8b9 e90bf084919d3e6c614f4d5a9d80262e25839e5b 717d47a52c0fc2988fcf3bfdee1925b9c1146acde33421f204f04cb6efe9ef17
GET /thumbs/AA/8B/zK.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:01 GMT
content-type: image/jpeg
content-length: 39752
last-modified: Fri, 19 Aug 2022 16:07:06 GMT
etag: "62ffb52a-9b48"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1791274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QkMKXXtWvpPZKS6dRXyI5%2BWpmnsNRU0fSsHKpesNGIdB69lstIoQyZ1hdkXMlD980%2BxbXspQH12A2Wf1hv0hhfyiakj315H562q%2FYTjOMapdYxkCFdVfxkh7JB8q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312f6edfcb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.linkbux.com/track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=w9o7npr6tc6obqr03is38feo&uid2=6354964 | 163.181.1.227 | 200 OK | 559 B |
URL GET HTTP/1.1www.linkbux.com/track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=w9o7npr6tc6obqr03is38feo&uid2=6354964 IP163.181.1.227:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerDigiCert Inc Subject*.linkbux.com Fingerprint85:43:2D:A8:86:CB:B4:03:47:26:A7:87:5A:80:9D:1E:E1:55:C2:92 ValidityWed, 26 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash4cb9109fea65ecca429704e7c195987b ed72d0116bd3e598d5119d428fa0c7973a4bd0bd b6319e24d88a693e02698a631405d9db3927950428dd312411343ebe5033fb79
GET /track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=w9o7npr6tc6obqr03is38feo&uid2=6354964 HTTP/1.1
Host: www.linkbux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 26 Apr 2024 02:17:01 GMT
Vary: Accept-Encoding
Set-Cookie: discuz_2132_saltkey=cdo32uje; expires=Sun, 26-May-2024 02:17:01 GMT; Max-Age=2592000; path=/; httponly
discuz_2132_lang=en; path=/
discuz_2132_lang=en; path=/
Content-Encoding: gzip
Via: cache28.l2us2[103,0], cache8.ru6[292,0]
Timing-Allow-Origin: *
EagleId: a3b5019c17140978211092218e
|
|
| porn13.com/thumbs/AA/9J/Mr.jpg | 104.21.93.203 | | 54 kB |
URL porn13.com/thumbs/AA/9J/Mr.jpg IP104.21.93.203:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 352x236, components 3 Hash216873c1c07519bdf845f887e8d47bc4 08122edef6e704341b1ffd5c9c6c64a1301e44e7 d90dbde33940dc7c9cad89f5834c301accdaaaf6bbaad0130b56aa58911c8e27
GET /thumbs/AA/9J/Mr.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:01 GMT
content-type: image/jpeg
content-length: 53837
last-modified: Fri, 19 Aug 2022 16:07:33 GMT
etag: "62ffb545-d24d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 1791213
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81WaiwAyUtOBNockVczmihuDGWUyzs4mPTfXaMzoW5Fr28Oll0pmI8EacaB6JzPDtcXRIZbTLSrJ%2BrfqYokjWoS6KqDMrf1ZjxgGiqs33iMMKJLNt7MmZJ36eDp0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312f80e3cb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=350391741&site_id=434888&spot_id=434888 | 104.21.48.207 | 200 OK | 2.3 kB |
URL GET HTTP/2topsites.hadesex.com/?source=350391741&site_id=434888&spot_id=434888 IP104.21.48.207:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com Fingerprint4A:FF:00:28:1E:63:6A:6F:9C:CB:A1:ED:C3:96:B4:AA:BE:E1:90:1A ValidityThu, 07 Mar 2024 01:42:01 GMT - Wed, 05 Jun 2024 01:42:00 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcea7b07ea8ddadca6d63c9f47109589d 40fed5fd3064dcced0e5dbfc3043f18d1f419aef 35c1993b7650a1e90fc8f9f820ec0fc19f6fa8063cf0cc1fbb3b43a7be894808
GET /?source=350391741&site_id=434888&spot_id=434888 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 7f5db1790c472fa4e5dd91a5534a355a
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BA5P4YI03ZJVMrH5aDCsdZLQK2wouEkwT%2FbqTbFX%2BzXeJk9huxtynZBrwPtGfk%2F%2ByUyp%2BMEjsGTX4i8bD4lZz0s34jgPMzpfrOvBU5gDsxxSRnUfxbKqFtOLbw7kxHQ4D2%2BdY3PVRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312f42c5db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.linkbux.com/track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=wqgqagn227f52qr03se23u0q&uid2=6354964 | 163.181.1.227 | 200 OK | 559 B |
URL GET HTTP/1.1www.linkbux.com/track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=wqgqagn227f52qr03se23u0q&uid2=6354964 IP163.181.1.227:443 ASN#24429 Zhejiang Taobao Network Co.,Ltd
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerDigiCert Inc Subject*.linkbux.com Fingerprint85:43:2D:A8:86:CB:B4:03:47:26:A7:87:5A:80:9D:1E:E1:55:C2:92 ValidityWed, 26 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash29dd27c432f9394100b3f88dfe7d96e7 cad6a31ca50af5edd5b40c27abf71f4ae91892ed ee591fccbe9ddfec9645b1f187ee28af31e287101632c470e058ba190e5dde71
GET /track/5688a24WID8UxvMohYseQZhAkydyNmU8CLVEZrksGrHD8ZY6E9i8jRNlxzN2w68kFf9qTtonRw_c_c?url=http%3A%2F%2Fwww.barbershop.no&uid=wqgqagn227f52qr03se23u0q&uid2=6354964 HTTP/1.1
Host: www.linkbux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 26 Apr 2024 02:17:01 GMT
Vary: Accept-Encoding
Set-Cookie: discuz_2132_saltkey=yqNl0Lsz; expires=Sun, 26-May-2024 02:17:01 GMT; Max-Age=2592000; path=/; httponly
discuz_2132_lang=en; path=/
discuz_2132_lang=en; path=/
Content-Encoding: gzip
Via: cache7.l2us2[109,0], cache9.ru6[453,0]
Timing-Allow-Origin: *
EagleId: a3b5019d17140978211037240e
|
|
| static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js | 64.210.135.117 | | 232 B |
URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js IP64.210.135.117:0
File typeJavaScript source, ASCII text, with no line terminators Hashed2f44cc9f2871d8668252e176c16e33 efa4750156409a21bc47ae02827d792d14ca899d 5544d0dd2f72ed204f9d4e9ca610e167ceb31854b27d188e55b1360319962e1b
GET /tour/@one/blocks/async/ContainerBlock.877c97af.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:01 GMT
content-type: application/javascript
content-length: 232
last-modified: Fri, 16 Feb 2024 21:44:10 GMT
etag: "3a99970fe-e8-61186a4e49e80"
expires: Thu, 20 Jun 2024 23:30:37 GMT
cache-control: max-age=10511277
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-7846-2-15354-h-0-0---;6139-18-20163----0-0-0
X-Firefox-Spdy: h2
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 | 85.184.96.28 | 200 OK | 42 kB |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hash38702db9c6c484731c916438dfc5466f eb6902bf5043a9a96a6ac58e96aee77675884331 cb05fc84e8271122204fa05031009986dfa41a9412e1385dae546ec43bfb45b9
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_A6FC34AFA17F4253B0E9562783875FE4&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714097820638)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024426217%22%7d%5d; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:01 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=667244a31a85ac1fc221f103401b4162|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Fri, 26-Apr-24 03:17:01 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=675bc47ed187e877a9fdd621862b196f; expires=Fri, 26-Apr-24 05:17:01 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=b91decef0aa4af1b9c194e38e9296131|52b57b1639bb8e648ac62eed802c09a2; Expires=Fri, 26-Apr-24 05:17:01 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=699EA757719BCB97CB5FB32BEF2E3173; Path=/; Secure; HttpOnly
x-request-id: be479af033e5c23d96d27a7cf6491f50
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Fri, 26 Apr 2024 02:18:01 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| happy-granny.com/thumbs/AA/g3/7k.jpg | 104.21.1.18 | | 62 kB |
URL happy-granny.com/thumbs/AA/g3/7k.jpg IP104.21.1.18:0
File typeJPEG image data, baseline, precision 8, 1188x668, components 3 Hashbbb99d3ff11fe9232e6e2625dd9dfe09 b02588e6e59f86b03c3942829a5729a3ed34376d 625a0cdf0fd7515101d9fb5e8525cad9f4ddfbf9bde19fd06645c548e52c6766
GET /thumbs/AA/g3/7k.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:02 GMT
content-type: image/jpeg
content-length: 61510
last-modified: Tue, 30 Jan 2024 14:35:43 GMT
etag: "65b9093f-f046"
expires: Sun, 05 May 2024 13:52:01 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1772701
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cB0aAmEy6%2FLzdJSH%2Fh0LMz%2FBOtTAHNH7%2Bgi2mE2IZa44SHfkpP8Omtki0xUvW8PACYhGo7SZy%2F7rzfpQZO2DGYy1Y4vFw0MR52mNmdqiW%2Bh2wzn8cVQSao5rcwf71UjJaB7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312fc6c77b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/oP/Fv.jpg | 172.67.223.1 | | 91 kB |
URL voyeurix.com/thumbs/AA/oP/Fv.jpg IP172.67.223.1:0
File typeJPEG image data, baseline, precision 8, 1136x640, components 3 Hash2a744953fa262e373cac677aa11772f3 41f702c33fac7f0cfa8c99c9f3509a00e50dd9a3 5a49244caab029409e65c07dd1146dad020c461fb164641c46e59cb99c7549ed
GET /thumbs/AA/oP/Fv.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:02 GMT
content-type: image/jpeg
content-length: 90769
last-modified: Tue, 01 Oct 2019 20:28:14 GMT
etag: "5d93b6de-16291"
expires: Wed, 01 May 2024 20:16:43 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2095219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIq3OIoAPkV6HUfC9uze0Jm28Q%2FkUTERpsMkCuSg1XmahdzqmBwjh5c%2BCuRmycDng0Rd5dUr%2B58uxFH4mP%2BcR%2F3WDxJwbltHuW52vE1gb88BUcUSTdXdpDnVLd0DvS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312fc8c27b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/ap/VK.jpg | 104.21.48.207 | | 0 B |
URL hadesex.com/thumbs/AA/ap/VK.jpg IP104.21.48.207:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/AA/ap/VK.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=350391741&site_id=434888&spot_id=434888
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:17:02 GMT
content-type: image/jpeg
content-length: 0
last-modified: Sun, 24 Mar 2024 10:03:33 GMT
etag: "65fffa75-0"
expires: Fri, 03 May 2024 10:06:29 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1959033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILbYk%2FWWHyQIl8m1BISnWnyoO1kMJrIi41yFG5UXlI%2BRLWLfA7%2B6iHCq7TK0597EA1YKiF1TKF0QCiuB82Pty0Py3wUKtuHS9PMEPCNZgBxIlnUMfYWezo1BcGsR2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312fcfb72712b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tgp1.brazzersnetwork.com/_p1cdn/tour/vortex.modern.min.js | 66.254.114.234 | | 10 kB |
URL tgp1.brazzersnetwork.com/_p1cdn/tour/vortex.modern.min.js IP66.254.114.234:0
File typegzip compressed data, max speed, from Unix Hashde5a7a98e671499a706f8690f6674aaf 3c983e8cfedc6de831a857c4d8807ed7ab17fda0 4e84085644285d4192c53d8514af58c7fa17cc5fb644b99c38824a9f7d49e209
GET /_p1cdn/tour/vortex.modern.min.js HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrn0l3u0o41mqtjrotqrposuomolomlndrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUy3WWzXOc6V0rpXSuldK6V0rpXSuur4n2ouol01z4lml1nusmun0n0muzppncH2A-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 08 Feb 2024 21:05:55 GMT
etag: W/"3a8c4c948-94e3-610e52d5eb2c0"
expires: Sat, 15 Jun 2024 11:16:34 GMT
cache-control: max-age=10694520
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: dfw1-15026-1-3809976-h-0-0---;15026-134-4148246----0-0-0
set-cookie: __s=662B0E9C-42FE72EA01BB317808-13B604;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| static2-ma-ht.project1content.com/tour/main.00b54845.js | 64.210.135.117 | | 160 kB |
URL static2-ma-ht.project1content.com/tour/main.00b54845.js IP64.210.135.117:0
File typegzip compressed data, max speed, from Unix Size160 kB (160237 bytes) Hashd12b082778f131b476c6bf23a18b11b1 200359d3a7cb55557b37e4b71e37ee32ec969a6e 1c580075864109b0784f0dbecb4b63a9ab7ec856e8e33babb9630ccb82c83629
GET /tour/main.00b54845.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 25 Apr 2024 15:10:58 GMT
etag: W/"3ad361681-71a38-616ed31c02480"
expires: Sun, 25 Aug 2024 05:39:55 GMT
cache-control: max-age=10503950
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-6249-3-38008-h-0-0---;6139-32-20163----0-0-0
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/mC/Rr.jpg | 172.67.164.95 | | 16 kB |
URL gftranny.com/thumbs/AA/mC/Rr.jpg IP172.67.164.95:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash76e3d166c22c93854ec2c68c2024eb5d 039d741e757e4a3e0d6393afb669eab414e5a0a3 f0eb0f5dff081c3d74b9f859a71a7d0c71a3db4df39cbb8ed684f34fe5e87a82
GET /thumbs/AA/mC/Rr.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:02 GMT
content-type: image/jpeg
content-length: 16396
last-modified: Sat, 16 Mar 2024 14:27:49 GMT
etag: "65f5ac65-400c"
expires: Thu, 16 May 2024 08:43:08 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 840834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Be%2FDL1kr7qADCroSPe%2B2tDkeI8R1qtdoC0hCRXsyz20dv6ai%2BowVHllcp4bZfxQ0ErDlnsAKoScz1otHZIiLhcfAMj%2FmbOu9JoIEiBqSblDMnkLN5pZ4U98cQRGrk0c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312fd1eb056b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/fw/P0.jpg | 172.67.164.95 | | 20 kB |
URL gftranny.com/thumbs/AA/fw/P0.jpg IP172.67.164.95:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash98622c7f0c1ceb391999dfd4de2a4a00 6ba980bf9b47980249b59f769859675484a51fc1 e4008e753cd0c50eb38c97c57457d45d5dc9060d951baf341491b872099fbc8e
GET /thumbs/AA/fw/P0.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:02 GMT
content-type: image/jpeg
content-length: 19745
last-modified: Thu, 14 Mar 2024 14:13:08 GMT
etag: "65f305f4-4d21"
expires: Sun, 12 May 2024 07:34:54 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1190528
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mCJLyF8vFDkVOji%2FU0Xa1Q5KUGUhv%2FarPrzkavCZNvWGLMoLsUXBjD%2F3NIsddNlXsmivNjwd3KRsg%2FuEJM4m%2BYEgpcU0QlNSOwCpmhYMl3yF9GljpfuC7YslmH0lNck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312fd1eb156b9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | | 16 kB |
URL fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 208164
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44o0v9104348843z8832020053za200&_p=1714097816911&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1348535936.1714097818&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714097817&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&dt=Vidoza&en=error_network&tfd=7440 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/3region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je44o0v9104348843z8832020053za200&_p=1714097816911&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1348535936.1714097818&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714097817&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&dt=Vidoza&en=error_network&tfd=7440 IP216.239.32.36:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je44o0v9104348843z8832020053za200&_p=1714097816911&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1348535936.1714097818&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1714097817&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&dt=Vidoza&en=error_network&tfd=7440 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Fri, 26 Apr 2024 02:17:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| olivedinflats.space/redirect?tid=926092&subid=623703.876_152853 | 0.0.0.0 | | 0 B |
URL GET olivedinflats.space/redirect?tid=926092&subid=623703.876_152853 IP0.0.0.0:0
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerAmazon Subjectolivedinflats.space FingerprintB8:33:05:64:86:FB:77:78:F9:E4:EE:40:9E:67:DB:10:D2:EE:BB:EF ValiditySun, 11 Feb 2024 00:00:00 GMT - Mon, 10 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?tid=926092&subid=623703.876_152853 HTTP/1.1
Host: olivedinflats.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| str39.vidoza.net/nvl4f5gnb4feieno3ukqpd73o3uujecdjb3kdm2plcmlhjr4zpky3mty5uma/v.mp4 | 109.202.99.62 | 206 Partial Content | 3.3 MB |
URL GET HTTP/2str39.vidoza.net/nvl4f5gnb4feieno3ukqpd73o3uujecdjb3kdm2plcmlhjr4zpky3mty5uma/v.mp4 IP109.202.99.62:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
Size3.3 MB (3331635 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /nvl4f5gnb4feieno3ukqpd73o3uujecdjb3kdm2plcmlhjr4zpky3mty5uma/v.mp4 HTTP/1.1
Host: str39.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: video/mp4
content-length: 3331635
last-modified: Thu, 09 Nov 2023 15:39:15 GMT
etag: "654cfd23-32d633"
content-range: bytes 0-3331634/3331635
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 302 Found | 13 kB |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: x3331534=445255079; Domain=.adxnexus.com
Cache-Control: no-store
Location: https://filter.adxnexus.com/filter?q=&i=kDHswDEqeGg_0&ci=-6052789982724466820&t=275153547
|
|
| www.clktoro.com/feed/click/?t1=128&tid=876&uid=102&subid=152853&id=9c4ca76d3c49cd4c99dbde6eccf0f59e:65ba9be1d5d17a33e46bb321e83183edcd322494572bd32db32000295319f940a753a4a31c67c7705730a471a88e4e6af7151bd6567f2ccfb963f7154888d16dd9d547573b4c34bb3697205baea4636bce2134d46ccdc601a645892444eed20cf0dede5dd9135f493bb84bf091a2e5bf365ff68ded4ef395632f9996a2b54d87b8d0d522763a2190484294eae57bd359729203a3cbf2270c978943ca69b8da55ab9550ca92f8d0a819652311d3304123cd50d8f661b16b8f545c6dbb9bf9f3dd36ac96e625734945b6b750b8f3770918910ea12fd38d76a6ae4a08d0bd07c1c027620d42d73f1b78abd6f7cdf24f95d82a1760aec9c31b7744fcc0a51e5d61b6a126a58098e808432a986718da88178f2d24bd405233cea55d4dd9e5134d7649 | 142.93.240.225 | 302 Found | 0 B |
URL GET HTTP/1.1www.clktoro.com/feed/click/?t1=128&tid=876&uid=102&subid=152853&id=9c4ca76d3c49cd4c99dbde6eccf0f59e:65ba9be1d5d17a33e46bb321e83183edcd322494572bd32db32000295319f940a753a4a31c67c7705730a471a88e4e6af7151bd6567f2ccfb963f7154888d16dd9d547573b4c34bb3697205baea4636bce2134d46ccdc601a645892444eed20cf0dede5dd9135f493bb84bf091a2e5bf365ff68ded4ef395632f9996a2b54d87b8d0d522763a2190484294eae57bd359729203a3cbf2270c978943ca69b8da55ab9550ca92f8d0a819652311d3304123cd50d8f661b16b8f545c6dbb9bf9f3dd36ac96e625734945b6b750b8f3770918910ea12fd38d76a6ae4a08d0bd07c1c027620d42d73f1b78abd6f7cdf24f95d82a1760aec9c31b7744fcc0a51e5d61b6a126a58098e808432a986718da88178f2d24bd405233cea55d4dd9e5134d7649 IP142.93.240.225:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectwww.clktoro.com FingerprintE5:5C:88:AE:D1:C2:D4:37:03:54:45:7E:3E:5E:C6:C5:6A:E8:E4:C8 ValidityWed, 27 Mar 2024 06:29:04 GMT - Tue, 25 Jun 2024 06:29:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feed/click/?t1=128&tid=876&uid=102&subid=152853&id=9c4ca76d3c49cd4c99dbde6eccf0f59e:65ba9be1d5d17a33e46bb321e83183edcd322494572bd32db32000295319f940a753a4a31c67c7705730a471a88e4e6af7151bd6567f2ccfb963f7154888d16dd9d547573b4c34bb3697205baea4636bce2134d46ccdc601a645892444eed20cf0dede5dd9135f493bb84bf091a2e5bf365ff68ded4ef395632f9996a2b54d87b8d0d522763a2190484294eae57bd359729203a3cbf2270c978943ca69b8da55ab9550ca92f8d0a819652311d3304123cd50d8f661b16b8f545c6dbb9bf9f3dd36ac96e625734945b6b750b8f3770918910ea12fd38d76a6ae4a08d0bd07c1c027620d42d73f1b78abd6f7cdf24f95d82a1760aec9c31b7744fcc0a51e5d61b6a126a58098e808432a986718da88178f2d24bd405233cea55d4dd9e5134d7649 HTTP/1.1
Host: www.clktoro.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
X-Powered-By: Express
Surrogate-Control: no-store
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Expires: 0
Location: https://xml.green-resultsbid.com/click?i=fBtV48js1t8_0
Vary: Accept
Content-Type: text/html; charset=utf-8
Content-Length: 152
Date: Fri, 26 Apr 2024 02:17:00 GMT
Connection: keep-alive
Keep-Alive: timeout=5
|
|
| videzz.net/embed-e5yo2jpv62um.html | 78.142.18.54 | 200 OK | 37 kB |
URL User Request GET HTTP/2videzz.net/embed-e5yo2jpv62um.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /embed-e5yo2jpv62um.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 25 Apr 2024 02:16:55 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Thu, 27-Apr-2023 02:16:55 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.animezeno.sbs/
|
|
| www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 | 85.184.96.28 | 200 OK | 0 B |
URL GET HTTP/2www.unibet.com/browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 IP85.184.96.28:443 ASN#47171 Unibet Services Limited
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectunibet.com Fingerprint2B:C6:A1:8E:D9:8C:18:0A:16:90:13:90:D9:82:2B:F0:6E:28:72:EC ValidityTue, 05 Mar 2024 00:10:07 GMT - Mon, 03 Jun 2024 00:10:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /browser-notification?UrlParam=/stan/campaign.do?cmpId=2799402&affiliateId=1&unibetTarget=/nu/pop/sportsbook/multisports/index.html&targetDomain=https://welcome.unibet.com&btag=320669908_77E11B068F174B7EADA386C4DDEFA954&sref=GIG&GIG=NO_DESK_SB&affiliateId=1&pid=85891437&bid=37950 HTTP/1.1
Host: www.unibet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a85891437%2c%22BID%22%3a37950%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1714097820638)%5c%2f%22%2c%22CookieTag%22%3a%223795085891437451240919C2024426217%22%7d%5d; clientId=polopoly_desktop
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:17:01 GMT
content-type: text/html;charset=utf-8
set-cookie: INGRESSCOOKIE_APIGATEWAY=4ab631f0aabcd9a86429ecee3ff1ce87|cfa05ea48f7ba1e9a8f8d10007d08d5e; Expires=Fri, 26-Apr-24 03:17:01 GMT; Max-Age=3600; Path=/; HttpOnly
cms_tomcat=9b88f1c8056ecc3ed3dbbae16c9676d9; expires=Fri, 26-Apr-24 05:17:01 GMT; max-age=10800; httponly; secure; path=/
INGRESSCOOKIE_CMS=7d42b6e2646211d070c6f61680385012|52b57b1639bb8e648ac62eed802c09a2; Expires=Fri, 26-Apr-24 05:17:01 GMT; Max-Age=10800; Path=/; HttpOnly
USESSIONID=9EB7C83E5F7DD829DB363098F7923874; Path=/; Secure; HttpOnly
x-request-id: 8771131c3841db9001b7bb518670b41e
x-ua-compatible: IE=Edge,chrome=1,requiresActiveX=true
cache-control: public, max-age=0, s-maxage=60
expires: Fri, 26 Apr 2024 02:18:01 GMT
vary: accept-encoding
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-ooops-debug: /500-pages/www.unibet.com/index.html
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 104.22.71.197 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeC0kBV8KrFm3Zkv8J%2Bge%2FSmdij%2FcSJYFqs%2FClTVJvkDxtE2k4Lm3nrK2rBTmLtPWAmSuAfBAXieePa6WMNRv1VRamIPriaRn61zPtoPKykLcjj95XYi5NXBqGD5AN7dpzhIuExa"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3098
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e09e2592da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
vary: Accept-Encoding
etag: W/"66163901-29645"
expires: Sun, 26 May 2024 02:13:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-65a66"
expires: Sun, 26 May 2024 02:15:44 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 1.4 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://becast.onionlive.workers.dev/
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.97.1 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3083
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BIlLfK1lRh%2FjOOGDuhCy6t0oRnnoNGRX6Tt4YuFLqRuqq8cx2doxv9G9wchq5j%2BRnevbdGDNvDD8ppZg37Qn9lk9L3C%2FvopSItP1UQSLN0J3BleUe%2B4ng6AZ8mvsEAPQibh3IEPt326n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312e108c856c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.animezeno.sbs/ | 172.67.144.219 | 200 OK | 1.4 kB |
IP172.67.144.219:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectanimezeno.sbs FingerprintD1:88:3B:4F:6E:24:62:91:E5:7C:D7:4B:24:7E:37:2C:B4:E6:81:07 ValidityFri, 12 Apr 2024 00:39:53 GMT - Thu, 11 Jul 2024 00:39:52 GMT
File typeHTML document, ASCII text, with very long lines (1380), with no line terminators Hashbe42cb30510e54f37a69e2c5f244a5fd 982132974a70f7fbb26f4de4f0d29f78fc960c4c ff4814e83aad096af9d3ddfb373f00d40d170c57169edff731511efa661063f9
GET / HTTP/1.1
Host: www.animezeno.sbs
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AIscB80JHgnYJ%2FvklAwxSYfJmohs%2BsvtmKSaduh%2FcbuUp5P29T25hSw9LqxChVYe5OmLgGm8r3NNhygYfFVGF6kJKDlRU2sdA68L%2B8EWy5nCRq10hM%2FutPTbFSnsvySQTtcDXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a312e8ed8a56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 618 kB |
URL GET HTTP/2videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeASCII text, with very long lines (63495) Size618 kB (618399 bytes) Hashffba0e4b3edaa1a4c6bc7ef04bcf0ba9 3507ae56cc30b273cf17d0cf4de234dafa4db0eb 57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-96f9f"
expires: Sun, 26 May 2024 02:13:27 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| tr.7vid.net/api/settings/59845 | 135.181.208.216 | 200 OK | 33 B |
URL GET HTTP/2tr.7vid.net/api/settings/59845 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash511ff610a0435434dd22a4836719fbb3 0cf692a9ecb6dd3d715e3315e0eeccc1c384f0c3 d090111da31c837d965f1dcf49b00a53cf41686d0913627f78c5ff36d693c6d0
GET /api/settings/59845 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 104.22.71.197 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zug0GuV8TT18l%2FvMZH%2FJnDeJHp7wf%2B1Y662Hj9%2BLzz2bUcCdNCoPp%2Fh0DEFIQdCRWhP4K%2BoKw%2FRmNo3FmNPd%2Fwhjcq0lNYxvJsnDWqwQO4JO8fVs77yEaENmOQytJ1Ua8d%2FapSMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 8321
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312dcbd8092da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQPoPD80BJ2l66PF0CdDjBQaVnJv5KDrDztBxmtFOdllStaJMSiRxR5uLQsjulRoDP3WA%2B%2FuZps%2F%2BuqRf9TLJVh3iRYPeoo2XT8lj%2Bq1n3GxJ21kRqayI0%2Ffq1%2FOIlafS2iqdkR8X%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312ddaadc56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70101?s1=17561&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70101?s1=17561&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70101?s1=17561&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=p28bQrJqC3hFxCrLDGwS; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 302 Found | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:17:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://www.clktoro.com/feed/click/?t1=128&tid=876&uid=102&subid=152853&id=9c4ca76d3c49cd4c99dbde6eccf0f59e:65ba9be1d5d17a33e46bb321e83183edcd322494572bd32db32000295319f940a753a4a31c67c7705730a471a88e4e6af7151bd6567f2ccfb963f7154888d16dd9d547573b4c34bb3697205baea4636bce2134d46ccdc601a645892444eed20cf0dede5dd9135f493bb84bf091a2e5bf365ff68ded4ef395632f9996a2b54d87b8d0d522763a2190484294eae57bd359729203a3cbf2270c978943ca69b8da55ab9550ca92f8d0a819652311d3304123cd50d8f661b16b8f545c6dbb9bf9f3dd36ac96e625734945b6b750b8f3770918910ea12fd38d76a6ae4a08d0bd07c1c027620d42d73f1b78abd6f7cdf24f95d82a1760aec9c31b7744fcc0a51e5d61b6a126a58098e808432a986718da88178f2d24bd405233cea55d4dd9e5134d7649
|
|
| xml.adxnexus.com/click2?i=kDHswDEqeGg_0&ci=-6052789982724466820&j=rv%3Db%26ss%3D1280x1024%26ws%3D1362x764%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2695%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D6%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.adxnexus.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A96.0%29%2BGecko%252F20100101%2BFirefox%252F96.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1362x764%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1346x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 | 174.137.133.17 | 302 Found | 0 B |
URL GET HTTP/1.1xml.adxnexus.com/click2?i=kDHswDEqeGg_0&ci=-6052789982724466820&j=rv%3Db%26ss%3D1280x1024%26ws%3D1362x764%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2695%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D6%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.adxnexus.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A96.0%29%2BGecko%252F20100101%2BFirefox%252F96.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1362x764%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1346x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.adxnexus.com FingerprintEF:8C:9E:A5:2D:18:DD:8E:D1:6A:63:E5:B6:62:AB:BA:E6:43:A0:69 ValidityThu, 14 Mar 2024 00:00:00 GMT - Fri, 14 Mar 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click2?i=kDHswDEqeGg_0&ci=-6052789982724466820&j=rv%3Db%26ss%3D1280x1024%26ws%3D1362x764%26wp%3D0x0%26ce%3D0%26ck%3Djc%26cv%3D2695%26cs%3D0%26fr%3D1%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D6%26rf%3Dbid.bidclickmedia.com%26lo%3Dfilter.adxnexus.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28X11%253B%2BLinux%2Bx86_64%253B%2Brv%253A96.0%29%2BGecko%252F20100101%2BFirefox%252F96.0%26nd%3D1%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D0%26frc%3D0%26dbt%3D0%26prb%3D20100101%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3DLinux%2Bx86_64%26hwc%3D48%26hrl%3D%26acd%3Dpmpmm%26vcd%3Dppp%26pal%3D5%26pai%3D1%26pli%3D1%26win%3D1362x764%26wout%3D1280x1024%26wpof%3D0x0%26bcld%3D1346x19%26scrp%3D0x0%26scrad%3D1280x1024%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D0%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3Dnull%26vrd%3Dnull%26pnt%3Ddenied%26cnvs%3D7f7f7f80%26mmd_ao%3D0%26mmd_ai%3D0%26mmd_vi%3D0 HTTP/1.1
Host: xml.adxnexus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://filter.adxnexus.com/filter?q=&i=kDHswDEqeGg_0&ci=-6052789982724466820&t=275153547
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:17:00 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://olivedinflats.space/redirect?tid=926092&subid=481949.633376
|
|
| str39.vidoza.net/i/02/07346/e5yo2jpv62um.jpg?v=1714097815 | 109.202.99.62 | 200 OK | 19 kB |
URL GET HTTP/2str39.vidoza.net/i/02/07346/e5yo2jpv62um.jpg?v=1714097815 IP109.202.99.62:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeJPEG image data, baseline, precision 8, 400x300, components 3 Hash9956349ae09fc1df171a2e60f5fd9e89 92d3d1e344f10a7e8d7486c72522136234f6d3bb 1e917e4aa63facac1d03a879af638b23568303786b30aa4f44148dad4b8dfcb4
GET /i/02/07346/e5yo2jpv62um.jpg?v=1714097815 HTTP/1.1
Host: str39.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: image/jpeg
content-length: 19357
last-modified: Thu, 09 Nov 2023 15:39:17 GMT
etag: "654cfd25-4b9d"
expires: Fri, 10 May 2024 02:16:57 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bedrapiona.com/4/5615727/ | 139.45.197.234 | 200 OK | 34 kB |
URL GET HTTP/2bedrapiona.com/4/5615727/ IP139.45.197.234:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectbedrapiona.com FingerprintB5:D0:EF:3C:81:82:64:AB:B7:2E:5C:80:71:47:70:41:F0:36:B5:BF ValidityWed, 20 Mar 2024 19:29:11 GMT - Tue, 18 Jun 2024 19:29:10 GMT
File typeHTML document, ASCII text, with very long lines (18491) Hash68f941cbec651e6b9c963a3b11d8be28 30ae55bea77d8e5c9523642140051c57f9acc830 679ec63d7c97c681982c47d014fdaa9ada99fe4baa36db39721740ad21daf3d7
GET /4/5615727/ HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.animezeno.sbs/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html; charset=utf8
x-trace-id: 788a91c0c8e0e5e773bcb6a66d33cff3
link: <https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=00804a0bc8314eb6e23f4adeb4d93b5d; expires=Sat, 26 Apr 2025 02:16:59 GMT; path=/; secure; SameSite=None
oaidts=1714097819; expires=Sat, 26 Apr 2025 02:16:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=434888&cat=25&sub_id=350391741 | 109.206.176.75 | 200 OK | 5.4 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=434888&cat=25&sub_id=350391741 IP109.206.176.75:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5544), with no line terminators Hashbc26a10355f1c67a78ec9802bb0271c5 8bcb45ef6145741b8ca3d5eea298a94a63d0e3dd dc7c1476f2691adf17e7c7caca0914cd9b3ca07462df10727be5a3501a4c5c1a
GET /in/p/?spot_id=434888&cat=25&sub_id=350391741 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:16:59 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Sat, 27 Apr 2024 02:16:59 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 159 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size159 kB (158902 bytes) Hash7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-26cb6"
expires: Sun, 26 May 2024 02:12:57 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-1183"
expires: Sun, 26 May 2024 02:16:17 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 104.22.71.197 | 200 OK | 1.1 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1122), with no line terminators Hashd822c46f36a55fdbfcc5029e62e19937 c575da68fa99eeb33863f281395755cbf20004d4 062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HYrsgubd1QERqKDZJSE7ywoyVEYDX%2FUfqwie1zhk5KCK0AsBFZbUIonNn3S9IyOwGLwQWgaN%2Fd9OWmOzJ%2FaVsfev%2BWgkpeYn4BgDHXkT06Lv0gWn%2BR631l%2Bb6sp5koPXRKLYRTPm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3098
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e0ae2a92da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 | 135.181.208.216 | 200 OK | 656 B |
URL GET HTTP/2tr.7vid.net/api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (790), with no line terminators Hashc9e0c5aed7324c3dec6f7ae6e607da06 8c2f7d2b06099cb8bb1075f2a62c1688887429d9 59e90e1fa77949591cf9ace6e033269bff199311635513a948be9d3d104da56a
GET /api/users/59845?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=impDvmVR3r0ziH80DarW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| engine.blehcourt.com/Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_9af2558a-5f97-4b9d-b0ca-a5d260a869b0&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflThO8CLXW6sO8RN4I4ZObsf87ZBmjgk4J2Tz3zwiutaj7QJYFwPUQnPuQlGPepBoXE1&kw=&mw=1024&mh=768&xml=1&at= | 172.64.154.246 | 200 OK | 519 B |
URL GET HTTP/2engine.blehcourt.com/Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_9af2558a-5f97-4b9d-b0ca-a5d260a869b0&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflThO8CLXW6sO8RN4I4ZObsf87ZBmjgk4J2Tz3zwiutaj7QJYFwPUQnPuQlGPepBoXE1&kw=&mw=1024&mh=768&xml=1&at= IP172.64.154.246:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerCloudflare, Inc. Subjectblehcourt.com Fingerprint0F:49:C2:D8:C1:D2:AA:3E:A1:87:B2:53:D9:6F:1D:B0:90:BC:06:CD ValidityWed, 27 Dec 2023 00:00:00 GMT - Thu, 26 Dec 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (530), with no line terminators Hashafe9752b2b899d782c69214e6a14b696 8c015e61a1fc8f34d10dcf5080d3b181f64dadd9 c3c3f8bcbe58eb39c65564529e2c70b0766fabee807d876494c5ed07cd8141fa
GET /Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_9af2558a-5f97-4b9d-b0ca-a5d260a869b0&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflThO8CLXW6sO8RN4I4ZObsf87ZBmjgk4J2Tz3zwiutaj7QJYFwPUQnPuQlGPepBoXE1&kw=&mw=1024&mh=768&xml=1&at= HTTP/1.1
Host: engine.blehcourt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:59 GMT
set-cookie: IKSR=%7B%7D; path=/; secure; samesite=none
INF_DFL8=false; path=/; secure; samesite=none
IUID=a3aff7d0-c7c6-48ce-8c10-39ceb95dff0c; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none
ISSH=72E404; path=/; secure; samesite=none
VMI=777e6c33-838c-4708-ad1b-0a142a836c52; path=/; secure; samesite=none
IPLH=%23%7B%22129425%22%3A%5B%7B%22SId%22%3A%2272E404%22%2C%22D%22%3A%2224%2F4%2F25T19%3A16%3A59%22%7D%5D%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IPLH_Q=%23%5B129425%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
CHN=%23%5B%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
MSSH=%23%7B%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
MSRH=%23%7B%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ILP=null; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none
ILPLU=%2301%2F01%2F0001%2000%3A00%3A00; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ILEALC=%2301%2F01%2F0001%2000%3A00%3A00; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ILMPF=%23False; expires=Fri, 26 Apr 2024 06:16:59 GMT; path=/; secure; samesite=none; httponly
IPMPLU=%2301%2F01%2F0001%2000%3A00%3A00; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IPMUID=%23; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
BSWUID=%23; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IKSR=%7B%7D; path=/; secure; samesite=none
IBL=%23%5B%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none
IOPT=%23%5B%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IPLSH=%23%7B%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IPLSH_Q=%23%5B%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IZH=%23%7B%2230224%22%3A%5B%7B%22SId%22%3A%2272E404%22%2C%22D%22%3A%2224%2F4%2F25T19%3A16%3A59%22%7D%5D%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IZH_Q=%23%5B30224%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IMCH=%23%7B%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IMCH_Q=%23%5B%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IMH=%23%7B%22137643%22%3A%5B%7B%22SId%22%3A%2272E404%22%2C%22D%22%3A%2224%2F4%2F25T19%3A16%3A59%22%7D%5D%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
IMH_Q=%23%5B137643%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ISH=%23%7B%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ISH_Q=%23%5B%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ISPH=%23%7B%226713%22%3A%5B%7B%22SId%22%3A%2272E404%22%2C%22D%22%3A%2224%2F4%2F25T19%3A16%3A59%22%7D%5D%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ISPH_Q=%23%5B6713%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ICH=%23%7B%2261126%22%3A%5B%7B%22SId%22%3A%2272E404%22%2C%22D%22%3A%2224%2F4%2F25T19%3A16%3A59%22%7D%5D%7D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
ICH_Q=%23%5B61126%5D; expires=Wed, 26 Apr 2034 02:16:59 GMT; path=/; secure; samesite=none; httponly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 87a312e83aeb56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-1762a"
expires: Sun, 26 May 2024 02:12:57 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| str39.vidoza.net/nvl4f5gnb4feieno3ukqpd73o3uujecdjb3kdm2plcmlhjr4zpky3mty5uma/v.mp4 | 109.202.99.62 | 206 Partial Content | 377 kB |
URL GET HTTP/2str39.vidoza.net/nvl4f5gnb4feieno3ukqpd73o3uujecdjb3kdm2plcmlhjr4zpky3mty5uma/v.mp4 IP109.202.99.62:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6 ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size377 kB (376778 bytes) Hashd103737b4cf7e548767d3ae69f6cfd57 ab5c3e471a51baa4ddc6a20dd32d09a58812968d 9abc5960684e7d79ad6de47a0d5f375111092ddfa68cf4cc7526eb7cc638be51
GET /nvl4f5gnb4feieno3ukqpd73o3uujecdjb3kdm2plcmlhjr4zpky3mty5uma/v.mp4 HTTP/1.1
Host: str39.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: video/mp4
content-length: 3331635
last-modified: Thu, 09 Nov 2023 15:39:15 GMT
etag: "654cfd23-32d633"
content-range: bytes 0-3331634/3331635
X-Firefox-Spdy: h2
|
|
| allvideometrika.com/f.php?sid=212515 | 104.21.83.61 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP104.21.83.61:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QidTRIkP8UuiJCC8S%2BdrTCSuYRxyNORQOAMBTPsRu%2FzupBZ7lZsaTOY8uY7gjSgD4G5CSEL9twmw3kaj%2Be3ZgvVRX%2FtF7J3tnQH6SsrZyZKMuh%2BvyvBrZChyNtyG14DEjPtujcn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312e29c485687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 302 Found | 519 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://engine.blehcourt.com/Redirect.eng?MediaSegmentId=85379&dcid=1_ctx_9af2558a-5f97-4b9d-b0ca-a5d260a869b0&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=nnBcM9XkSvQ-mYanlxbSWqaqLU12yHwrzrFKK00fiG5WDZ-m0SyKjSkyCLj7dPhawjHAIimdW5wPuntnYC7zH_09-KFe0hYP1EBCZFWK-JH8SChpS-ChXTFJ05j0ru_ilUXHNEmLzbcXDQ-2u7bDqbp3Qa-3g9xh0-TBEwYYMQTuQasoyi6zNf5LkP3PI-SMXfLMRnRv_a3btjtcNXt6_G1zHvoaz_Yf1p74s_Q4RzrvmDpvlTIgibhodI7eCWt4UsCAZXzUjHhKCTRALNS3Ngtyl5iUHWyxJZuy6RW3N-h5V9-LA8a85kW3rbQQQi7RZveTCCJNv0f3CNTPuzf3ToEApAh7R1v419NOnA7RLnJyJKXTIcBanOc9Xd4GuCc85uEvFsVES5HgKQiKGrlWMFJBHKbyLFsuxQ0DAV59mTdzpyk0m40_ugf2RTULYUy5oRzItI-OFRyuUw6xXOBT4uca1QoNzEFMntVxAsNu998iqhseKtIDfUB5U1Woe6_ByNLMOhc36IkPVFKNKtW3-wiWJ0XgyC8ZEcv4p82HAVIa5VobnnNOWIb1g09Tv-VVSIR9Hrgyo9xOFKUte6ejkaC_lHslcgg3mjz5nIckDbeClEoeG0YPUxxRTJDzTmrgoQKVkp4-Wkn4lALeeSNTHLcSLZq9hV7xro8O4I5rEh1KWQWEjuJ1qUbGe6LmzVF9CzHBbGXeCbyAALn82eHn2hrPTTx4TV9djWBHh5sZsBDNznqm58M4mTx_vsa-Af-iDEOglV0p5asjExOIkUwrB7oLkPnn9DghFOoO8u1CPlptJdrvjorr_ynr9yqbWKRVbDzi_T4bl2bFVLMOsuDvtPy-s2zls-ySIlPz2oJWXmPrtJWJoSNfrWN_eqYTjs2WfJwcorHzkAfrl4XffRWOnEYbBeP6Kl06y0UhzaxZflThO8CLXW6sO8RN4I4ZObsf87ZBmjgk4J2Tz3zwiutaj7QJYFwPUQnPuQlGPepBoXE1&kw=&mw=1024&mh=768&xml=1&at=
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.93 | 200 OK | 310 kB |
IP143.204.55.93:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
Size310 kB (310487 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: t_jCNp6dO2TPbJWK8iwnsvVj7s-q9Ilol-09Mjsve2Eav-2OamNqDQ==
age: 1269915
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 104.22.71.197 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2uyznthxAYKLdqkqMFs%2BlEmSND%2FCZW0SgKJ90BaRtGb5KqnzDppiPL7X%2FonZ8a7tCIwb6q1ayJ2CjdGXG%2F%2FKHGIr3pkK%2BZl5ILozvXlUtMJT9pwQBhRfaQMa48icbnNAN1iN5Sbc"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9856
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312dccd8692da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 26 Apr 2024 02:16:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-22364"
expires: Sun, 26 May 2024 02:15:31 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 104.21.37.74 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP104.21.37.74:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ILGxv%2BAEnGM5gnGvdV2u%2B4sftYGNufagb45VUpgUOa90aY2X0qXw8rRDU0d69V%2FQtGI3ETb4P8etFx9sx9666tOzp5lzYK%2FSEJgKnQ8xCbq61kmz9vZYEEYRPN%2FM%2BCaxyxSj1GrK7Z8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a312ddaad856c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 104.22.71.197 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CohOZeOb1xMSZ%2BHTUsfImZLbvEqa4vkKVJ1bSdKkcq99if2hWa%2FX%2B2IKUGa0Khmu1oNHn55RePDGaGgk7mtdV7niwHMHX40wQicF7lQ%2FDVFidd4m1GM%2F8gZ2ykiP33rwQNp%2BvyvW"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3098
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e0ae2992da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 | 135.181.208.216 | 200 OK | 915 B |
URL GET HTTP/2tr.7vid.net/api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjecta.gatwins.site Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT
File typeASCII text, with very long lines (1022), with no line terminators Hash90e43e53d602e511a72d91e268777f96 91290d4d15275ee4a1164bdfcd71159dd542a71f 2a05524ceb00e2e9ad70092d65462717ddeb4f061299bf220ded43cfbaeaa10b
GET /api/users/246356?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-e5yo2jpv62um.html&sid=d41b560b-1ffb-441d-94e3-e6fc2e6b5225&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=17561 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=impDvmVR3r0ziH80DarW
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 2749260
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312d80937b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 104.22.71.197 | 200 OK | 429 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (439), with no line terminators Hash874e1638740e061f9fa55eda3180724c 108a7e30fa0f7d50b961845ec970a2745f3c821f d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA%2B6CgmC8jseqBD58yzw3g08jOUphhgsylzMxZ9D42vO%2BJBt32H6ze0OdR1laWID89ODHa4t%2Bxndp0DSd5UXaRTw8BQyEZ3vgr9VvN7BcD2jiKHRKXH68v4autIBxyvEqTc%2B93g%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3098
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e09e2492da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 104.22.71.197 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxxP6fA7SCmH2G8WV1QlWSjYQqrhXMuU4mnVJ%2BC0TDBdD0m8wauRAkLOYl50RXawR1%2FOrt1xlzKQtqQJ8MuStl%2FhFDuRrC%2FB3dR8cstocthEq4VNWZUXk%2BKWd5%2FD0y55l3S4oUfS"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3098
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e09e2792da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1; file_id=36731439; aff=17561; _ga_HEX1BG8H46=GS1.1.1714097817.1.0.1714097818.59.0.0; _ga=GA1.1.1348535936.1714097818
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-47e"
expires: Sun, 26 May 2024 02:13:21 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.831052859736545 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.831052859736545 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5 ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/videojs.stm.5.min.js?0.831052859736545 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-e5yo2jpv62um.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1c25"
expires: Sun, 26 May 2024 02:16:56 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 | 173.239.53.20 | 302 Found | 1.3 kB |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612978&auth=7PcDFD&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612978&auth=7PcDFD&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:16:59 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://xmlclick.adokutrtb.com/nrtb/click?bid=oODDm5N7qh2GDVirguOB2nvPG-00im09b2VCSXXd8n2k4QVId1hXqo4gCfovzCSZ_0_5
|
|
| tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrn0l3u0o41mqtjrotqrposuomolomlndrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUy3WWzXOc6V0rpXSuldK6V0rpXSuur4n2ouol01z4lml1nusmun0n0muzppncH2A- | 66.254.114.234 | 200 OK | 961 kB |
URL GET HTTP/2tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrn0l3u0o41mqtjrotqrposuomolomlndrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUy3WWzXOc6V0rpXSuldK6V0rpXSuur4n2ouol01z4lml1nusmun0n0muzppncH2A- IP66.254.114.234:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectbrazzersnetwork.com Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT
Size961 kB (960610 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrn0l3u0o41mqtjrotqrposuomolomlndrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUy3WWzXOc6V0rpXSuldK6V0rpXSuur4n2ouol01z4lml1nusmun0n0muzppncH2A- HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2BDA3AC434E05642982B295491316520E3C30709C147ABA2FE054F4AD800
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 281681
x_ats_instance_type: tour
etag: W/"ea862-+5ASKHHFRnynKMa7mZH2xswVZD8"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzE0MjYyNDAwLCJpZCI6MjgxNjgxLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.APaE27xlA-BVCXnITcXazNyfr0GlkcKivnXoRUYT110; Max-Age=86400; Path=/; Expires=Sat, 27 Apr 2024 02:17:00 GMT
__s=662B0E9B-42FE72EA01BB317808-13B5F5;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| r.linksprf.com/v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w9jhurfoja1h6qr0jsitc964 | 18.202.86.139 | 403 Forbidden | 64 B |
URL GET HTTP/2r.linksprf.com/v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w9jhurfoja1h6qr0jsitc964 IP18.202.86.139:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectlinksprf.com Fingerprint7E:D9:A0:4D:90:12:E1:21:0E:82:44:FD:FA:D4:CA:8A:3D:B8:9D:49 ValidityMon, 22 Apr 2024 10:08:23 GMT - Sun, 21 Jul 2024 10:08:22 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash3bfce3b444a35b2dfdd8075b1e63d27c 97bf8455a6c7aab565f90cf102fffb919e0627ee 757e9f03f777362360a079729fe806ce273a8d23c51de5406c07500b734f08db
GET /v1/redirect?type=linkId&id=f26dd7fa37f24f46b0c2391acccde803&api_key=9705c66008eb291ff1cf7463b862cbab&site_id=549da8f368554c7cbde84b3ae883b5f7&dch=feed&ad_t=advertiser&yk_tag=w9jhurfoja1h6qr0jsitc964 HTTP/1.1
Host: r.linksprf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 26 Apr 2024 02:17:00 GMT
content-type: application/json
content-length: 64
set-cookie: ykuid=6c10e44736164e4a85ac6ddff42e7417; Path=/; Secure; Domain=.linksprf.com; Max-Age=31536000; SameSite=None
JSESSIONID=6961728EFADB06FBD0EF122BE11FA924; Path=/; HttpOnly
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
|
|
| xml.green-resultsbid.com/click?i=fBtV48js1t8_0 | 198.134.116.29 | 302 Found | 0 B |
URL GET HTTP/1.1xml.green-resultsbid.com/click?i=fBtV48js1t8_0 IP198.134.116.29:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectgreen-resultsbid.com FingerprintC8:14:16:91:8D:B8:DF:60:61:B3:04:CF:D2:09:58:40:C7:71:8F:F5 ValidityThu, 29 Feb 2024 07:47:02 GMT - Wed, 29 May 2024 07:47:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=fBtV48js1t8_0 HTTP/1.1
Host: xml.green-resultsbid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 26 Apr 2024 02:17:01 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://olivedinflats.space/redirect?tid=926092&subid=623703.876_152853
|
|
| static.addtoany.com/menu/page.js | 104.22.71.197 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 02:16:56 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K9SlRo17%2FEYYEY7TY5VUBa2G0luclF%2Fi9mKP9JIoxaGyg9HDTkx2QKGyXUgtsqVrmCpVypdr9QFZX1ju19YZtHnDUhdiuj6G3zHqk6iKvpR1qlQKK8BqoVYJrA9%2B5qfHIQrYZfty"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 10963
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312d898d792c7-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/locale/ru.js | 104.22.71.197 | 200 OK | 2.1 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP104.22.71.197:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2170), with no line terminators Hash7581051e137324f383ce692c383a90ac 7c66ac218fd109304436e9588d602c7aaab63b82 428aafe2046340df744b20fbab6f0cd4ddfb95776790e80440cfb60788dbde2c
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:57 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=omOH0D%2F%2FbKHbCJPkdNmLfR8%2BzGCPnitB9qv%2F66TMRKWDY7WyIUiVT7HFQW6m1QLfULBGPLFPNRFippED1ZfGEJ8HPMogoHiqn6R2bStWoCkRRt1L3MFsSrtt9TCP4czTv5ufndQp5aJnB7rzqZAxu%2Bme"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1826
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e09e2292da-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.10.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.10.207:443
Requested byhttps://videzz.net/embed-e5yo2jpv62um.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 02:16:58 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1978827
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87a312e29d1856ca-OSL
alt-svc: h3=":443"; ma=86400
|
|