| videzz.net/js/pop.js?v=1.0 | 78.142.18.54 | 200 OK | 35 B |
URL GET HTTP/2videzz.net/js/pop.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hashda4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d
GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
content-length: 35
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-23"
expires: Fri, 07 Jun 2024 21:56:05 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/js/ads.js?v=1.0 | 78.142.18.54 | 200 OK | 211 B |
URL GET HTTP/2videzz.net/js/ads.js?v=1.0 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Hash09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523
GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
content-length: 211
last-modified: Sat, 27 Apr 2024 07:30:28 GMT
etag: "662ca994-d3"
expires: Fri, 07 Jun 2024 21:56:10 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/adb_logo.png | 78.142.18.54 | 200 OK | 8.3 kB |
URL GET HTTP/2videzz.net/images-newtheme/adb_logo.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced Hash98fcd22c469a5aa46df8ec4e7a8eafc9 e8d95f175d3008736995a482d7304410a1da490a b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c
GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: image/png
content-length: 8308
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
etag: "662ca9a2-2074"
expires: Fri, 07 Jun 2024 21:56:09 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/images-newtheme/attention.png | 78.142.18.54 | 200 OK | 6.4 kB |
URL GET HTTP/2videzz.net/images-newtheme/attention.png IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typePNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced Hashd28ebe1b4425fa4ab5d804792b5aa626 3183e2c59cdaed547de5fb1fc940709ed5117003 36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6
GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: image/png
content-length: 6377
last-modified: Sat, 27 Apr 2024 07:30:32 GMT
etag: "662ca998-18e9"
expires: Fri, 07 Jun 2024 21:56:26 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| videzz.net/embed-4mqtknqed6xv.html | 78.142.18.54 | 200 OK | 84 kB |
URL User Request GET HTTP/2videzz.net/embed-4mqtknqed6xv.html IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (33651), with CRLF, LF line terminators Hashdbdb6d4ec9f7b2070eecef9709d1af61 2ffe902213b822e912473b8a11f1b7e14551ec30 158c8d5470d042fbd4b4266c90b5655cb8c07f910f86061c80a919e2df2d2d0e
GET /embed-4mqtknqed6xv.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Tue, 07 May 2024 22:00:50 GMT
x-frame-options: 1
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Tue, 09-May-2023 22:00:50 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| dog.seetron.net/lx4oag1.js | 135.181.208.216 | 200 OK | 77 kB |
URL GET HTTP/2dog.seetron.net/lx4oag1.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators Hasha6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2
GET /lx4oag1.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=UA-158623850-1 | 142.250.74.168 | 200 OK | 75 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP142.250.74.168:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4179) Hashbabcc7e237aa91f8f8a22b490de744ed 8686876921384c992444b7d0b16ecbc27261416f 224aff36b7c6ac8e0b27cd36650719e3de6d16aea2e319f0a2f1ddfc490dd277
GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 22:00:50 GMT
expires: Wed, 08 May 2024 22:00:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74919
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| yd.cottoidearldom.com/1clkn/14903 | 23.109.170.209 | 200 OK | 26 B |
URL GET HTTP/1.1yd.cottoidearldom.com/1clkn/14903 IP23.109.170.209:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectyd.cottoidearldom.com Fingerprint2A:D0:1B:ED:00:0F:4A:13:3B:97:DD:33:66:5B:7E:F8:F8:E9:C8:CE ValidityThu, 25 Apr 2024 06:21:32 GMT - Wed, 24 Jul 2024 06:21:31 GMT
File typeASCII text, with no line terminators Hash9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1clkn/14903 HTTP/1.1
Host: yd.cottoidearldom.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Thu, 09-May-2024 22:00:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Thu, 09-May-2024 22:00:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css | 104.17.24.14 | 200 OK | 5.6 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css IP104.17.24.14:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 14117
expires: Mon, 28 Apr 2025 22:00:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prv5pkthZI8UZG3Y%2FPYGB9xljXpYHfO98KJOYFEyCo9BKzZeqw8bJ7RASCWQ1qKq0fOFn4Wys23T9nt6DO137yfaNy%2FjY1nekOq1aimd7rDAmVnrWyFUyDU5%2BbTPOdwUSYy39DTk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880cb997df6a7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js | 192.243.61.225 | 200 OK | 16 kB |
URL GET HTTP/1.1profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (44116), with no line terminators Hash52a1d266acf4ead5d801a125b4146ed4 4695ad2ba918c9a6e06cdcda39f6fe8f88859ec4 7f6fd1596e93b59708ad26f91c71214520517d34dadbc401fd07a92acb642697
GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35d9d6c9a063f7b11be0360de4878ca0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dog.seetron.net/api/settings/59846 | 135.181.208.216 | 200 OK | 74 kB |
URL GET HTTP/2dog.seetron.net/api/settings/59846 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typegzip compressed data, from Unix Hash79f5c8f5f277fa722fac480017545154 3b82f60d817e5b6c36002776091d06115f9782d2 1db64aeb0ab38403d8a31514e63f80c1f8059c316feba6b790d7b10365801cd9
GET /api/settings/59846 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:51 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| s.o333o.com/adgpt.js | 85.10.205.45 | 200 OK | 820 B |
IP85.10.205.45:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subjects.o333o.com FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46 ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT
File typeASCII text, with very long lines (2040), with no line terminators Hash55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237
GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:51 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hash17d83a6a1ce5ec032b9d0be6c8c68106 9b412e1c9f9694753b73daa262811ec4c420e7d1 935af939ae598190c9c8175f1ac54241ab2614b3c7599a4c92e1be2ecd42ab23
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 08 May 2024 22:00:51 GMT
Last-Modified: Wed, 08 May 2024 20:24:43 GMT
Server: ECAcc (ska/F77E)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z7xiKzfd0EfJhowExFq6UuFFuk-W7JKSi8_f9Ck5WnnC1e-OYhadqA==
Age: 5768
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5e08adc829a953a4dd0f094a6cbfece0 5488881371f6d50fc4915b6f1782851ce5ddde43 534718573691f81fe4d0baabc9c1220edce2c7aab919789ad048fda31f75590a
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=04c1b1b9-380c-43e3-af2c-af288c37dc21:1:1; expires=Sat, 06 May 2034 22:00:52 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| str30.vidoza.net/i/03/06301/4mqtknqed6xv.jpg?v=1715205650 | 213.152.176.23 | 200 OK | 28 kB |
URL GET HTTP/2str30.vidoza.net/i/03/06301/4mqtknqed6xv.jpg?v=1715205650 IP213.152.176.23:443 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintBB:ED:F5:F9:17:52:AA:FC:EE:8F:98:D4:64:46:12:76:92:0E:B5:CE ValidityFri, 12 Apr 2024 01:22:23 GMT - Thu, 11 Jul 2024 01:22:22 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3 Hashaec7b156978ed702f815d3e04101725d e85de45198f8ecf44b272fcca9103332d02e770d b4b90c10e5c84e31e5dd6cf97fcd090adae53ec87645b85250b565b07b68486a
GET /i/03/06301/4mqtknqed6xv.jpg?v=1715205650 HTTP/1.1
Host: str30.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 22:00:52 GMT
content-type: image/jpeg
content-length: 27719
last-modified: Thu, 22 Dec 2022 17:48:21 GMT
etag: "63a49865-6c47"
expires: Wed, 22 May 2024 22:00:52 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31pnK5n | 172.67.205.77 | 200 OK | 95 kB |
URL GET HTTP/2bid.bidclickmedia.com/sub/31pnK5n IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text Hashf43a9f52bdd16907856bcccdc018b8c9 260324361bf19dc2ea4982f6fd312f9c8d5039cc 0ce413bbb7e1789744cfd7f9c3bc4614d9c5086f6dd9cbad67bdc4d181b9d5be
GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRgVcfgNKaCiql%2BlHUK1HGLCZACOsSrDy58x08DqAPcZWPYwS9JWtZci%2BNEaw5PPFYRtRqgOdP9jHjiMx%2BQfj7pA%2ForiQQL2kPaB3fwNowc4r%2B6DVZ5ZGN095WXxihcXAeHoG2JWx58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b59e9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gloomilysuffocate.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js | 192.243.61.225 | 200 OK | 30 kB |
URL GET HTTP/1.1gloomilysuffocate.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash91733f854b56fb07ce66b7fb26c3182a e6914be06aa7eaf2864f2ed6f737e94afafc1eb8 34580839bc49d64138af00499edba6fe1ed3830e0be658ff0a45b359102a5f5f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6587a4fef1521991629ce7a0a4e3472e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 3.124.83.201 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.124.83.201:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5e08adc829a953a4dd0f094a6cbfece0 5488881371f6d50fc4915b6f1782851ce5ddde43 534718573691f81fe4d0baabc9c1220edce2c7aab919789ad048fda31f75590a
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=04c1b1b9-380c-43e3-af2c-af288c37dc21:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 | 104.18.11.207 | 200 OK | 77 kB |
URL GET HTTP/3maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 IP104.18.11.207:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 77160, version 4.459 Hashaf7ae505a9eed503f8b8e6982036873e d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 711746
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb9a04eba5697-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.o333o.com/vast-im.js | 143.204.55.90 | 200 OK | 90 kB |
IP143.204.55.90:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subjectcdn.o333o.com Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT
File typegzip compressed data, from Unix Hash9325a1e75a0fe4f1f18bfce2c532356e 2eef80324122518d569bd5d5c028056d1efb6f4d 8591df00c442e67329d1e8de58aebcb1df9098d2360adb6eaa1492338ea8eef7
GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 4pZeIp6c99Uu-pMI9T1IeMUxbH0qz26bhthlT3c1nHMXL5Yp9_NPgw==
age: 2377750
X-Firefox-Spdy: h2
|
|
| str30.vidoza.net/nvl4hwdw34euieno3u5ahxvdp3fkzjbdftrydg7wml2jb4okw6kzmwyybhgq/v.mp4 | 213.152.176.23 | | 449 kB |
URL GET str30.vidoza.net/nvl4hwdw34euieno3u5ahxvdp3fkzjbdftrydg7wml2jb4okw6kzmwyybhgq/v.mp4 IP213.152.176.23:0 ASN#49453 Global Layer B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidoza.net FingerprintBB:ED:F5:F9:17:52:AA:FC:EE:8F:98:D4:64:46:12:76:92:0E:B5:CE ValidityFri, 12 Apr 2024 01:22:23 GMT - Thu, 11 Jul 2024 01:22:22 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Size449 kB (448817 bytes) Hash10734ace7eeaa053336aad9d35fdd4fe ce1d787a536acb9f66cdfd98ad9f5d7e9955d5d9 7fec6f57bbd4eaaf7a9bf8cb07b5021304dd38776667aefc9d98dbf5be616e6c
GET /nvl4hwdw34euieno3u5ahxvdp3fkzjbdftrydg7wml2jb4okw6kzmwyybhgq/v.mp4 HTTP/1.1
Host: str30.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Wed, 08 May 2024 22:00:51 GMT
content-type: video/mp4
content-length: 235748236
last-modified: Thu, 22 Dec 2022 17:48:20 GMT
etag: "63a49864-e0d3b8c"
content-range: bytes 0-235748235/235748236
X-Firefox-Spdy: h2
|
|
| harassmentgrowl.com/pixel/purst?dl=0&th=0&sc=0&rs=2247&rd=2247&fd=715&bv=24.5.6485&tmpl=136 | 172.240.108.76 | 200 OK | 0 B |
URL GET HTTP/1.1harassmentgrowl.com/pixel/purst?dl=0&th=0&sc=0&rs=2247&rd=2247&fd=715&bv=24.5.6485&tmpl=136 IP172.240.108.76:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectharassmentgrowl.com FingerprintEF:3A:DF:32:71:10:91:85:74:56:59:09:21:58:8E:10:A1:16:D1:8A ValidityMon, 06 May 2024 12:54:15 GMT - Sun, 04 Aug 2024 12:54:14 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=2247&rd=2247&fd=715&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: harassmentgrowl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:52 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| gloomilysuffocate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl%2F2sj9B1NxEGBBBYZl090x6ZlyWYMxGgnGz7ioKClLdVT0pp7qrqeqanswpGJA9Dl68dr5JNq4u%2Fjl5cpXJwgoBIeNBcjA3L14UhFyVGcMGH3S%2F9%2Br7Cr73vfp4154SH5aerLyhBkJKurBYc6svvut5V6vrIrX9ar8VfBA0rlZ17%2BV2UHNfqr7Go65a8F3PdT3Xq64KzWPVX5iCENn9tldru7WGX%2FMWG%2Bjr%2F%2FbGOjDUAeudkqch2GTuoTMPEY2RJl%2BvcNPNVXblemIlzZVGjx28nXZTVaRILspYO4jTg3M2lDlefQCV7s%2FkQvUeE0MxIc6jBwjTg3ORCHt7M52hBE8Rsv%2Bj6I3B5RiCjhGpHQh2TICI4cYG0uTuDaULuvUvSqfohMyd%2FQVRTMjcr%2FNIky%2BXpehXbytpc6FSg35cQvTHEJ0xMnuIfFCBKA4R5R9BsJ%2FIwtk60mRvw0gFwcrZ7EKMIeIxJB%2BCGgd2%2BgkHNnZgMwcJO6lGnuc1XRZRt9WOojpr8jBgrkebsUc9N2jBRlN5Q%2BTZEJEcItLbyPQ2umIIbX%2BA2SxhmAOTT4jz5jZ6rETBCQpDUFCCQhAUOUHRK%2FeZNL4p7zJpbOidZ%2F8818uRyju7dF%2FlHZ4SUD2EZuVudkqemvrjPF%2Fx0eUn1Zg13DBo%2BdRd5A1K40arzfx24Hr1RZfSIIARJYSpzEYeiAl5If4WmZiQJ34kCOkhjDxEJJ4Btc%2BBFiXoZolB%2BlVCRVrrCaYGtJbyHEyVyPI55FvOrjwlz86WtLFjwKOjpT%2FX5y%2F3%2F36ESJfIdIkPxUOCjrwzuqUKsndLFYZ8s5HlIhEDOl3g7Zzm%2FNLnr%2FOtQmm2tmKG916JpsC0vP8WN%2Fk6TZlIO4Z8sSwY43pV6YiT79bMOzy8ac3mstWpzdZvvrq6lmSaGyNUOgYVx9c%2FRSQm5Mnv35%2B9zCvv%2FQahx9C2RGKPyHlAqENE2TZMdrT0x7Uuv%2FfZJRhFoOUFJ8wcFLYcaT%2B8OJSCQPKLnoYlDD9a%2Bv1aNvrl8jWE%2FLEdI02nt6kod80ddHQFNN9BmpTo6RI9WYLKIYz93yjP9NHSz%2FVZIJSVUSh1ZS%2BUWn4yM3n6szDipNqs110atBe9ZpPyZtjwW3HgMUr9RuAHAa0jN5P46tn8PwAAAP%2F%2FAQAA%2F%2F9LVTOacwQAAA%3D%3D | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1gloomilysuffocate.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl%2F2sj9B1NxEGBBBYZl090x6ZlyWYMxGgnGz7ioKClLdVT0pp7qrqeqanswpGJA9Dl68dr5JNq4u%2Fjl5cpXJwgoBIeNBcjA3L14UhFyVGcMGH3S%2F9%2Br7Cr73vfp4154SH5aerLyhBkJKurBYc6svvut5V6vrIrX9ar8VfBA0rlZ17%2BV2UHNfqr7Go65a8F3PdT3Xq64KzWPVX5iCENn9tldru7WGX%2FMWG%2Bjr%2F%2FbGOjDUAeudkqch2GTuoTMPEY2RJl%2BvcNPNVXblemIlzZVGjx28nXZTVaRILspYO4jTg3M2lDlefQCV7s%2FkQvUeE0MxIc6jBwjTg3ORCHt7M52hBE8Rsv%2Bj6I3B5RiCjhGpHQh2TICI4cYG0uTuDaULuvUvSqfohMyd%2FQVRTMjcr%2FNIky%2BXpehXbytpc6FSg35cQvTHEJ0xMnuIfFCBKA4R5R9BsJ%2FIwtk60mRvw0gFwcrZ7EKMIeIxJB%2BCGgd2%2BgkHNnZgMwcJO6lGnuc1XRZRt9WOojpr8jBgrkebsUc9N2jBRlN5Q%2BTZEJEcItLbyPQ2umIIbX%2BA2SxhmAOTT4jz5jZ6rETBCQpDUFCCQhAUOUHRK%2FeZNL4p7zJpbOidZ%2F8818uRyju7dF%2FlHZ4SUD2EZuVudkqemvrjPF%2Fx0eUn1Zg13DBo%2BdRd5A1K40arzfx24Hr1RZfSIIARJYSpzEYeiAl5If4WmZiQJ34kCOkhjDxEJJ4Btc%2BBFiXoZolB%2BlVCRVrrCaYGtJbyHEyVyPI55FvOrjwlz86WtLFjwKOjpT%2FX5y%2F3%2F36ESJfIdIkPxUOCjrwzuqUKsndLFYZ8s5HlIhEDOl3g7Zzm%2FNLnr%2FOtQmm2tmKG916JpsC0vP8WN%2Fk6TZlIO4Z8sSwY43pV6YiT79bMOzy8ac3mstWpzdZvvrq6lmSaGyNUOgYVx9c%2FRSQm5Mnv35%2B9zCvv%2FQahx9C2RGKPyHlAqENE2TZMdrT0x7Uuv%2FfZJRhFoOUFJ8wcFLYcaT%2B8OJSCQPKLnoYlDD9a%2Bv1aNvrl8jWE%2FLEdI02nt6kod80ddHQFNN9BmpTo6RI9WYLKIYz93yjP9NHSz%2FVZIJSVUSh1ZS%2BUWn4yM3n6szDipNqs110atBe9ZpPyZtjwW3HgMUr9RuAHAa0jN5P46tn8PwAAAP%2F%2FAQAA%2F%2F9LVTOacwQAAA%3D%3D IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl%2F2sj9B1NxEGBBBYZl090x6ZlyWYMxGgnGz7ioKClLdVT0pp7qrqeqanswpGJA9Dl68dr5JNq4u%2Fjl5cpXJwgoBIeNBcjA3L14UhFyVGcMGH3S%2F9%2Br7Cr73vfp4154SH5aerLyhBkJKurBYc6svvut5V6vrIrX9ar8VfBA0rlZ17%2BV2UHNfqr7Go65a8F3PdT3Xq64KzWPVX5iCENn9tldru7WGX%2FMWG%2Bjr%2F%2FbGOjDUAeudkqch2GTuoTMPEY2RJl%2BvcNPNVXblemIlzZVGjx28nXZTVaRILspYO4jTg3M2lDlefQCV7s%2FkQvUeE0MxIc6jBwjTg3ORCHt7M52hBE8Rsv%2Bj6I3B5RiCjhGpHQh2TICI4cYG0uTuDaULuvUvSqfohMyd%2FQVRTMjcr%2FNIky%2BXpehXbytpc6FSg35cQvTHEJ0xMnuIfFCBKA4R5R9BsJ%2FIwtk60mRvw0gFwcrZ7EKMIeIxJB%2BCGgd2%2BgkHNnZgMwcJO6lGnuc1XRZRt9WOojpr8jBgrkebsUc9N2jBRlN5Q%2BTZEJEcItLbyPQ2umIIbX%2BA2SxhmAOTT4jz5jZ6rETBCQpDUFCCQhAUOUHRK%2FeZNL4p7zJpbOidZ%2F8818uRyju7dF%2FlHZ4SUD2EZuVudkqemvrjPF%2Fx0eUn1Zg13DBo%2BdRd5A1K40arzfx24Hr1RZfSIIARJYSpzEYeiAl5If4WmZiQJ34kCOkhjDxEJJ4Btc%2BBFiXoZolB%2BlVCRVrrCaYGtJbyHEyVyPI55FvOrjwlz86WtLFjwKOjpT%2FX5y%2F3%2F36ESJfIdIkPxUOCjrwzuqUKsndLFYZ8s5HlIhEDOl3g7Zzm%2FNLnr%2FOtQmm2tmKG916JpsC0vP8WN%2Fk6TZlIO4Z8sSwY43pV6YiT79bMOzy8ac3mstWpzdZvvrq6lmSaGyNUOgYVx9c%2FRSQm5Mnv35%2B9zCvv%2FQahx9C2RGKPyHlAqENE2TZMdrT0x7Uuv%2FfZJRhFoOUFJ8wcFLYcaT%2B8OJSCQPKLnoYlDD9a%2Bv1aNvrl8jWE%2FLEdI02nt6kod80ddHQFNN9BmpTo6RI9WYLKIYz93yjP9NHSz%2FVZIJSVUSh1ZS%2BUWn4yM3n6szDipNqs110atBe9ZpPyZtjwW3HgMUr9RuAHAa0jN5P46tn8PwAAAP%2F%2FAQAA%2F%2F9LVTOacwQAAA%3D%3D HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d11af3cc97190b44c85250dd4e354e67
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html | 104.26.7.19 | 200 OK | 480 B |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html IP104.26.7.19:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash988cd00695890a395de736ef1f43180a fc35045adb5a0bb89e9150574db517cffb44b0c9 100f83963832c14a85c4d7095f0279b0962b83ee6323481ece9b1b2b39515036
GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6630
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7zAAOISNioTIIrgttBKPgwN8ZoOYkS41dw7qPywtyFnHP3s59bPLeUQZWtojvFUuz9kAkng2c%2B19aHQ52SBkC1A5GNHNVxevNrcJFB8u%2BTt7FBbFikitxRKFRISXDgXINO%2Fsso%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a38f321bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif | 188.114.97.1 | 200 OK | 206 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeGIF image data, version 89a, 480 x 360 Size206 kB (206291 bytes) Hash0b33face774f2203446507ce5f075538 1dd3522529bce7739df0687f47f5bc84356698a0 ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2
GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 703280
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3D32R%2BIhgrCuBteh83QdbZB3wT3D9eAK0KyRNoQjieb2pqN9js95sgwFP3Yj%2FShCSwns%2FVOu%2FFJ1yZym021yGM5q7BUsI55E1u%2BAeUdqrhmMHhwO3PsOBbDVrFol5AHGRS1XU1qeEI%2FC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a4c84f1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 | 188.114.97.1 | 206 Partial Content | 34 kB |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeISO Media, MP4 Base Media v1 [ISO 14496-12:2003] Hash69e52ff16a779d8ab66a1156cc50ab23 27f8897a2acc3bcfd319c267d137aaa4650fb3c5 2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61
GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Wed, 08 May 2024 22:00:53 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 703271
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vQBEUa0ZCmV6LvMhzC6%2Bl7kWp4yIRan1Lxq0lOGvz3%2FjzkKVgesY3EYuQpzVuWZskJOZDVpkIivRF8l%2Fl5ZxoldCExxvtRHUXbA9PC1JN0aSmqoxT68udR7s3jgak419FBzce5kVFnrW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a4d8511bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash49a38187f94418e173e4bcc50c96dc4b b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293 92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0
GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 687839
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4T7qUNZ3PbCDXop1nsW0np48lLh7Q1A6%2FDKUm6vKXXRCg9pQOXVTbIijTH9mf1QiTfHqfKMD%2FB75rpLuMP15edIayHEQ%2FgqU0%2FRVNRkc4FbAU7KkfiTaDl97zu7itjH3ZoGF6v%2FgDTs%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a4394f7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashaf19abbabe1a862a20cb0e0a3ef31c7e efcc04c4011905e4f013adae56ea928dc47ac7ef 8a72b4d48ce36805c492e3927213e1327c8d924544a595527da9955fd8916e19
GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 687839
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ef514T2HagWzedGaGrQCWU3AFEN1P8McFIkJYDTR1HE2brq28oGMoJPkFKJxhTPHbWbdVNSnWFGCsrBKk76fPdyMcZ4yQ9Rlr8qvvZGhKyJfBM4ewtRcRYcKbdO1AXVLJuwmnudYJyUH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a439547128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 57 kB |
URL GET HTTP/2videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typegzip compressed data, from Unix Hash46dd0a7954796196939e57fa6c237faf f56053d44f4a91530bdb3849d5f89b93e747dd22 0f0577d07e1108747e7956836d8997ddc0e0f23f300a8cad956f1f49000d06f0
GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-26cb6"
expires: Fri, 07 Jun 2024 21:55:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg | 188.114.97.1 | 200 OK | 575 B |
URL GET HTTP/3cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeSVG Scalable Vector Graphics image Hashb3011bde2653e373d1150594a8bbd06d e47948cdb4d6ecf6257106805e690e3bf0211317 6499ec40e3f2ac55bf1b5c9a2dbbc212adb74114645bccac0373074f98ef8a01
GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 707637
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sPT25vosAaHS%2FRmH4v5uF2Se9Qu3YBDqTi%2F72CcowH9vklCXBp5%2B8SCQ%2FxxHl9v32RsSChq06r7vS91mJYf1mBUTDKV5YrI4b1fprJb1BPat1PQeBV7a6AjQhdshMtuvovPWSFqzi9M5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a4c84c1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 28 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hashf4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0f176341f3c460809974cb5183d9234a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 08 May 2024 22:00:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OmEB6WJ73pQ3HLCHlOuVg6hGMTMVn51DYQqF9vDZpvZgprvUqYJvnzibmJmdt81Nlj88nelh9SZ5vf2ukP9bM4ZcbA10iZ0jncBZcGyVutkfuzcA%2B4Bg6Q0otYwI7EUZbAyjq0XhZ2q1a%2B7TcjzMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a02b69b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gloomilysuffocate.com/pixel/sbs?c=1 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1gloomilysuffocate.com/pixel/sbs?c=1 IP172.240.253.132:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hash60d1870096b6bcb002484f4f292dc4ee a4d1a5e94da36d168047c48adc028d53170752c5 1eb7d7a6f00ec112b4ec5f64d52db34a0eea844cc5bdf7d244492f5eafb4016c
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:00:53 GMT
date: Wed, 08 May 2024 22:00:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gloomilysuffocate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl%2F2sj9B1NxEGBBBYZl0z7%2FMuCzBmI0E42bdVRQUpLqqelJOdVdT1TU9mVMwIHscvHjtfJNsXF38c%2FLkKpOFFQJCxoPkYG5evCgIuSozhg0%2B6H7v1fcVfO979fGuOyVVOHqy8oYeSKXoQqPil198Nwiultdl4vrlfqv5QbN%2BtWx6L7ebFf%2Bl8muCdfVC1Q98P%2FCD8qo0ItL9hSkImd5vB5W2X6lXK0Gjjr75b2%2BdB0s98N4peRqST%2BYeevOQbIwk%2FnpF2G6m0yvXY6dopg16%2FODtpJvoPEF8UUbGQ5QcnLOh7fHqA%2BhkfyYXuveYGMoJ8R49QJgcnItE2Nub6QwVRIKQ%2Fx95bwyhxpB0DKZ3IPkxARjHjQ0k8d0b2uR061%2BUTtEJmTv7CzKfkLlf55HEXy4r2S%2Ff1splUicW%2FaiA7I8hO2Ok7hDZoASZH4JlH0Hyn8jC2TqSeG%2FDKg3Ji9nsUo4hozGUGIJaD276SQ8u8uBSDzE%2FKbMgCBZ9zqjfajNW44sibHI%2FoItRQAO%2F2YJjU3lDZOkQTA3BzDZSs42uHMK4H2A3C1juwWYT4r25jR4vkAuC3BLklCCXBHlGkPeKfa5s1RZ3ubIuDM5z9TzXipHOOrt0X2cdkRBQM4ThxW56Sp6a%2BuM9X6qiK07KEa%2F7YbNVpX5D1CmN6q02r7abflBr%2BJQ2m7CygLSl2cgDOSEvRN8ilRPyxI8EIT2EVYdg8hlQ9xxoXoBuFhgkX8VUJpWe5HpAK4nIwHWBNJtDtuXtqlPy7GxJGzsWgh0t%2Fbk%2Bf7n%2F9yMwUyA1BT6UDwk66s7ols7J3i2dW%2FLNRprJWA7odIG3M5qJS5%2B%2FLrZybfjaih3ee4VNgWl5%2Fy1hs3WacJl0LPliWXIuzKo2TJDv1uw7Irzp7OayM4lL12%2B%2BuroWp0ZYK3UyBpXH1z8FkxPy5Pfvz17mlfd%2BgzRjGFcgdkfkPCD1IVi6DZseLf1xrSvufXYJVhMYdcEJUw%2B5K0amGl4cKkmgxEVPwwJWHC39fi0d%2FXL5GkLx2I6RodPbVBa79g46pgSa7SCJC%2FRMgZ4qQNUQ1v1vlKXmaOnn2iwQqtIoVKa0FyqjPpmZPP05WHlSrvl8MRSRWAxFvVGPBONhoxH6LGJhjbdaDJmdRFfP5v8BAAD%2F%2FwEAAP%2F%2Fy4HmcnMEAAA%3D | 192.243.61.225 | 200 OK | 7 B |
URL GET HTTP/1.1gloomilysuffocate.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl%2F2sj9B1NxEGBBBYZl0z7%2FMuCzBmI0E42bdVRQUpLqqelJOdVdT1TU9mVMwIHscvHjtfJNsXF38c%2FLkKpOFFQJCxoPkYG5evCgIuSozhg0%2B6H7v1fcVfO979fGuOyVVOHqy8oYeSKXoQqPil198Nwiultdl4vrlfqv5QbN%2BtWx6L7ebFf%2Bl8muCdfVC1Q98P%2FCD8qo0ItL9hSkImd5vB5W2X6lXK0Gjjr75b2%2BdB0s98N4peRqST%2BYeevOQbIwk%2FnpF2G6m0yvXY6dopg16%2FODtpJvoPEF8UUbGQ5QcnLOh7fHqA%2BhkfyYXuveYGMoJ8R49QJgcnItE2Nub6QwVRIKQ%2Fx95bwyhxpB0DKZ3IPkxARjHjQ0k8d0b2uR061%2BUTtEJmTv7CzKfkLlf55HEXy4r2S%2Ff1splUicW%2FaiA7I8hO2Ok7hDZoASZH4JlH0Hyn8jC2TqSeG%2FDKg3Ji9nsUo4hozGUGIJaD276SQ8u8uBSDzE%2FKbMgCBZ9zqjfajNW44sibHI%2FoItRQAO%2F2YJjU3lDZOkQTA3BzDZSs42uHMK4H2A3C1juwWYT4r25jR4vkAuC3BLklCCXBHlGkPeKfa5s1RZ3ubIuDM5z9TzXipHOOrt0X2cdkRBQM4ThxW56Sp6a%2BuM9X6qiK07KEa%2F7YbNVpX5D1CmN6q02r7abflBr%2BJQ2m7CygLSl2cgDOSEvRN8ilRPyxI8EIT2EVYdg8hlQ9xxoXoBuFhgkX8VUJpWe5HpAK4nIwHWBNJtDtuXtqlPy7GxJGzsWgh0t%2Fbk%2Bf7n%2F9yMwUyA1BT6UDwk66s7ols7J3i2dW%2FLNRprJWA7odIG3M5qJS5%2B%2FLrZybfjaih3ee4VNgWl5%2Fy1hs3WacJl0LPliWXIuzKo2TJDv1uw7Irzp7OayM4lL12%2B%2BuroWp0ZYK3UyBpXH1z8FkxPy5Pfvz17mlfd%2BgzRjGFcgdkfkPCD1IVi6DZseLf1xrSvufXYJVhMYdcEJUw%2B5K0amGl4cKkmgxEVPwwJWHC39fi0d%2FXL5GkLx2I6RodPbVBa79g46pgSa7SCJC%2FRMgZ4qQNUQ1v1vlKXmaOnn2iwQqtIoVKa0FyqjPpmZPP05WHlSrvl8MRSRWAxFvVGPBONhoxH6LGJhjbdaDJmdRFfP5v8BAAD%2F%2FwEAAP%2F%2Fy4HmcnMEAAA%3D IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReunl%2F2sj9B1NxEGBBBYZl0z7%2FMuCzBmI0E42bdVRQUpLqqelJOdVdT1TU9mVMwIHscvHjtfJNsXF38c%2FLkKpOFFQJCxoPkYG5evCgIuSozhg0%2B6H7v1fcVfO979fGuOyVVOHqy8oYeSKXoQqPil198Nwiultdl4vrlfqv5QbN%2BtWx6L7ebFf%2Bl8muCdfVC1Q98P%2FCD8qo0ItL9hSkImd5vB5W2X6lXK0Gjjr75b2%2BdB0s98N4peRqST%2BYeevOQbIwk%2FnpF2G6m0yvXY6dopg16%2FODtpJvoPEF8UUbGQ5QcnLOh7fHqA%2BhkfyYXuveYGMoJ8R49QJgcnItE2Nub6QwVRIKQ%2Fx95bwyhxpB0DKZ3IPkxARjHjQ0k8d0b2uR061%2BUTtEJmTv7CzKfkLlf55HEXy4r2S%2Ff1splUicW%2FaiA7I8hO2Ok7hDZoASZH4JlH0Hyn8jC2TqSeG%2FDKg3Ji9nsUo4hozGUGIJaD276SQ8u8uBSDzE%2FKbMgCBZ9zqjfajNW44sibHI%2FoItRQAO%2F2YJjU3lDZOkQTA3BzDZSs42uHMK4H2A3C1juwWYT4r25jR4vkAuC3BLklCCXBHlGkPeKfa5s1RZ3ubIuDM5z9TzXipHOOrt0X2cdkRBQM4ThxW56Sp6a%2BuM9X6qiK07KEa%2F7YbNVpX5D1CmN6q02r7abflBr%2BJQ2m7CygLSl2cgDOSEvRN8ilRPyxI8EIT2EVYdg8hlQ9xxoXoBuFhgkX8VUJpWe5HpAK4nIwHWBNJtDtuXtqlPy7GxJGzsWgh0t%2Fbk%2Bf7n%2F9yMwUyA1BT6UDwk66s7ols7J3i2dW%2FLNRprJWA7odIG3M5qJS5%2B%2FLrZybfjaih3ee4VNgWl5%2Fy1hs3WacJl0LPliWXIuzKo2TJDv1uw7Irzp7OayM4lL12%2B%2BuroWp0ZYK3UyBpXH1z8FkxPy5Pfvz17mlfd%2BgzRjGFcgdkfkPCD1IVi6DZseLf1xrSvufXYJVhMYdcEJUw%2B5K0amGl4cKkmgxEVPwwJWHC39fi0d%2FXL5GkLx2I6RodPbVBa79g46pgSa7SCJC%2FRMgZ4qQNUQ1v1vlKXmaOnn2iwQqtIoVKa0FyqjPpmZPP05WHlSrvl8MRSRWAxFvVGPBONhoxH6LGJhjbdaDJmdRFfP5v8BAAD%2F%2FwEAAP%2F%2Fy4HmcnMEAAA%3D HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 488e44177613cf95dc21a6315e0d1ab9
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 390736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 590753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 111 kB |
URL GET HTTP/2videzz.net/css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeASCII text, with very long lines (63495) Size111 kB (111248 bytes) Hashffba0e4b3edaa1a4c6bc7ef04bcf0ba9 3507ae56cc30b273cf17d0cf4de234dafa4db0eb 57291457f6bd1dc724ab0cc7d5d9def8fceafc52263d72d0b3f6c6ae2dd8286c
GET /css/embed.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-96f9f"
expires: Fri, 07 Jun 2024 21:57:19 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/whatsapp.js | 172.67.39.148 | 200 OK | 966 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/whatsapp.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1108), with no line terminators Hash0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb
GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSU96ixWaD28Nb8I9Aj5jZKa%2BNYvW5VNkLrER1jYJS3ugzz7lGmzEIqiV3kXv434fWEdsYyUJ20xzAKnVVSufqyGQTOoBYND5UVCAwOpt8%2F%2B06wSA2ntzjWDOs%2FtjtYxzfNBdlx7"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7720
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee685689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| static.addtoany.com/menu/locale/ru.js | 172.67.39.148 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/locale/ru.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (2130), with no line terminators Hashc0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397
GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Pns6TtwvXJrabXBg5qD34U9tGeMGrEdyUXo1Ifn5UQb5j%2FCb0kNzo4kU4t%2BwBPaHA8Py5yVUYqQOtvtjiUJeOTkgqF2%2B8WrkfDd3KIvQdWwPMR2W2eJHhLs1mdCyT2pxQI6S5LuakxUHp8hEEzVcw4J"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6100
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee565689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.xmlking.com Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=954953136.1715205653>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1853573858 | 142.250.74.163 | 200 OK | 42 B |
URL GET HTTP/2www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=954953136.1715205653>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1853573858 IP142.250.74.163:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.google.no Fingerprint7D:68:6D:B1:32:34:52:51:20:C9:53:FF:B9:B7:8F:7E:05:F9:F5:97 ValidityTue, 16 Apr 2024 04:31:00 GMT - Tue, 09 Jul 2024 04:30:59 GMT
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=954953136.1715205653>m=45je4510v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1853573858 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 22:00:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:54 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js | 104.17.24.14 | 200 OK | 5.1 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP104.17.24.14:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (17660) Hash12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 20571
expires: Mon, 28 Apr 2025 22:00:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3WKAtcjCV%2FgfEPmetT8oCPf6yFn3RiogqUgFf8Lspu2UTRh%2BZ8RsuxDmvvtlvFhkCd0Ypz0KGAYtfIxohVF8m%2FqloWj3IKstFkLuvTT7swtyVB%2BZQnsBOtWDmq6PQuPcqwjHhquR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 880cb9aafaf7b4ff-OSL
alt-svc: h3=":443"; ma=86400
|
|
| mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJseGdyOXMxaTJ3aWtseDhpZXFjYnFjIn0sImV4dCI6eyJkdCI6MTcxNTIwNTY1NDE5Mn19 | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJseGdyOXMxaTJ3aWtseDhpZXFjYnFjIn0sImV4dCI6eyJkdCI6MTcxNTIwNTY1NDE5Mn19 IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI3NjEwODI0NjUiLCJzc3AiOjM3NTgsInNwb3RfaWQiOjU2MDI1NCwicmNoYW5nZSI6ZmFsc2V9fV0sInNpdGUiOnsiaWQiOiI1NjAyNTQiLCJwYWdlIjoiaHR0cHM6Ly9iaWQuYmlkY2xpY2ttZWRpYS5jb20vIiwiY2F0IjpbIklBQjI1Il19LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiJseGdyOXMxaTJ3aWtseDhpZXFjYnFjIn0sImV4dCI6eyJkdCI6MTcxNTIwNTY1NDE5Mn19 HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://meetbenjen.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 08 May 2024 22:00:54 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://mcpuwpsh.com/popunder/in/click/?mid=4138963515779581237&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=1976c40cbdfa6a920d7027dd390d9ca1&score=318.4499109129837&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D318.4499109129837%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids=
X-Firefox-Spdy: h2
|
|
| mcpuwpsh.com/popunder/in/click/?mid=4138963515779581237&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=1976c40cbdfa6a920d7027dd390d9ca1&score=318.4499109129837&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D318.4499109129837%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= | 94.130.197.240 | 302 Found | 0 B |
URL GET HTTP/2mcpuwpsh.com/popunder/in/click/?mid=4138963515779581237&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=1976c40cbdfa6a920d7027dd390d9ca1&score=318.4499109129837&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D318.4499109129837%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= IP94.130.197.240:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectpuwpush.com Fingerprint60:3D:AE:BF:9C:57:C3:AF:D6:50:E5:93:92:FB:E9:F2:F8:E6:E1:92 ValidityWed, 01 May 2024 01:51:05 GMT - Tue, 30 Jul 2024 01:51:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder/in/click/?mid=4138963515779581237&pid=0&site=560254&sc=NO&usage_type=DCH&subid=761082465&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=bid.bidclickmedia.com&hostname=auc-popunder-hz-1&site_id=0&spot_id=560254&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=0&resp_type=&iabcat=IAB25&min_cpm=0.1224&placement_type_id=7&skin_test=&verify_hash=1976c40cbdfa6a920d7027dd390d9ca1&score=318.4499109129837&durl=&ml=&tag_ab=&original_bid=0&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=false&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.1224&url=https%3A%2F%2Fpopdemission.com%2Fin%2F849%2F%3Fsource%3D761082465%26site_id%3D560254%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26idzone%3D0%26spot_id%3D560254%26mo%3D%26ve%3D%26ad_tags%3D%26p%3Dhttps%253A%252F%252Fbid.bidclickmedia.com%252F%26sid%3D1095%26katds_labels%3D%26is_iframe%3D1%26btype%3D0%26score%3D318.4499109129837%26bf%3D0.1224%26iabcat%3DIAB25%26allowed_labels%3D&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=&scroll_percent=0&empty_clicks=0&aid=0&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Oslo&offer_label_ids= HTTP/1.1
Host: mcpuwpsh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx/1.16.0
date: Wed, 08 May 2024 22:00:54 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=318.4499109129837&bf=0.1224&iabcat=IAB25&allowed_labels=
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=008056981a644e26ef5bfb4f674782a5 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=008056981a644e26ef5bfb4f674782a5 IP139.45.195.8:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash0d956f2749197a2bcce18ce7799ce9f2 7b11ee42a35ca4da9c7614861f97c2572b666c60 02d644416e98d1beb91b9394a5f5e0f3f9b75dbcea541abf55b76857f16cb723
GET /gid.js?userId=008056981a644e26ef5bfb4f674782a5 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=008056981a644e26ef5bfb4f674782a5; expires=Thu, 08 May 2025 22:00:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=318.4499109129837&bf=0.1224&iabcat=IAB25&allowed_labels= | 109.206.175.252 | 302 Found | 0 B |
URL GET HTTP/2popdemission.com/in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=318.4499109129837&bf=0.1224&iabcat=IAB25&allowed_labels= IP109.206.175.252:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectpopdemission.com FingerprintD2:C5:8F:9C:4B:C4:3C:66:E6:4D:95:14:61:37:A5:21:1E:9C:9A:BE ValidityWed, 20 Mar 2024 12:58:57 GMT - Tue, 18 Jun 2024 12:58:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/849/?source=761082465&site_id=560254&utm1=&utm2=&utm3=&utm4=&idzone=0&spot_id=560254&mo=&ve=&ad_tags=&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&sid=1095&katds_labels=&is_iframe=1&btype=0&score=318.4499109129837&bf=0.1224&iabcat=IAB25&allowed_labels= HTTP/1.1
Host: popdemission.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.20.1
date: Wed, 08 May 2024 22:00:54 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: *
set-cookie: 849.0=1; expires=Thu, 09 May 2024 22:00:54 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| unseenreport.com/pxf.gif?uuid=04c1b1b9-380c-43e3-af2c-af288c37dc21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=04c1b1b9-380c-43e3-af2c-af288c37dc21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=04c1b1b9-380c-43e3-af2c-af288c37dc21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 08 May 2024 22:00:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 52b71319cdce064ccc04b02b9671af0d
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=04c1b1b9-380c-43e3-af2c-af288c37dc21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 | 192.243.59.20 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=04c1b1b9-380c-43e3-af2c-af288c37dc21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=04c1b1b9-380c-43e3-af2c-af288c37dc21&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 08 May 2024 22:00:54 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 831c7c15a634c8d7789873ae7e7b46e1
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| porn13.com/thumbs/AA/6K/4T.jpg | 104.21.93.203 | 200 OK | 14 kB |
URL GET HTTP/2porn13.com/thumbs/AA/6K/4T.jpg IP104.21.93.203:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectporn13.com Fingerprint58:FC:38:73:36:76:B0:01:FD:A4:8D:7A:C1:D7:76:23:7F:55:F6:2A ValidityMon, 11 Mar 2024 02:37:58 GMT - Sun, 09 Jun 2024 02:37:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, baseline, precision 8, 352x198, components 3 Hashe85c815923f65217ec3785ece53e0991 e7125f0faaa56fa1b3d0866342a2afffc21400fb 450e3efbceea8ec96967ee06b798e178247fbae7fb240cca036622817dc085f1
GET /thumbs/AA/6K/4T.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: image/jpeg
content-length: 13465
last-modified: Wed, 08 May 2024 10:08:24 GMT
etag: "663b4f18-3499"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 34537
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUbUsToxoezUAPe3lbN%2BZQx34PsfmnpksWfpwK35MJv4f1wxPCAAa%2FJuHQdSaWkZs67EYz6LNXBkfM73Weu3Uutb%2BWaqt5jNpWx%2FLbsYXPjM781WYZy6Vn4FD5nq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b1fb64b521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tzegilo.com/stattag.js | 104.21.11.245 | 200 OK | 34 kB |
IP104.21.11.245:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjecttzegilo.com Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1 ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT
File typeJavaScript source, ASCII text, with very long lines (18486) Hash70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Xv01UYi72VNh8C1nbJZOV1NF7KcpBHcNqO9%2Fj44cdvPgh80Nr7QQRhkE9LCdazveB%2FKvneuLZ1mphRcREx3as46AQya7vrZS0iOUWqQQulOyvVcFJoxE63KhDMesQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b0988c568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 | 216.58.207.227 | 200 OK | 20 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 IP216.58.207.227:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20184, version 1.0 Hashba1468afe6464dd5ba1045e836d0fea6 6416dc6d3ede1919e42601c141e043f7fe9d0b98 da4fd6c8ccb6ff2b84c95606bb983392c766558ef6232e9bf23027d5979618aa
GET /s/montserratalternates/v17/mFTiWacfw6zH4dthXcyms1lPpC8I_b0juU0xGITFB7xG.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://topsites.hadesex.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 02:03:56 GMT
expires: Fri, 02 May 2025 02:03:56 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:46:41 GMT
content-type: font/woff2
age: 590219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| hadesex.com/thumbs/AA/5n/k1.jpg | 172.67.156.49 | 200 OK | 33 kB |
URL GET HTTP/3hadesex.com/thumbs/AA/5n/k1.jpg IP172.67.156.49:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash1cd11f9aa2bf866b40bd400ebd619d25 ff28b6c6de251812d9cfa4b5cc9a084613a23485 3953372a397118518dd31899c0f55b6bbba84ccd212e4bfe873ebde39d1ef956
GET /thumbs/AA/5n/k1.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: image/jpeg
content-length: 33355
last-modified: Wed, 10 Apr 2024 12:27:53 GMT
etag: "661685c9-824b"
expires: Thu, 30 May 2024 16:17:48 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 711786
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDdJV%2F0THgqjcS13WBjqzFcg5uLlN1NfdjKBU1Dn7gXUTHy3GEIFbSvmbYQBCMBejIUttTkhVVB41Nvx%2BALq7WF6hcSosWQNEvCplvH7qSOn4r1%2FQmIQ%2FOQ90CNE7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b48b2d712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| hadesex.com/thumbs/AA/_5/Gj.jpg | 172.67.156.49 | 200 OK | 48 kB |
URL GET HTTP/3hadesex.com/thumbs/AA/_5/Gj.jpg IP172.67.156.49:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash44e02a4f688131319ccb7b0ad964ae56 f48872be7138da2a44d142a4ba91313531664422 e70f5116c41af3565662b778a343ff1e0ec5a1ff9895d33e77e16dfeb12fcae4
GET /thumbs/AA/_5/Gj.jpg HTTP/1.1
Host: hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: image/jpeg
content-length: 47887
last-modified: Wed, 08 May 2024 01:15:33 GMT
etag: "663ad235-bb0f"
expires: Fri, 07 Jun 2024 12:25:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 34544
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwTMXiHvRhk%2BizPc57Js%2FwA4Hw7xNYRFy29bsNB9c7zKeSDIilfZYGtRRYlO8uPIhrpr6C0wmD3vu4JPRizup6y8xRpSQUgsFHuauGuMASJ%2BSTZ6iNnFXOu3Yjz3qg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b54c5c712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| happy-granny.com/thumbs/AA/Tk/c0.jpg | 104.21.1.18 | 200 OK | 99 kB |
URL GET HTTP/2happy-granny.com/thumbs/AA/Tk/c0.jpg IP104.21.1.18:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthappy-granny.com Fingerprint20:1E:A8:F5:1D:E7:E4:0D:AE:D2:C4:CF:B8:6C:B0:F1:83:C4:4E:D5 ValiditySun, 31 Mar 2024 12:31:02 GMT - Sat, 29 Jun 2024 12:31:01 GMT
File typeJPEG image data, baseline, precision 8, 1200x676, components 3 Hashbe24d1947adbaf7a428e41b9606fd6e5 dbc807932e706c48103ff0660b00b2fc3263b4ec 8d02996a4d94705925063fb01c190be9eab75dacb3a6f70c56983ac7d5055dae
GET /thumbs/AA/Tk/c0.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 98755
last-modified: Tue, 30 Jan 2024 14:40:14 GMT
etag: "65b90a4e-181c3"
expires: Thu, 30 May 2024 20:11:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGGLJf8IjHydLoI4ewFs8lKDvwYBQbrRr3urtJUGooSTtYgPs3GnL%2BN3bM96ov1awT%2BUKYcLbE9sy8sj7wchPa%2BX4zzuxt3Nm6pQw8aPT1jS8zPRA9Uqjl6K0OQskSp4be4t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b64a515694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| happy-granny.com/thumbs/AA/g3/7k.jpg | 104.21.1.18 | 200 OK | 62 kB |
URL GET HTTP/2happy-granny.com/thumbs/AA/g3/7k.jpg IP104.21.1.18:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthappy-granny.com Fingerprint20:1E:A8:F5:1D:E7:E4:0D:AE:D2:C4:CF:B8:6C:B0:F1:83:C4:4E:D5 ValiditySun, 31 Mar 2024 12:31:02 GMT - Sat, 29 Jun 2024 12:31:01 GMT
File typeJPEG image data, baseline, precision 8, 1188x668, components 3 Hashbbb99d3ff11fe9232e6e2625dd9dfe09 b02588e6e59f86b03c3942829a5729a3ed34376d 625a0cdf0fd7515101d9fb5e8525cad9f4ddfbf9bde19fd06645c548e52c6766
GET /thumbs/AA/g3/7k.jpg HTTP/1.1
Host: happy-granny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 61510
last-modified: Tue, 30 Jan 2024 14:35:43 GMT
etag: "65b9093f-f046"
expires: Thu, 30 May 2024 18:38:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BwkgZ0qrzJGKv2Hnydqn4%2F6wUApeh%2Bfzz2SfVfSrH%2BrpwR9PpJPws6hRf392PlprsBI%2F4j7Xl60sAm6zQyyaglm4AUOoEbkA7eLo3zcliALwgaFPz0aaNQxGLay%2BpvCUFJY5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b64a505694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/wZ/JV.jpg | 172.67.188.32 | 200 OK | 16 kB |
URL GET HTTP/2groupsexxx.com/thumbs/AA/wZ/JV.jpg IP172.67.188.32:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectgroupsexxx.com Fingerprint3D:F2:9E:9A:ED:02:18:E8:4A:97:BE:DD:89:57:F4:E1:70:54:41:63 ValidityWed, 08 May 2024 17:25:29 GMT - Tue, 06 Aug 2024 17:25:28 GMT
File typeJPEG image data, baseline, precision 8, 320x240, components 3 Hash283548b2320f7c775271c12665263c2c 470275e5a9f98dba7a6543b705c18e5b56638edb 62aa69abefab21ae29333cb3458a9ea29dbdc77e36de8cfa3ef70193f76105ea
GET /thumbs/AA/wZ/JV.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 15892
last-modified: Sun, 10 Mar 2024 17:08:17 GMT
etag: "65ede901-3e14"
expires: Thu, 30 May 2024 20:11:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697751
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Qr9TR%2BaOrdKta3G9ByIym9D6wo18pAbQlBPHfae5VQnv3nRjBqrht5SC8%2F05D%2B0S5JuWhLQEqYMMmfC59YHWCGgnA3%2FJx31WnLER2J%2FEKA5R%2FJUyoVqDhZ9gQl63cnsMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b6485db505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/84/fw.jpg | 104.21.22.222 | 200 OK | 76 kB |
URL GET HTTP/2handjobxxx.com/thumbs/AA/84/fw.jpg IP104.21.22.222:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthandjobxxx.com Fingerprint42:06:24:85:F5:26:53:B1:1D:86:60:CF:2F:B9:62:63:4C:29:5C:A5 ValidityWed, 08 May 2024 17:19:55 GMT - Tue, 06 Aug 2024 17:19:54 GMT
File typeJPEG image data, baseline, precision 8, 852x480, components 3 Hashe24333147cb38228cc92097285e442b1 69c32adccddedfbe5652705090a911ac15e09538 9faedf01a7863fe21a3b95bde2ce2e73ef8db6c13d48cbeb6a6b426fa95bf93b
GET /thumbs/AA/84/fw.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 76159
last-modified: Mon, 18 Mar 2024 17:58:16 GMT
etag: "65f880b8-1297f"
expires: Thu, 30 May 2024 17:26:34 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 707662
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVnSzPI5mMC0S6JpCdnMURokZSw7nuW3JDtdsrcKum5CGdT6KO8ToF4k3RcVlyGiqg6i6mczvxdTFLmQ3YZ4VgK5pMrx2aw%2F7UJ6jpuTbBrT9c6LPHG8A6alSoYmH5YfEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b64d1b56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| myretrocollection.com/thumbs/AA/NA/Zm.jpg | 104.21.18.7 | 200 OK | 76 kB |
URL GET HTTP/2myretrocollection.com/thumbs/AA/NA/Zm.jpg IP104.21.18.7:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectmyretrocollection.com Fingerprint52:DB:0F:89:F7:CB:43:2F:55:9B:17:6F:47:C2:87:6F:12:A9:7C:A9 ValidityWed, 08 May 2024 07:33:45 GMT - Tue, 06 Aug 2024 07:33:44 GMT
File typeJPEG image data, baseline, precision 8, 1058x450, components 3 Hashd3dcf3026892e9d09e05dfc80a9318a7 8437224a391618d03d6882a9839c37f880c22bac 11e754a2031d93f77c3e1d1400a763e15c69f739f4f584f2e37db3cf99ead39b
GET /thumbs/AA/NA/Zm.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 75467
last-modified: Sun, 17 Dec 2023 15:15:36 GMT
etag: "657f1098-126cb"
expires: Thu, 30 May 2024 16:17:57 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 711778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hZ1nKm1YIIAsTTc0DDIrJXLLHjJnlYI07DAemQ%2BYpjtHHe2bWnCpSJoXpWcOvD4wNqcJzv21hNHdsTtc5RSPb6HMtTMUUeWvnq7GaB96nwfMv%2BXEpiIpJE2RZaVkmg%2F3v4vewtEvVDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b79c52b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/17/LH.jpg | 172.67.195.214 | 200 OK | 178 kB |
URL GET HTTP/2lovefootjob.com/thumbs/AA/17/LH.jpg IP172.67.195.214:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectlovefootjob.com Fingerprint6A:CE:FD:27:C8:DA:CF:1B:E2:B4:D3:FB:96:8E:5E:C1:DC:F9:6B:83 ValidityWed, 24 Apr 2024 18:50:36 GMT - Tue, 23 Jul 2024 18:50:35 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 852x480, components 3 Size178 kB (178203 bytes) Hashc1b5eeca4725f5c0ed8ca6a82097a0de 424b70e2c133449badacf11b32b3e4a145c69137 5ba32bf15cbe9cbb2bd8c99b35314073ca6ca5ba38f3882467f275c677ac7469
GET /thumbs/AA/17/LH.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 178203
last-modified: Mon, 09 May 2016 00:25:07 GMT
etag: "572fd8e3-2b81b"
expires: Thu, 30 May 2024 20:11:48 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkBUdnxm1FNs8yHfmmc9WhGFcNbpKMi%2BMWp85cQYO96%2BtnzX17zkYutUCH%2FGftzD7Xw%2BeC6ykz29yli65aoVSyhE9FXjETRfBmWlcoAsSwNF5gFetX1q8oh7Y%2B9rA9N3ys0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b79a9156c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/ax/ge.jpg | 104.21.17.65 | 200 OK | 170 kB |
URL GET HTTP/2voyeurix.com/thumbs/AA/ax/ge.jpg IP104.21.17.65:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectvoyeurix.com Fingerprint7E:24:A8:31:90:36:2C:3F:6E:51:A5:42:E9:5A:22:D1:06:E6:EE:C8 ValidityMon, 22 Apr 2024 10:24:14 GMT - Sun, 21 Jul 2024 10:24:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3 Size170 kB (169814 bytes) Hash9e76c1a94e94b4c30a32c7781a159a7f 071b7c8123bc9f05653d750b7a2a69489a7b65ed b9a592ea6bd05a5b1bfaa8a6f034c34652081b147676c00c43dd7c1e311b017c
GET /thumbs/AA/ax/ge.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 169814
last-modified: Wed, 28 Feb 2024 16:00:58 GMT
etag: "65df58ba-29756"
expires: Thu, 30 May 2024 17:26:35 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 707661
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSTLhIlH80ImuR9g3ZtY25u6%2BKkNlS%2F0AI10eHafd3C68OsNrEBG1mwf1jsjJRHhZdKi%2B2b%2FF9dco668goK4yt6ryEIz7nh%2BVa6Ky9LHW%2Bh0M5Lawj1OMR6B%2BYO61A4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b7983f7127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| javsecrets.com/thumbs/AA/Ba/8e.jpg | 104.21.63.231 | 200 OK | 12 kB |
URL GET HTTP/2javsecrets.com/thumbs/AA/Ba/8e.jpg IP104.21.63.231:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectjavsecrets.com FingerprintFE:9D:63:71:A7:6A:42:40:5D:EA:08:5C:AC:B3:0A:04:A6:42:F5:21 ValiditySun, 31 Mar 2024 20:26:38 GMT - Sat, 29 Jun 2024 20:26:37 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 244x180, components 3 Hashe51c90807001463b0e59b1e18077025f ef19aa016744951ea5575307154d280c1f010f82 87d5b3bbe857baf6850c6ed1ecf007fcd7d3cba3a6c6cd09981f27b7f43c4568
GET /thumbs/AA/Ba/8e.jpg HTTP/1.1
Host: javsecrets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 11729
last-modified: Fri, 03 May 2024 03:58:00 GMT
etag: "663460c8-2dd1"
expires: Sun, 02 Jun 2024 12:25:29 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 466527
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49B8%2F9t1V8itCuprkG7aFjgfETcHhnkPomfkOETVeSp1SM5faUS37%2FdDRoStbSBt3OvXQUHPKUzjRC8Sip%2FFtr%2FcoYE6Nwq7U4SrPhSsdhZrgFxRN1upR7%2BYDKNm56i5KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b7994f1bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=55232d50-9bdf-40dd-8cea-66cad5ac2619 | 139.45.195.254 | 200 OK | 12 B |
URL POST HTTP/1.1fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=55232d50-9bdf-40dd-8cea-66cad5ac2619 IP139.45.195.254:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subjectfleraprt.com Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=55232d50-9bdf-40dd-8cea-66cad5ac2619 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1402
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 08 May 2024 22:00:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| jbdsm.com/thumbs/AA/J4/kD.jpg | 104.21.58.198 | 200 OK | 11 kB |
URL GET HTTP/2jbdsm.com/thumbs/AA/J4/kD.jpg IP104.21.58.198:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectjbdsm.com Fingerprint2B:BB:8E:8C:56:78:E5:1A:BC:92:22:23:75:89:BE:12:41:04:F2:82 ValiditySun, 17 Mar 2024 12:36:04 GMT - Sat, 15 Jun 2024 12:36:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashd1c236a88a90d584365a37eee016f3e6 ac1eeb778c5b7c96ca7807650631809f9c96393c a4702bcc23581209b6745299ab14cadb3ca2128858b371be1d05ee2354c69a23
GET /thumbs/AA/J4/kD.jpg HTTP/1.1
Host: jbdsm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 10940
last-modified: Sun, 13 Aug 2023 14:36:54 GMT
etag: "64d8ea86-2abc"
expires: Thu, 06 Jun 2024 12:25:11 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 120945
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zhUmKeQ92mT%2FOEKEUodWVk5I%2F5dO3PJe0ggzOpT5f1vLv6fzaLEaNcSAXSwX0Zg1Cc8sVTzn4OLooXrBXcy7vqILc9N0%2BCMFVvOqT5%2BeYqZu2hFo%2BLy04MY0%2F0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b86af3b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| milftop.com/thumbs/AA/yT/gR.jpg | 172.67.223.161 | 200 OK | 16 kB |
URL GET HTTP/2milftop.com/thumbs/AA/yT/gR.jpg IP172.67.223.161:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectmilftop.com FingerprintA4:9A:04:BF:1D:C0:FD:E9:3C:3C:63:C2:E1:B4:D0:B2:7D:C6:81:1C ValidityWed, 08 May 2024 19:41:59 GMT - Tue, 06 Aug 2024 19:41:58 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashdaba344f4e43d219bd8b4c896f7fc1e9 8b465d06177963962448840a20498229ffc53579 f238d24113700267507fba3067375063afb493d3d1f64aa19d34c773d3ddb40c
GET /thumbs/AA/yT/gR.jpg HTTP/1.1
Host: milftop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 15799
last-modified: Thu, 08 Feb 2024 15:16:28 GMT
etag: "65c4f04c-3db7"
expires: Fri, 07 Jun 2024 12:25:08 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 34548
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5EWe2j%2BK4ubJqad2leDosV61IBDHme%2FG4SEtws87VuOitmt1Bvh8ns3i0DzstfyEh5eOojD8gWxV0GmLZRNoyCVGFxiBZ0uGjnhFxjoVDIC4z8KxOyEJDKP7AsXjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b86d09b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| jbdsm.com/thumbs/AA/xI/rv.jpg | 104.21.58.198 | 200 OK | 13 kB |
URL GET HTTP/2jbdsm.com/thumbs/AA/xI/rv.jpg IP104.21.58.198:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectjbdsm.com Fingerprint2B:BB:8E:8C:56:78:E5:1A:BC:92:22:23:75:89:BE:12:41:04:F2:82 ValiditySun, 17 Mar 2024 12:36:04 GMT - Sat, 15 Jun 2024 12:36:03 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash00c7e6be70990ce115998430a7a76315 fed144e78e7729914855c6a9e8b80007b0a87101 113f2437b4f6a552dde98820eb5c3744bb34344195a90893edab3f753bfb04fa
GET /thumbs/AA/xI/rv.jpg HTTP/1.1
Host: jbdsm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 12877
last-modified: Fri, 02 Feb 2024 17:49:34 GMT
etag: "65bd2b2e-324d"
expires: Fri, 07 Jun 2024 00:25:37 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 77719
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E8c1eYxN0Mwd4G4UhT%2BuQAbcl6Q%2B6568JYWiqjuCQsKIJMJnIyAiMI0H2Y6pelcfF5DyoTiKrlRQJUC19CrAvvkat94o6UDem5YBV49ma9NbY18dSKlxp%2FopyUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b87b01b509-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| groupsexxx.com/thumbs/AA/Fp/LQ.jpg | 172.67.188.32 | 200 OK | 299 kB |
URL GET HTTP/2groupsexxx.com/thumbs/AA/Fp/LQ.jpg IP172.67.188.32:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectgroupsexxx.com Fingerprint3D:F2:9E:9A:ED:02:18:E8:4A:97:BE:DD:89:57:F4:E1:70:54:41:63 ValidityWed, 08 May 2024 17:25:29 GMT - Tue, 06 Aug 2024 17:25:28 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size299 kB (299241 bytes) Hashbfef495de2a253234039f69a0b5d433a 38a4db2a3d7259b1b068ba8e978acfb29b37f7b0 20decf461c72462f775c094d5ac989a5af760278aa58d70ca76455b59fab5e23
GET /thumbs/AA/Fp/LQ.jpg HTTP/1.1
Host: groupsexxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 299241
last-modified: Sat, 16 Mar 2024 17:10:03 GMT
etag: "65f5d26b-490e9"
expires: Thu, 30 May 2024 20:11:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697745
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoVU%2F5sisuKy7Lgar3r8jUrkqofg5ARIWn%2Bx8bXDHVKberU1Bh%2BJY7qBY0laOJ1nQ%2B5HGRGvWDxo%2Bpp%2B9WSCHY2epQ8cSMgtqzpJrbqeeDNiNoh2cLS9sHEE5p1XIGVgdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b88b22b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| voyeurix.com/thumbs/AA/eg/ZQ.jpg | 104.21.17.65 | 200 OK | 111 kB |
URL GET HTTP/2voyeurix.com/thumbs/AA/eg/ZQ.jpg IP104.21.17.65:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectvoyeurix.com Fingerprint7E:24:A8:31:90:36:2C:3F:6E:51:A5:42:E9:5A:22:D1:06:E6:EE:C8 ValidityMon, 22 Apr 2024 10:24:14 GMT - Sun, 21 Jul 2024 10:24:13 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3 Size111 kB (111049 bytes) Hashe2fd5e2818c64e8657cd9f8bcc57e291 b71449ff020d0885443d60a6eafb4caeab94ab86 8e6e83aef1b8a5f035580bb4b3a651c708559bd575d2f73cc3a088fce95b997d
GET /thumbs/AA/eg/ZQ.jpg HTTP/1.1
Host: voyeurix.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 111049
last-modified: Wed, 28 Feb 2024 15:48:32 GMT
etag: "65df55d0-1b1c9"
expires: Thu, 30 May 2024 17:26:36 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 707660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkwJF08z4dol872ijvkQua8SdOyyeCdUve6m%2FKGg9lh6pG6KYLNUbxcqVnPSPftFaRPZUDK7Vw7rcHIVR%2BEiJtlKP3bdHrl5ddqF9TSxw%2FTKU3ywOeLoTTn%2FnghRiNY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b879457127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/f8/0l.jpg | 172.67.148.113 | 200 OK | 9.7 kB |
URL GET HTTP/2femdomqueen.com/thumbs/AA/f8/0l.jpg IP172.67.148.113:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectfemdomqueen.com Fingerprint18:45:B4:39:A3:A7:59:D0:43:E8:17:F2:B4:A5:43:03:6E:42:60:16 ValidityMon, 22 Apr 2024 09:36:30 GMT - Sun, 21 Jul 2024 09:36:29 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.26.100", baseline, precision 8, 318x240, components 3 Hash769b6226327b4811e12aa12e37b66e59 c6883f0a8119b881fe3bd51624b2b1ab02eb96dc 2bbe68ec22333594f0160446880ef7da724b4955e7ff18f9c537c8ceda4f3379
GET /thumbs/AA/f8/0l.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 9697
last-modified: Thu, 19 May 2016 04:07:08 GMT
etag: "573d3bec-25e1"
expires: Thu, 30 May 2024 17:26:39 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 707657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IQdFcwJ%2FRY6XTXIw1R9jxs7EngZTrMDIc20qe2Ur7qmuRjuXJOB6WUbcULoNeenv4jtxhp9h0St4DCedJ5JibCM5dz%2BIzcnUYeqUORstJSjlZuItFX7bFVJEQLH0P247fOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b9390a56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 | 172.67.156.49 | 200 OK | 133 kB |
URL GET HTTP/2topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 IP172.67.156.49:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeHTML document, ASCII text, with CRLF line terminators Size133 kB (133058 bytes) Hashe31e4c87ffca1cb8dcf348c246d1c9e2 372ff4e6d30ff6576b1f1e4296961a93797697b9 beb5a08f2baf6f7e332bce0288a6cb75e0dd6de6546c93097ebba95e4bc89a2a
GET /?source=761082465&site_id=560254&spot_id=560254 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meetbenjen.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-request-id: 069f5a75d901fbe09c31a55ce4edba62
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgVu%2BL2WUHysVotcHuRA0NDo20ZUhGry%2FiXo1zO9r5wvOgFdUG6JnKagTqhE1kX%2Foqdejtr6D05PZu9nrWr88On7iaQQDBn2RrVd0ajWgZA27%2BT4m9nKpSSIH9vv0qDOkBMUOb7Zog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9ae68bab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/vf/Y5.jpg | 172.67.212.50 | 200 OK | 197 kB |
URL GET HTTP/269lesbi.com/thumbs/AA/vf/Y5.jpg IP172.67.212.50:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subject69lesbi.com FingerprintA3:C4:A1:C1:E3:54:F0:48:7C:B1:8B:9C:66:55:7F:77:7C:EE:21:CF ValidityWed, 08 May 2024 19:14:37 GMT - Tue, 06 Aug 2024 19:14:36 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size197 kB (197049 bytes) Hash5331d2803c2d06034555b2df7a246ad4 62e9d2f9ba835725342973fb8db6326e68d05233 55ba477a95a6fb9f4113e970a918674cc722aabcd06cc2db71fae52b3579f647
GET /thumbs/AA/vf/Y5.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 197049
last-modified: Thu, 14 Mar 2024 13:25:39 GMT
etag: "65f2fad3-301b9"
expires: Thu, 30 May 2024 20:11:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697750
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqPUHtzeUtGiqliLyrL%2FTRyYDURRBpK4sGXfxRkQ3PvbuY8%2FzpGB6j9G8ebBH20V9gusVMKGGP09GU6DnonCiVzAGU3Pcf8fS70HjFVSF%2FVOWC4UdS3iDbzEsivi3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b94fce712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| milftop.com/thumbs/AA/Ug/Ar.jpg | 172.67.223.161 | 200 OK | 12 kB |
URL GET HTTP/2milftop.com/thumbs/AA/Ug/Ar.jpg IP172.67.223.161:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectmilftop.com FingerprintA4:9A:04:BF:1D:C0:FD:E9:3C:3C:63:C2:E1:B4:D0:B2:7D:C6:81:1C ValidityWed, 08 May 2024 19:41:59 GMT - Tue, 06 Aug 2024 19:41:58 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashaa4b8bc56a804c569bed2dce42b25db1 f0ce59568b79f42831efc8864cad8c59ab33053f d6df680135d28437ca98a0b63ad47bb18828c3aff2edd18ca2e85f701a079954
GET /thumbs/AA/Ug/Ar.jpg HTTP/1.1
Host: milftop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 12037
last-modified: Mon, 29 Jan 2024 15:32:24 GMT
etag: "65b7c508-2f05"
expires: Thu, 30 May 2024 20:12:04 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697732
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KRW0P3RY9Q1lP3g1R%2FvD8fDV9eaIaIbcgRZ8PoBLcC9Q2fn2jjzrPmmpJdvBd%2FNdGgVRe3djbW5u4RbztZ%2BZm0JnQ7%2Bh2nOfMe85wb2DVB6NstTA82fQi57FNFNlIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b95e27b50f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/HV/vm.jpg | 104.21.3.76 | 200 OK | 38 kB |
URL GET HTTP/2interracial69.com/thumbs/AA/HV/vm.jpg IP104.21.3.76:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectinterracial69.com Fingerprint47:84:87:BE:9C:4D:F5:ED:69:D8:7F:4E:2F:A4:9A:17:18:83:C4:1B ValidityWed, 08 May 2024 13:59:15 GMT - Tue, 06 Aug 2024 13:59:14 GMT
File typeJPEG image data, baseline, precision 8, 716x476, components 3 Hash4b46768a454ca56f4bc6c9c5e5bde0f5 21e8d665f8c4d02c8ed6a2506cc22bfee122f6c3 7c79c335a7bb14ecaa9ac3f4deb7c5dad52b2808d7866afc6d4d5cb66f290ea8
GET /thumbs/AA/HV/vm.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 38003
last-modified: Sun, 28 Aug 2016 19:29:52 GMT
etag: "57c33bb0-9473"
expires: Thu, 30 May 2024 20:17:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697381
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2t3K72EsZXhLLFfnYwBPW5fuJuzH4Tka2HVlC3PUd2DmoWPsWdY7dCgBIwzzCylGpqXQ%2BovcqcDWg7g2BfeaEIuXtKVKP6UKfEmqP1e%2Fku6fQ5s0h1KQofUgpFRaxG1n1GXuyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b9dc4b5687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| z-gay.com/thumbs/AA/QJ/y8.jpg | 172.67.184.218 | 200 OK | 14 kB |
URL GET HTTP/2z-gay.com/thumbs/AA/QJ/y8.jpg IP172.67.184.218:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectz-gay.com Fingerprint21:C3:26:D0:D3:95:70:79:33:64:5A:99:F5:6F:63:BE:8E:88:8E:80 ValiditySun, 14 Apr 2024 05:45:42 GMT - Sat, 13 Jul 2024 05:45:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hashe57b6f26311b497b92bc7df2d35fcc06 10135ff49cadb1dfee01bd88935faf49909c798a cd2663389900afb96869f0ea6975b570b84db166185e1472d0a8b4cf9a3f1ef1
GET /thumbs/AA/QJ/y8.jpg HTTP/1.1
Host: z-gay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 13688
last-modified: Sun, 04 Feb 2024 07:19:13 GMT
etag: "65bf3a71-3578"
expires: Thu, 30 May 2024 18:38:15 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hln%2BW%2F24nbimyLVdPejBjhnNljzn0BB%2F9J26lUJ99B0MqFR3dVvy8QoGjd36B8crFk%2Br1zba%2FHdAuXUFbnzX0ftBoYYd2Q2RGNHLP%2FynEZLXXsWlTrjXHdCWf5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b9dc495687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Montserrat+Alternates:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap | 142.250.74.106 | 200 OK | 26 kB |
URL GET HTTP/3fonts.googleapis.com/css2?family=Montserrat+Alternates:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap IP142.250.74.106:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashf40889b2294d106b45379bf4602ea9a1 3a0a596bfbf6b66b039039a29c208b5ba3a89ea5 00c37ac2bd9c4d61fa72951ecc7eb42ad02c820d0c5ee7c76648695d8f1560b5
GET /css2?family=Montserrat+Alternates:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 22:00:55 GMT
date: Wed, 08 May 2024 22:00:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| javsecrets.com/thumbs/AA/wC/jb.jpg | 104.21.63.231 | 200 OK | 23 kB |
URL GET HTTP/2javsecrets.com/thumbs/AA/wC/jb.jpg IP104.21.63.231:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectjavsecrets.com FingerprintFE:9D:63:71:A7:6A:42:40:5D:EA:08:5C:AC:B3:0A:04:A6:42:F5:21 ValiditySun, 31 Mar 2024 20:26:38 GMT - Sat, 29 Jun 2024 20:26:37 GMT
File typeJPEG image data, baseline, precision 8, 568x320, components 3 Hash3e78ba8af22ec26cbf1bf02e09b7daa8 fcb6b2d566e34438020304ecdea119a5b598d745 4601e553163f315ee063d48674c0b6d81f33779c0f13f2d688245052d120e4e8
GET /thumbs/AA/wC/jb.jpg HTTP/1.1
Host: javsecrets.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 23086
last-modified: Thu, 30 Nov 2023 11:15:04 GMT
etag: "65686eb8-5a2e"
expires: Thu, 30 May 2024 20:11:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=peCmVAsl425gVIXA4fZf3DNDfOm%2BN7vvkMtxgWnvNHPeQIQrmMONd6mIAXZsM4of1%2By%2BB0ylJl0SMCQY8jM%2B7SMGByManIcjIjaL%2FoIFbvGzLwBHnupZcxjhsxcVoO466g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b9eb421bfa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/mC/Rr.jpg | 172.67.164.95 | 200 OK | 16 kB |
URL GET HTTP/2gftranny.com/thumbs/AA/mC/Rr.jpg IP172.67.164.95:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectgftranny.com FingerprintED:AB:7B:46:A5:4C:D7:E0:68:01:7E:25:5F:29:87:24:76:1F:68:B3 ValidityWed, 08 May 2024 11:53:53 GMT - Tue, 06 Aug 2024 11:53:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash76e3d166c22c93854ec2c68c2024eb5d 039d741e757e4a3e0d6393afb669eab414e5a0a3 f0eb0f5dff081c3d74b9f859a71a7d0c71a3db4df39cbb8ed684f34fe5e87a82
GET /thumbs/AA/mC/Rr.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 16396
last-modified: Sat, 16 Mar 2024 14:27:49 GMT
etag: "65f5ac65-400c"
expires: Thu, 30 May 2024 17:26:37 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 707659
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVbuflgu%2BZaw9l5NfB951CSsGQSIpgXjLmWXKli6NEqJV3Xb5ILzsKNdi98WA4S%2FuD9bZDowfX7q%2FHRCD3Agb%2BFdBUtoeIxXOsAM6KsXQdiPfoJM2u1Jy47LrwZbM6I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba39965684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| handjobxxx.com/thumbs/AA/EQ/OQ.jpg | 104.21.22.222 | 200 OK | 87 kB |
URL GET HTTP/2handjobxxx.com/thumbs/AA/EQ/OQ.jpg IP104.21.22.222:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthandjobxxx.com Fingerprint42:06:24:85:F5:26:53:B1:1D:86:60:CF:2F:B9:62:63:4C:29:5C:A5 ValidityWed, 08 May 2024 17:19:55 GMT - Tue, 06 Aug 2024 17:19:54 GMT
File typeJPEG image data, baseline, precision 8, 1128x588, components 3 Hash902f642306326d33040944041bae2164 9a9063ad39b7742c6f96dfd2210bfa33a46b537a d0236af03f0b0c5e6c6ccd0fb06cb2f0f7329e9b88329d256fb47bd3e8765439
GET /thumbs/AA/EQ/OQ.jpg HTTP/1.1
Host: handjobxxx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 86660
last-modified: Sat, 09 Mar 2024 17:44:18 GMT
etag: "65ec9ff2-15284"
expires: Sun, 02 Jun 2024 21:24:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 434163
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BtccSHgklzMBAdu%2B%2B4tGzB2RpHhTbJxrtWth%2BjgckOCNrG%2F5V6WPu49SuN%2FaoiQk0ovWjo7ymnkiFifRu3Ndcl6Y%2BEZaeKuRTEKp0fr2il7ohdDpCOuY4sBDEp0pKjppg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba3a5656b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| z-gay.com/thumbs/AA/Yx/31.jpg | 172.67.184.218 | 200 OK | 15 kB |
URL GET HTTP/2z-gay.com/thumbs/AA/Yx/31.jpg IP172.67.184.218:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectz-gay.com Fingerprint21:C3:26:D0:D3:95:70:79:33:64:5A:99:F5:6F:63:BE:8E:88:8E:80 ValiditySun, 14 Apr 2024 05:45:42 GMT - Sat, 13 Jul 2024 05:45:41 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x240, components 3 Hashe8fbcf66ee99f8880d8b95e1ffe74fce 921117e323a3bfbd1bd7948ff5d9f45439ac4a93 b5a415604e6cdb22a5d07690b2aaa858985457f6a118d397fbe515154dd67500
GET /thumbs/AA/Yx/31.jpg HTTP/1.1
Host: z-gay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 14795
last-modified: Thu, 08 Feb 2024 08:16:13 GMT
etag: "65c48dcd-39cb"
expires: Thu, 30 May 2024 17:44:01 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 706615
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PftxNRVw3huaT1Xcsploqm7Most2jvo170JLNFZHaDcwyGTkBHOVzZhWBKQYnJX%2B%2FwFx54BwtPWEBXkoFabvK%2F2EMBS%2FjdGMfkWMl8Y9yp43GV80yTvBB6%2BRmME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba4cdb5687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| veepteero.com/88/104 | 139.45.197.242 | 200 OK | 15 kB |
IP139.45.197.242:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typegzip compressed data, max speed, from Unix Hash83eaa3a498d622eb4e296daf810a5efd c9e0f01289e5d36dc92f891cf362a18775dc7968 88aabca6e3eb799b068c3fc24177b65963ebc93f3e4220838a4a16e87090a4c6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:54 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| losanalos.com/thumbs/AA/cv/5m.jpg | 172.67.209.70 | 200 OK | 182 kB |
URL GET HTTP/2losanalos.com/thumbs/AA/cv/5m.jpg IP172.67.209.70:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectlosanalos.com Fingerprint63:FB:8C:B1:C5:86:06:91:58:F7:EF:08:8E:39:64:F6:03:6F:10:F0 ValiditySun, 10 Mar 2024 17:52:00 GMT - Sat, 08 Jun 2024 17:51:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 600x600, segment length 16, baseline, precision 8, 975x548, components 3 Size182 kB (182167 bytes) Hash9e54c84c17ea8c9205d323f46ee0a264 a344973fe4ed63e30f7d4580df06c5e45ec20c51 18482d2fbeb46f5cc2ca72f7b5f645d4170ac4ce5926611e4530ebd43862be83
GET /thumbs/AA/cv/5m.jpg HTTP/1.1
Host: losanalos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 182167
last-modified: Wed, 28 Feb 2024 16:59:21 GMT
etag: "65df6669-2c797"
expires: Thu, 30 May 2024 18:38:13 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVl8FC3UaUnpJiKLiOaPmvsjl5QYxVV8kHfET%2BFAsh4TvWEvrzMzot%2Bb%2BrT55rLI%2FFMlFRdqQWmDgNwy%2Bh7UvoRRKyP8gjkmyoACmrZttgW81CYIvyXdehDN0aWOTsrn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba68aa7129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/yp/WA.jpg | 172.67.138.35 | 200 OK | 27 kB |
URL GET HTTP/269ebony.com/thumbs/AA/yp/WA.jpg IP172.67.138.35:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subject69ebony.com FingerprintC8:0C:2F:35:79:5E:24:73:F5:9C:99:AA:87:2A:C5:29:4B:05:60:E9 ValidityWed, 08 May 2024 17:50:18 GMT - Tue, 06 Aug 2024 17:50:17 GMT
File typeJPEG image data, baseline, precision 8, 640x480, components 3 Hashf8b721bd78676febb42c6f212b38fb3b 7ca043267191dcacf72ab242c17f98da5c62b0c1 148c99d50d1743dd2f9265328aa7ff2a930065c7a40ec3df8b4637a64c053a69
GET /thumbs/AA/yp/WA.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 26787
last-modified: Tue, 14 Nov 2023 08:07:20 GMT
etag: "65532ab8-68a3"
expires: Thu, 30 May 2024 18:38:15 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703361
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IZrMIDBYwkYp7ACjHsfEcKeK5yZWpu80q9WxTRIh0BDsDkCQk9Qnaw3psovmk0tr8eHp0I8MUZMSLyw0AtBRXew%2BbTOlJ6YgdbRqnf8%2B1gdgk8%2FOr9ZoRMx%2Fux7H4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba9b3656c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xcumwebcam.com/thumbs/AA/ch/zV.jpg | 104.21.14.119 | 200 OK | 115 kB |
URL GET HTTP/2xcumwebcam.com/thumbs/AA/ch/zV.jpg IP104.21.14.119:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectxcumwebcam.com Fingerprint85:FC:8E:26:56:ED:EC:5F:6C:0C:68:68:3F:1F:05:F1:A1:50:34:A8 ValidityMon, 22 Apr 2024 06:49:07 GMT - Sun, 21 Jul 2024 06:49:06 GMT
File typeJPEG image data, baseline, precision 8, 892x668, components 3 Size115 kB (114582 bytes) Hash2fef68128813a75c3b9f5bf6c5dd494d 0c341e4801a77284c76e9e9811e294cc5eb98b81 57371c8ad97caebb40372dc76b1acf9ea71516b15396bf3bd5d38a20ae7cdcce
GET /thumbs/AA/ch/zV.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 114582
last-modified: Sat, 16 Feb 2019 19:13:00 GMT
etag: "5c6860bc-1bf96"
expires: Thu, 30 May 2024 20:11:47 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697749
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vbPjwz%2Bs%2BduBViRUxdRhG36xuh%2F2hO7340iyD4qeMsHmOu283kyxpTzd%2Bh7Gz7BvU7ukIpApijKJdllwY13vKMDdlf5MSSndK6DSw%2BqwJUoLet17FHTabkqKDzLdzS%2FfYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba9dcd568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| femdomqueen.com/thumbs/AA/R1/ws.jpg | 172.67.148.113 | 200 OK | 7.4 kB |
URL GET HTTP/2femdomqueen.com/thumbs/AA/R1/ws.jpg IP172.67.148.113:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectfemdomqueen.com Fingerprint18:45:B4:39:A3:A7:59:D0:43:E8:17:F2:B4:A5:43:03:6E:42:60:16 ValidityMon, 22 Apr 2024 09:36:30 GMT - Sun, 21 Jul 2024 09:36:29 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 640x639, segment length 16, comment: "Lavc58.23.100", baseline, precision 8, 398x224, components 3 Hash1f9d39f0a022bcf4a3c6cf1b2b8b6715 cbde7d82eed002ddd07edfae97df5835bf2e853d 294e686a05b487eb90422dbc9c9838456b560af93cbe32452feddc1048ebfe9e
GET /thumbs/AA/R1/ws.jpg HTTP/1.1
Host: femdomqueen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 7440
last-modified: Sat, 22 Sep 2018 15:58:48 GMT
etag: "5ba666b8-1d10"
expires: Thu, 30 May 2024 20:11:45 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697751
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fg5SEGU2fdMJ5ABWXWXTKhA6y5HSaPt3X8aRENBkllPEQyyqoZes0xRfCxlduqPOWFn58udk8TanPwQYCOgdl3eyllDIuEqNWSN0egNJT3L%2BM0ZUy5ZiPBXooQpzEzBHYUk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9baaacb56b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69ebony.com/thumbs/AA/1z/_P.jpg | 172.67.138.35 | 200 OK | 288 kB |
URL GET HTTP/269ebony.com/thumbs/AA/1z/_P.jpg IP172.67.138.35:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subject69ebony.com FingerprintC8:0C:2F:35:79:5E:24:73:F5:9C:99:AA:87:2A:C5:29:4B:05:60:E9 ValidityWed, 08 May 2024 17:50:18 GMT - Tue, 06 Aug 2024 17:50:17 GMT
File typeJPEG image data, baseline, precision 8, 1920x1080, components 3 Size288 kB (288381 bytes) Hash03c7a52d867d1821dabbd607b472334c dfcb156529387624cdfaac36207cd00d055430a6 9e1982c4cf6c7163a07df61029f09b4f588b4722c58389a60919cb6eeb293e45
GET /thumbs/AA/1z/_P.jpg HTTP/1.1
Host: 69ebony.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 288381
last-modified: Tue, 14 Nov 2023 08:17:10 GMT
etag: "65532d06-4667d"
expires: Thu, 30 May 2024 20:11:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697741
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yvNAQqWOKnq6PuSGr01fbaK%2F9jwUf%2FilScnZAMb0z74RZMwbF6yLNZg8y6rnchI63vB3IG7h%2BpxJA55ynZPUwIRD2zS6AOO7bE19C8svFFWetwGGOMd3aNrWaka0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9baab4556c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/Mw/w_.jpg | 172.67.195.23 | 200 OK | 16 kB |
URL GET HTTP/269indian.com/thumbs/AA/Mw/w_.jpg IP172.67.195.23:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subject69indian.com Fingerprint02:44:AF:DF:DC:35:9B:8E:2F:BA:31:BF:8A:2B:42:28:10:1D:89:D8 ValiditySun, 31 Mar 2024 19:47:58 GMT - Sat, 29 Jun 2024 19:47:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash6aa65bc81c924c1f2a9240c5c618fc1f 74ec75dd8ee8d8a533a9ae7650d5cfbd2b61b601 b395446b3a6f05b2b4f131f41e5ea4e2f516fbbe6ead0b8da07489865a2cc3c9
GET /thumbs/AA/Mw/w_.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 16270
last-modified: Thu, 25 Apr 2024 11:07:40 GMT
etag: "662a397c-3f8e"
expires: Thu, 30 May 2024 18:38:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhRVx4yQ%2FtAxMqfP6iTiiNnjLrnUFalu9FQIAyN5G0HXViN6XWJiEcpAsKiHv46dexW4zh2jXhXS0itKK%2BVqvyULmpKo8UX4NtcwPf1Y%2Ffu4QmoIs5KaScL%2FWfHwpjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9baddb7b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| interracial69.com/thumbs/AA/df/F_.jpg | 104.21.3.76 | 200 OK | 174 kB |
URL GET HTTP/2interracial69.com/thumbs/AA/df/F_.jpg IP104.21.3.76:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectinterracial69.com Fingerprint47:84:87:BE:9C:4D:F5:ED:69:D8:7F:4E:2F:A4:9A:17:18:83:C4:1B ValidityWed, 08 May 2024 13:59:15 GMT - Tue, 06 Aug 2024 13:59:14 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Size174 kB (174301 bytes) Hash0e2eb4904271c0975d1cc71512a8104c 700fa8b264bddfe438a79d023a7c0670d4a51fef caab98e273b5f0aa00c3b1e8b8ea5816fb5291b5f51dd5a8cc84dee8a1b48271
GET /thumbs/AA/df/F_.jpg HTTP/1.1
Host: interracial69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 174301
last-modified: Fri, 01 Mar 2024 03:42:03 GMT
etag: "65e14e8b-2a8dd"
expires: Thu, 30 May 2024 20:11:52 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697744
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FGyCSLqkFaPrG3HjNjCXXftiAG%2FNZaDAJfSGuyCRphlG8Fjev09NcO0Y7mAhICVbRYWQ1htv02Nxgt27IDjEkIhQ%2B0qGdHtfG6A6vfTcIOlxXaZLocjagGUFCnqaFM3YiZL1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9bb1dc65687-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| topsites.hadesex.com/js/utm-datasource.js?v=1.90 | 172.67.156.49 | 200 OK | 26 kB |
URL GET HTTP/3topsites.hadesex.com/js/utm-datasource.js?v=1.90 IP172.67.156.49:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeGeneric INItialization configuration [] Hashf9eb7bacc6a92d4e5d1ae8299b53a3bb 3fef0ee46b983203be0c4dfb15a90a29526a391b 6fd474fdf1c98b145149e617ee1a24876332690123ff8c4cd43bbcce7c1b7bcf
GET /js/utm-datasource.js?v=1.90 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:46:51 GMT
vary: Accept-Encoding
etag: W/"65bbaedb-af5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 54216229af0759840658d6d7b97fe4a5
cf-cache-status: HIT
age: 711792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vcD16QZhxOi1a7SGz7RZP0bU3B02DswzHDmcO9%2FrVKQO0PwovejbohOok%2B2UkqNtx5WNrtWNNxScBh%2FE14ptuu2CW3z6MWi4G2sT%2BmqXDlz4GB%2F1cAg1o9Cv%2FVhNV3sV%2BC3vv8c%2Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9b1c81d712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| md-static.com/js/jquery-ui.min.js | 172.67.171.8 | 200 OK | 59 kB |
URL GET HTTP/2md-static.com/js/jquery-ui.min.js IP172.67.171.8:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectmd-static.com Fingerprint78:3D:4B:7D:5D:B4:38:28:82:3D:3E:65:79:F4:48:9E:D3:A5:91:60 ValiditySun, 05 May 2024 15:59:00 GMT - Sat, 03 Aug 2024 15:58:59 GMT
File typeJavaScript source, ASCII text, with very long lines (31633) Hashce52e5e873202628cae33ba148e4f198 8995d56f8b3fe8e60d8256519ec040ae53262262 ad16e754fd1f9c9733ca0324c2d5923a3c76ad4682270d31958d0c1e2b2cb3ed
GET /js/jquery-ui.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: application/javascript
last-modified: Sun, 24 Jan 2021 13:07:13 GMT
vary: Accept-Encoding
etag: W/"600d7101-7c7b"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 703355
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mL9Z2%2F01hLpeC8FR5qpau82DKp0LTe1ZZUmIVQfApv3vsLAdM4e0jgIOLAYpQDFZlaINdbsk1ler%2BgMQfyMeDPlKfHSJRDMR3AzGycYdv9Ji6ZMkbyjKdcO56ThXZ%2BdR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9b2581956c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gftranny.com/thumbs/AA/89/hH.jpg | 172.67.164.95 | 200 OK | 18 kB |
URL GET HTTP/2gftranny.com/thumbs/AA/89/hH.jpg IP172.67.164.95:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectgftranny.com FingerprintED:AB:7B:46:A5:4C:D7:E0:68:01:7E:25:5F:29:87:24:76:1F:68:B3 ValidityWed, 08 May 2024 11:53:53 GMT - Tue, 06 Aug 2024 11:53:52 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 320x180, components 3 Hash442082d9a9a019d6bb4d6ec6a4e505e1 a5a889db68dab7bb83ad10081f7bf245d2a03c4f e70f2f20b952be2c2739b0a9976ff797dd66ba824a3cb8a96afd0811fa79d29a
GET /thumbs/AA/89/hH.jpg HTTP/1.1
Host: gftranny.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 17659
last-modified: Wed, 01 May 2024 03:50:09 GMT
etag: "6631bbf1-44fb"
expires: Fri, 31 May 2024 09:54:30 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 648386
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXsTO6ntRjGC%2BlgtG0hMyQWtqg4%2BCYrMeN27mHd95eqWcOiJC0%2BQbjYsRauX%2BownX%2FJxEmIGqRx2exse%2Ft9db%2BhARIk%2BDeP5p1C1Jy8%2FzNgfVmqz4%2BqsGvNuHdKZ0ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9bb7add5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| losanalos.com/thumbs/AA/co/7l.jpg | 172.67.209.70 | 200 OK | 98 kB |
URL GET HTTP/2losanalos.com/thumbs/AA/co/7l.jpg IP172.67.209.70:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectlosanalos.com Fingerprint63:FB:8C:B1:C5:86:06:91:58:F7:EF:08:8E:39:64:F6:03:6F:10:F0 ValiditySun, 10 Mar 2024 17:52:00 GMT - Sat, 08 Jun 2024 17:51:59 GMT
File typeJPEG image data, baseline, precision 8, 1280x720, components 3 Hashf5737194927bd2528df28654f8f6c427 f9019d6672c28727be0cf912686692123d0f69fe c37cbfbc4260750740397dade1be532cf63b3935e1f580db4491466917945a60
GET /thumbs/AA/co/7l.jpg HTTP/1.1
Host: losanalos.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 97533
last-modified: Fri, 26 Apr 2024 23:35:13 GMT
etag: "662c3a31-17cfd"
expires: Thu, 30 May 2024 18:38:13 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703363
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gEHi0aTqNsRFq97yGbTLPiEXM%2BhBsurOL13IHKqStk3GqxXg5GxMR9kr1IC0q6tTAukmWopy38mBN318a%2BHvX1bMAz3HN440NXa4k%2F%2BFLi9BzQ9%2FNUxZuFk3HHM0NKtM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9bbd9d67129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGSvMSuh3ZSj5kTf4yrGGszq9iR7FLmL2fdZQ6YlEtjn6mz5ByjhqUrz2KGXW1h0CTYZLCp0H%2FmKO2kcMcm6TXIQSNFbsuN4HulnAntpuzDwvXsETwlGoCxP3yZIeLP7yn8iWJmV4PM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b7a0fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/reddit.js | 172.67.39.148 | 200 OK | 893 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/reddit.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (903), with no line terminators Hash1f5dd30051ff637ea1d19ce73aced89c bfdd1d1c07492ba397bdcf13e262edcfd8692a5e c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81
GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjHweqxafNQq1n%2FESzRf2k9F%2FrYlbdwvbqiAi31q1bs4dxVMeUPA7nKp8T0F58E7TOkAh%2FfYESagksyAdIk6odC8nuIMY%2Fii8dgMTHCakMh4qso5JAISV52DVvEx%2FDl%2BX8CDPGH228RHXIBwZtZJQppE"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15616
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee5f5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1715205651286&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=954953136.1715205653&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715205652&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2422 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1715205651286&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=954953136.1715205653&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715205652&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2422 IP216.239.32.36:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HEX1BG8H46>m=45je4510v9104348843za200&_p=1715205651286&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=954953136.1715205653&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1715205652&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&dt=Vidoza&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=2422 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Wed, 08 May 2024 22:00:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=41 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=41 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=41 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| veepteero.com/?rb=qsZm90WjPjkLiiYRJdLw3PT9gMFg1C03NFcF71DDX4zn3ZuXZTHRfTKDGHWZXB39SFAerTa13XYXls_JDLo9XmpqlAxai8L9NinsiRJJ0Tg7zbDa5xUfgdCHMD2VY-7GKijfyApOqBa9dl1T0aKqBB54TX11_j4t1BinRf4vzR0G7IlclZp08yp-550_TKZY-xv5tKpIOgGIaYUhtlQsa4TYy6fwMOUybSZ3DMSqZtKdWcTp6E2iFa-zRvSvx28b98Yvkg%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&bs=c9b22bf5-08c3-4247-82b9-7618e5ea9809&wasm=1&userId=008056981a644e26ef5bfb4f674782a5&m=link | 139.45.197.242 | 200 OK | 2.3 kB |
URL GET HTTP/2veepteero.com/?rb=qsZm90WjPjkLiiYRJdLw3PT9gMFg1C03NFcF71DDX4zn3ZuXZTHRfTKDGHWZXB39SFAerTa13XYXls_JDLo9XmpqlAxai8L9NinsiRJJ0Tg7zbDa5xUfgdCHMD2VY-7GKijfyApOqBa9dl1T0aKqBB54TX11_j4t1BinRf4vzR0G7IlclZp08yp-550_TKZY-xv5tKpIOgGIaYUhtlQsa4TYy6fwMOUybSZ3DMSqZtKdWcTp6E2iFa-zRvSvx28b98Yvkg%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&bs=c9b22bf5-08c3-4247-82b9-7618e5ea9809&wasm=1&userId=008056981a644e26ef5bfb4f674782a5&m=link IP139.45.197.242:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectveepteero.com Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91 ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2337), with no line terminators Hasha1160a84ae57400ae69c5dff5b78ac20 3b089b14544c149f777c06f74d184067afe6e206 c5602a420b43b25665f6904b07d03642f249ec244cee4b94cdd50832b407449a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?rb=qsZm90WjPjkLiiYRJdLw3PT9gMFg1C03NFcF71DDX4zn3ZuXZTHRfTKDGHWZXB39SFAerTa13XYXls_JDLo9XmpqlAxai8L9NinsiRJJ0Tg7zbDa5xUfgdCHMD2VY-7GKijfyApOqBa9dl1T0aKqBB54TX11_j4t1BinRf4vzR0G7IlclZp08yp-550_TKZY-xv5tKpIOgGIaYUhtlQsa4TYy6fwMOUybSZ3DMSqZtKdWcTp6E2iFa-zRvSvx28b98Yvkg%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&bs=c9b22bf5-08c3-4247-82b9-7618e5ea9809&wasm=1&userId=008056981a644e26ef5bfb4f674782a5&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:55 GMT
content-type: application/json
x-trace-id: e83cafecc5804cb5e69d065f868228c4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008056981a644e26ef5bfb4f674782a5; expires=Thu, 08 May 2025 22:00:54 GMT; path=/; secure; SameSite=None
oaidts=1715205654; expires=Thu, 08 May 2025 22:00:54 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 22:00:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8KGAXVsrS3hlINNpry6ItATjsfkpJfgPWbXRD14M%2B2dr%2F0cLKQ41UGNjaiHAxqPxWwcAf%2F1nvlLWQYx%2BEkTMW8OMYiwr4GX9CnqYWuk7Yey31SbiMJmCUp8G6NrNOdE2aigCmyjBoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b7a17b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=49 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=49 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=49 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| www.googletagmanager.com/gtm.js?id=GTM-56DK3TH | 142.250.74.168 | 200 OK | 209 kB |
URL GET HTTP/3www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP142.250.74.168:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3287) Size209 kB (208791 bytes) Hash1a2bb0fd764c56d5fdff4917f3240081 a3a7376b54929f03e8ef222ee34da5b9cba86b00 f6a00bd1f8d267214e0fb94ad129c3119ebf08eaa1c81d5737565625441f6b11
GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 22:00:51 GMT
expires: Wed, 08 May 2024 22:00:51 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73618
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| static.addtoany.com/menu/svg/icons/telegram.js | 172.67.39.148 | 200 OK | 360 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/telegram.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (370), with no line terminators Hashd455b7099e753a3680d5e481a7b56a9d 146fdec3f2e51dabdd15fc8acda6d73823b0d44d 4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a
GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMJGe1UEbwEs5HbBF8m%2BObmMrUHG3OMVxSIiGFVJ0SBsWQtY4ktOVYoKCkEfNMvA2hFAWUXImpgCZn%2FIPhH%2BmAGHYgiMjn5Ua2dPP6e4%2FusvRjDnGR%2Bq0snIiikFzrjU%2FXCNvb6W8C6UnsFjYJvUV0rv"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12262
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee615689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| dog.seetron.net/LrfK7A3.js | 135.181.208.216 | 200 OK | 239 kB |
URL GET HTTP/2dog.seetron.net/LrfK7A3.js IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
Size239 kB (239297 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /LrfK7A3.js HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| myretrocollection.com/thumbs/AA/rc/5Q.jpg | 104.21.18.7 | 200 OK | 95 kB |
URL GET HTTP/2myretrocollection.com/thumbs/AA/rc/5Q.jpg IP104.21.18.7:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectmyretrocollection.com Fingerprint52:DB:0F:89:F7:CB:43:2F:55:9B:17:6F:47:C2:87:6F:12:A9:7C:A9 ValidityWed, 08 May 2024 07:33:45 GMT - Tue, 06 Aug 2024 07:33:44 GMT
File typeJPEG image data, baseline, precision 8, 960x720, components 3 Hashb39c315b9dd966a4ecf1e036d1074354 c2603211054c12e6d4097863c3386cc59ea55b65 30fb123175d97fcd3fedf093d8e46c5c236c966a20e2c530045c18304c38c8c8
GET /thumbs/AA/rc/5Q.jpg HTTP/1.1
Host: myretrocollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 95015
last-modified: Wed, 31 Jan 2024 16:02:30 GMT
etag: "65ba6f16-17327"
expires: Thu, 30 May 2024 20:11:56 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 697740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h63ANbJCrUZMXWpBu6qdPwy5QBZDUNvzW5A1%2F0rZl3%2FxfWmiSNTxt9nX4Hx5G9JisdtP2LK2RGpbA7zPgw8S1Lo61%2BNDLdEUMRXRCXW%2BW88VMxBkoa1TiVKq8zzEvbLjPIAI6l4XXCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b95f02b512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| zv.7vid.net/api/spots/70102?s1=177161&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011 | 135.181.208.216 | 200 OK | 67 B |
URL GET HTTP/2zv.7vid.net/api/spots/70102?s1=177161&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subject1111.spinna.online FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT
File typeXML document, ASCII text, with no line terminators Hashc3928cea84e0c684b265b8fb465a9e72 aace4c0c8b0fbb35d2932f4f27e01ef627161574 3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25
GET /api/spots/70102?s1=177161&v2=1&fill=0&kw=file%20upload%2Cshare%20files%2Cfree%20upload&i=1&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=XSxzexCdzedpYmylhOz9; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ossgogoaton.com/tag.min.js | 172.67.184.45 | 200 OK | 82 kB |
URL GET HTTP/2ossgogoaton.com/tag.min.js IP172.67.184.45:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectossgogoaton.com FingerprintDE:B3:2A:B0:2A:4A:C3:F8:A3:3F:5B:C6:96:E6:F1:41:55:B4:87:1E ValiditySat, 04 May 2024 10:37:16 GMT - Fri, 02 Aug 2024 10:37:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65494) Hash4bc7aaf197612e2fdf570523f8a25289 308438c2a77f38207c342dd68bec432043306eb8 d0d814c34562f87ff636fe2dc590be89945a97c48f94bb879b6b07ea265e1818
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:54 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 7acfcbd5fb6d4e8fc9665fc098fe5f53
cache-control: max-age=86400
last-modified: Wed, 08 May 2024 14:06:24 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 09 May 2024 20:56:55 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 3839
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBWMs%2BRQhegpBp4hhJxWyNirlM2nT5Ta3XToKNFgoBAp4tzqEtajjHmMWgCZ8hONQLTcEmm6oq2t1SaHv1eTWi2z5X6EwMyAzkEhna8KShg2qX%2BFM7929VnRQ2%2FRT3pnJG4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ab689956aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/twitter.js | 172.67.39.148 | 200 OK | 645 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/twitter.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (655), with no line terminators Hash671b3272826b2e03f7f5ecc6846a4f83 bcd620154cd6381ddf84b4e17e53ad716f3acbea b743f6ed35f2a170860cfb010577cd000ee695dc23b850d3b3e479ef1178bb22
GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ggiKokhYH%2FRwG5kRNsQxxkES41zx0pRhTrFCFihLqsTSZDy5P6xBR0gPdEzsNoj600eU8miSvk2pNojpOEm0ToV01dZ%2BWv9rYzF%2F0crLCtKrUyFE67PnrnzZvkmGvUV%2BiiVGrF6naj2jHKv3CePNqH%2B%2B"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12262
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee655689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YRQ%2BZUZ6dKZ5iUAdS83E4NwIPCNMVG8ZnpiPvCbrvKgR3kzJz%2BLgiDbsIE%2BUGqFBz4DHnAo%2B%2BLqYostPR0c2NzFTFhioDDjfG7mo0hdncL5WgjqPdhfItrQCPNwT3sQtgh3H%2BC1nUTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99f1e907130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aistekso.net/401/5708419 | 139.45.197.244 | 200 OK | 91 kB |
IP139.45.197.244:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectaistekso.net Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashaf162eb349cb2d623f40ac1c8bcf56f6 6df722829da60ec3b8f101367f83bd1b84bb2528 c97ee1aa5f6be57e931888ad1dcee8f33d8de157c622f48e1dee5f08711c361e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:54 GMT
content-type: application/javascript
x-trace-id: 090a4f0403958477f68ea23e67d623bb
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=03005682a6b9435ef0a89702f2a85c60; expires=Thu, 08 May 2025 22:00:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| lovefootjob.com/thumbs/AA/9X/4I.jpg | 172.67.195.214 | 200 OK | 25 kB |
URL GET HTTP/2lovefootjob.com/thumbs/AA/9X/4I.jpg IP172.67.195.214:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subjectlovefootjob.com Fingerprint6A:CE:FD:27:C8:DA:CF:1B:E2:B4:D3:FB:96:8E:5E:C1:DC:F9:6B:83 ValidityWed, 24 Apr 2024 18:50:36 GMT - Tue, 23 Jul 2024 18:50:35 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 480x400, components 3 Hash73f71341cf4be9aa3dceddd02655661d 392820d89ed970a13af645612eb7404f27aa965f 1a865253447a81e92f47a7b26fcfab9162b9d7bfb50f5b4daf5ff16baa7f9840
GET /thumbs/AA/9X/4I.jpg HTTP/1.1
Host: lovefootjob.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 25296
last-modified: Wed, 28 Feb 2024 17:02:47 GMT
etag: "65df6737-62d0"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mF4MOxZzS9%2F4UOW9qhsqctFUQayWxm0ReuthzIG0uJoF8%2BX%2BQkcSZO1HLNRa2jFl%2BiEfqhZ4VBi7Gpf6Op4%2BedoywVq5n3kl9PXbi4gxY4OVrtSbFQOIyOiHm8cBR5IxRM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9bb1e5b56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Zj8D76R | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Zj8D76R IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaa39ce14ee4ef59a81b3b1ccc7c20cfb 4037f87db53a18212b896cbe7dc03404833bd9f4 5e96980309ab1a029fa20a02fb9aca51a5967df4e6ab8aaab5f0373d4ebd4f68
GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2fsLwfbl7Cqhnbl%2FOGo2ej8rC18GSnpJnYd1Ibncgbhn1D1oGlBuciW4sKOTjiN%2Bq2b4sEih5M%2BLb%2FzfhqcxC%2FvVN2VZkkwTsXIw%2BrmiAHdB4umohlRboG%2FhLGhQ71IQgfYFYYz1cc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b69fab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 140 kB |
URL GET HTTP/2videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size140 kB (140132 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-22364"
expires: Fri, 07 Jun 2024 21:54:48 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QugV59wAlBoDUYQdE467upqZQVDi1ke2fxjQg%2Bah9kIjg1j1ZJDpmGSWh65WOjJst9JCw4dhod%2FoEcthyapC1N9tflqIUVZnwDIydu7aW975vLLF%2FJ%2BbPmj1Ol49KXMt%2BdDPZFkia6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b7a15b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 | 109.206.175.85 | 200 OK | 5.5 kB |
URL GET HTTP/2meetbenjen.com/in/p/?spot_id=560254&cat=25&sub_id=761082465 IP109.206.175.85:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectmeetbenjen.com Fingerprint9A:72:77:E6:54:8C:F4:16:F5:ED:83:0C:A9:D8:38:2B:BA:9E:67:14 ValidityTue, 26 Mar 2024 03:08:56 GMT - Mon, 24 Jun 2024 03:08:55 GMT
File typeHTML document, ASCII text, with very long lines (5558), with no line terminators Hash0e67d8d50d21086bf738fa074f3da94c b19e65ffb6259c55a1dfa2a3483cebeb38192bc5 5985c99472485857b22ef312885e1967c777527ee157a3be9c88601d195622cd
GET /in/p/?spot_id=560254&cat=25&sub_id=761082465 HTTP/1.1
Host: meetbenjen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 08 May 2024 22:00:54 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
set-cookie: 1095.0=1; expires=Thu, 09 May 2024 22:00:53 GMT; path=/; secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Zj8D76R
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0a%2Bo9iKfgOMXOSdP3ZNojCUKBbmMf3gw6O1SGCLXIcrxTicf49uhbdIKDswNCWMkMXooCuqTVcirgn%2FqqnU%2Bd7sgiQoyARTbf32Xr01XNAzdU4%2BcOtp0uk8nVa0xiY2GdY478B4M1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99f0e6e7130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=177161 | 135.181.208.216 | 200 OK | 636 B |
URL GET HTTP/2dog.seetron.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=177161 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (772), with no line terminators Hash049ed453191aa0ecd9d9a107c44067d0 10921ca334617c6fe48fafe7f8adc6ab18e143a6 c2d78d11bd279a5cb2cba06329ea0e82a971994ee8a347c41c6ec8b027b74096
GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=177161 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=iHlgEY8Gp4AS4BBw6i6B; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/modules/core.BRQnzO8v.js | 172.67.39.148 | 200 OK | 72 kB |
URL GET HTTP/3static.addtoany.com/menu/modules/core.BRQnzO8v.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805
GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK8gUdgRP8GeYnLNHjDu6u8caDNHdfO2sQNKdIoJNqcMjR7wKzBSRPIzKBAhIZ8GUNx3vYpRT%2B9Wl0bTiXTo1YqoNOdrpxq%2F84ur0eWSRu%2B8ofOTPc9x7M1JwH%2F7P4Z%2FP3le3Hg2mdvhb0ePe1lTNo51"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12262
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99a4a585689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| topsites.hadesex.com/main.css?v=4.6 | 172.67.156.49 | 200 OK | 53 kB |
URL GET HTTP/3topsites.hadesex.com/main.css?v=4.6 IP172.67.156.49:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjecthadesex.com FingerprintA1:8E:DC:59:6A:AB:77:60:87:69:7F:7E:EE:07:71:CF:21:03:AD:84 ValiditySun, 05 May 2024 01:16:25 GMT - Sat, 03 Aug 2024 01:16:24 GMT
File typeassembler source, ASCII text, with very long lines (1663), with CRLF line terminators Hash67a60fc3237cab1af285087013d3dfd7 361611ddf508c4caac1a36ae71b4aa78080421b6 9c2025fe9271763ec886f52dd6c8cff71c8b51c4029b302d7a44d32a4b2e8d09
GET /main.css?v=4.6 HTTP/1.1
Host: topsites.hadesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 13:05:54 GMT
vary: Accept-Encoding
etag: W/"66168eb2-cece"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 7eea4ea1eb9f3a7193752d1932635b4a
cf-cache-status: HIT
age: 707659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJg971%2B%2F5n%2FK2ljbq6360jCGC5lb6mSlKST0ClQ2yT9fbPhc1MYC3losy0rTWCOEW4glOp9SEXC3L09SZnu3rADiSJeeBeXqcPcy%2BtUEY21zmmtVcgvXVeBK1rhRzhqkEEhYQbU%2BLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9b15fad712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP104.18.11.207:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:50 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 2ab8316fdef76f530c15e660f59a896d
cdn-cache: HIT
cf-cache-status: HIT
age: 711744
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb994ffbe56ba-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| myliveforyoudreder.com/vidozza.js | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/2myliveforyoudreder.com/vidozza.js IP188.114.96.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectmyliveforyoudreder.com FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7 ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT
File typeJavaScript source, ASCII text, with very long lines (1742), with no line terminators Hash1b10623dcc365c3e40aa543ee9be6c3d ee99261cffbbf896eba3c60d867480042fbaadc5 54dec89c60117fd15b96d376c1dba2de2f333009f2ba0847fa71fa0a969f863f
GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1617
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u9QUTJXe3djAU10mCJPfaZnoq9wLvgmx5JzK4SqEH7OpxNbGM0hZNhhwdrLmnnFcKTXvPO2rC7gWDJNy0SauyOm2crF8kPVFYsFN7i3H1%2BDa%2FGzqV015HhihSHC2ib9pkREC1ftUyuu9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb99d3f170b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f89pbR69IsVWmpE8ncwn%2Fg3l7D9%2B32kSo%2FTX7D7S%2BiwZ4SRwcTgff7PghCCFO9EnrZmtNccZhUzGx00TyvOpdXxFJMTF5nk1AYuoPmDKQgRiMF24NZsVeZN%2BqeQNy6ugDEH3XU4b%2BRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99f4eb37130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| bid.bidclickmedia.com/sub/0YDX8OE | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/0YDX8OE IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashaf2b6f5e906532aa6d51ed7dcbb8fed7 5ddca712e64ecb7520e561656c87079ec18e3db1 eced93383f70dca1dcfe0998bcccf8d3fe044a0f1646f0ffa670cf0b14f599f3
GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmrKFfJu6y%2BOfDYqaLzffFgzRFr%2Fl%2BqrE%2FX9uxhrOOW%2BatXGxSOdIE7XasjS1JsUIbK2nqn8DZtHsLLn%2B3n5gj7QlK3oBpVi%2F%2BH%2BItDTFuMstT1izw7tgjwb%2FMoyEqPMaVim1VzHdWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b69f8b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 | 139.45.197.236 | 200 OK | 94 kB |
URL GET HTTP/2cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419 IP139.45.197.236:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash3eaa321621285f607cb581ec90118d9e 2592cdd061eb905d40aaf62bcec6d1b271c6c1f1 91c858534f90f934f2442b584c483fab1966993999c1da7aa8bbf27d62cd2a98
GET /apu.php?zoneid=5902452&var=5708419 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:55 GMT
content-type: application/javascript
x-trace-id: 3c20e5c1ae1591de878d92cd2112b37c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008056183bbb4651f9fc78403abfd92c; expires=Thu, 08 May 2025 22:00:55 GMT; path=/; secure; SameSite=None
oaidts=1715205655; expires=Thu, 08 May 2025 22:00:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| md-static.com/js/jquery.min.js | 172.67.171.8 | 200 OK | 90 kB |
URL GET HTTP/2md-static.com/js/jquery.min.js IP172.67.171.8:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectmd-static.com Fingerprint78:3D:4B:7D:5D:B4:38:28:82:3D:3E:65:79:F4:48:9E:D3:A5:91:60 ValiditySun, 05 May 2024 15:59:00 GMT - Sat, 03 Aug 2024 15:58:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /js/jquery.min.js HTTP/1.1
Host: md-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: application/javascript
last-modified: Mon, 04 May 2020 23:02:39 GMT
vary: Accept-Encoding
etag: W/"5eb09f0f-15d84"
expires: Thu, 30 May 2024 17:26:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 707650
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qbhIvwpDpGd6Lb1ZuO9SHnZeNKxjfLBHSX%2FPHeE7Fp6aCfOWoI6TCBS7CmhTUy8VwW1%2BTVJO0axoUj0vLI9Y90jnjAuRD0X0LQgorQVUYaQs%2Bf%2Bvfa5s%2F8iWBdoz87gF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9b2581f56c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gloomilysuffocate.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 | 192.243.61.225 | 200 OK | 12 kB |
URL GET HTTP/1.1gloomilysuffocate.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
Hashf47416e3add236438b70c0cb7979f822 a2cd7728a12f689671539554d73a22f68d093530 98aff9afb779357db40614b37eb5b73de6b2c5f0e7dfc9aa70692f2dd55833b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:52 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Thu, 09 May 2024 22:00:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 09 May 2024 22:00:52 GMT; secure; SameSite=None
uncs=1; expires=Thu, 09 May 2024 22:00:52 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 09 May 2024 22:00:52 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 09 May 2024 22:00:52 GMT; secure; SameSite=None
slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]; expires=Wed, 08 May 2024 22:00:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2ff66aa8996dda2b53d54fe216965d15
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=177161 | 135.181.208.216 | 200 OK | 674 B |
URL GET HTTP/2dog.seetron.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=177161 IP135.181.208.216:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjecta.bdsmz.tube FingerprintAA:4D:03:7A:4E:94:8C:76:58:6E:53:CC:8E:99:24:E6:51:84:BF:05 ValidityFri, 03 May 2024 10:27:08 GMT - Thu, 01 Aug 2024 10:27:07 GMT
File typeASCII text, with very long lines (814), with no line terminators Hash2db245db440f103d7c2b7b45ed02c5fb a2a8675246f4c057c34b2c3798ec36b7ea87d551 e91a21c620943d374e6cdacc70a06ee8a42e3442d0fd1413f3e4853598953701
GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&sid=5b432352-2b7d-4cb5-972e-a0603ad74011&i=1&kw=file%20upload%2Cshare%20files%2Cfree%20upload&s1=177161 HTTP/1.1
Host: dog.seetron.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
set-cookie: nauid=fT2hfofyILTHaGivWW1D; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/sm.25.html | 172.67.39.148 | 200 OK | 716 B |
URL GET HTTP/3static.addtoany.com/menu/sm.25.html IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeHTML document, ASCII text, with very long lines (744), with no line terminators Hashc3c97893ca5c74e7504aa4ec474ea41b cdccb12d7e73682e0e807107243ede7d5e14c962 b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00
GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KDW4diA%2BEdy8OJCA%2BpLQ3gmSCi7vKsIXChBvTfZhzGq8tW7aSgoBp4ko5y0Wfi66JNOUEgnNTCRlGyJjb1nGdgevGDDRtPFAHoY%2BbgJySZ8EQL4gSUts1vSKtTOhLXaOnaC5J7u8rg4y8pfyPKUkaxP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 12116
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99a4a4f5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=49 | 172.240.253.132 | 200 OK | 0 B |
URL GET HTTP/1.1gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=49 IP172.240.253.132:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=49 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| xcumwebcam.com/thumbs/AA/j1/7B.jpg | 104.21.14.119 | 200 OK | 25 kB |
URL GET HTTP/2xcumwebcam.com/thumbs/AA/j1/7B.jpg IP104.21.14.119:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectxcumwebcam.com Fingerprint85:FC:8E:26:56:ED:EC:5F:6C:0C:68:68:3F:1F:05:F1:A1:50:34:A8 ValidityMon, 22 Apr 2024 06:49:07 GMT - Sun, 21 Jul 2024 06:49:06 GMT
File typeJPEG image data, baseline, precision 8, 556x416, components 3 Hash7a9745443e92e2c8921f02851512e636 88e93fea923647bcb7093708cd881ff70ef5cb87 38df46a26a1e898f11893257790cfb573b0ba0cf872b1225df823b71bb0c19a2
GET /thumbs/AA/j1/7B.jpg HTTP/1.1
Host: xcumwebcam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 25245
last-modified: Wed, 28 Feb 2024 17:11:33 GMT
etag: "65df6945-629d"
expires: Thu, 30 May 2024 16:17:44 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 711792
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2tqyh8FiVBA0MjjG%2FxGdcv2iECO4PzDxhx16uARi3jcg9CX5EWkIE4ePVd%2BwlEJuq80FZ5%2FWylgC1xi%2F2rQ0MavQ4c%2Bm04bs4xGikvVXkndDricpiwWc6g391ffl65Tqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b9dcd5568d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/31bV2Jy | 172.67.205.77 | 200 OK | 239 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/31bV2Jy IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashd5b23342c3da61ad8cb32c85b5a9a6ca 3ca89fd68565941a5f5dec87720a2164c9b860ae 53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb
GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3zMI1weX9LAGQVLvvD5rR7NL2j2ED1ksYuzKXsC9Wm%2BUfwlCcVB0KkczSiYjn40mzGEgsZT4r0l%2BYZ9dv7vs6bG5794n2mAdIfjMip%2Finh58Zg20gTDVuYsrLNK7JXtPgiSCRXLEFcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99bba52b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 69indian.com/thumbs/AA/gs/1S.jpg | 172.67.195.23 | 200 OK | 14 kB |
URL GET HTTP/269indian.com/thumbs/AA/gs/1S.jpg IP172.67.195.23:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subject69indian.com Fingerprint02:44:AF:DF:DC:35:9B:8E:2F:BA:31:BF:8A:2B:42:28:10:1D:89:D8 ValiditySun, 31 Mar 2024 19:47:58 GMT - Sat, 29 Jun 2024 19:47:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 280x210, components 3 Hash21e66d237ad23c0aef82cd3575ecb4db 6ed06da77ce31cd1eb53b4b785e918192140244f 30cca9e83e5759d1bf986eaaccea2fa9bad19699735fb460c0556f38fa53cf21
GET /thumbs/AA/gs/1S.jpg HTTP/1.1
Host: 69indian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 13562
last-modified: Thu, 25 Apr 2024 10:47:05 GMT
etag: "662a34a9-34fa"
expires: Thu, 30 May 2024 16:17:32 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 711803
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P971r0KLmLVKbKG2Eg7wAON13gT8R1kNph9aBlrIe4u%2BjViBCelQVjxPwW9XeaRAC%2F6vRHKoAzct7yTot3jPflt4b61gigPCPEl7ZD%2FTGkF6fUj%2FSZMVA5r13DzHPlw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9ba6d47b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 4.5 kB |
URL GET HTTP/2videzz.net/js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (4724), with no line terminators Hashf3ccae55608834d0e7acfde8a7235903 16cd94840b9d0105558c5f8b26ac51845d84bb2e 8d950b465b8cb006d19d702a1d15e209cb10b861f5ead615e7f9625469605ef2
GET /js/embed.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-1183"
expires: Fri, 07 Jun 2024 21:58:41 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 42 kB |
URL GET HTTP/2videzz.net/sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (42324), with no line terminators Hash764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa
GET /sw.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:27 GMT
vary: Accept-Encoding
etag: W/"662ca993-a554"
expires: Fri, 07 Jun 2024 21:50:59 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| 69lesbi.com/thumbs/AA/n0/m6.jpg | 172.67.212.50 | 200 OK | 49 kB |
URL GET HTTP/269lesbi.com/thumbs/AA/n0/m6.jpg IP172.67.212.50:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerLet's Encrypt Subject69lesbi.com FingerprintA3:C4:A1:C1:E3:54:F0:48:7C:B1:8B:9C:66:55:7F:77:7C:EE:21:CF ValidityWed, 08 May 2024 19:14:37 GMT - Tue, 06 Aug 2024 19:14:36 GMT
File typeJPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.37.100", baseline, precision 8, 1280x720, components 3 Hash2bf48be9b4af401bf6150f944d46a6ce 545ced166d8b0c12d92427bf7d2cfe86d5f41e6d 67d3ea7477562eec1d4d0fb366b594cd83ef9602ce8b5351f423e55fad78c94e
GET /thumbs/AA/n0/m6.jpg HTTP/1.1
Host: 69lesbi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:56 GMT
content-type: image/jpeg
content-length: 49025
last-modified: Sat, 27 Apr 2024 09:22:05 GMT
etag: "662cc3bd-bf81"
expires: Thu, 30 May 2024 18:38:20 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 703356
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kj2Nc2x6ig1zJEUgYnUDP%2FWEs%2BgbH1Ztz96vfXOxAgfd9dvceHEfYHyaSYk2L7ovws0eA4fEskGqB90ZdHfctJErrDBkMi5USM4sNj3c9ojGtGZjtFAEDh1i85R4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9bb19cc712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/js/videojs.stm.5.min.js?0.887875722685919 | 78.142.18.54 | 200 OK | 7.2 kB |
URL GET HTTP/2videzz.net/js/videojs.stm.5.min.js?0.887875722685919 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (7493), with no line terminators Hash559fdbbfb2f700ef277f69b35a097d54 df1d4bf430b37e066e4e3187d621c954d581c160 d30c79b738e33d406468f33a059c11238995e485cad39bb31a721f370baa05c5
GET /js/videojs.stm.5.min.js?0.887875722685919 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1c25"
expires: Fri, 07 Jun 2024 22:00:50 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2
|
|
| allvideometrika.com/f.php?sid=212515 | 188.114.97.1 | 200 OK | 0 B |
URL GET HTTP/2allvideometrika.com/f.php?sid=212515 IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectallvideometrika.com Fingerprint0F:3F:B1:7E:F7:3C:77:24:1C:85:B2:89:15:11:43:1A:AD:64:DF:13 ValidityTue, 23 Apr 2024 13:34:13 GMT - Mon, 22 Jul 2024 13:34:12 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofbCc17cWe5BURbThwd8PJsouM%2BuHyyzhscDSWgjCY3p9Gu90apVxKO9wtta80EN7WSeiSIRZ0ijxD1ROFYndJqOQHE7l1hF3iDP7BjmfPSXLqUWzNg8KkWGcbJWOdGBN823h9Zm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99f0c6c1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| videzz.net/favicon.ico?v=2 | 78.142.18.54 | 200 OK | 1.2 kB |
URL GET HTTP/2videzz.net/favicon.ico?v=2 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash07075ddac650ad1577e310576f4ac231 1c8f551262fac5a047a268b82fa932c405ab13ff c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901
GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1; file_id=31506691; aff=177161; _ga_HEX1BG8H46=GS1.1.1715205652.1.0.1715205652.60.0.0; _ga=GA1.1.954953136.1715205653; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; dom3ic8zudi28v8lr6fgphwffqoz0j6c=04c1b1b9-380c-43e3-af2c-af288c37dc21%3A1%3A1; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=gloomilysuffocate.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:53 GMT
content-type: image/x-icon
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-47e"
expires: Fri, 07 Jun 2024 21:52:50 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| cdn.itskiddien.club/?rb=soHTjhaHmt-xL7u5gnEA_LDEcmFWcrsn3jER2hTHGiJPFT--fA7imV5m1zkv3HkkMKoDiIVfiWbHUqfQS657Jc79F6ruUao1vF_AckL_-R24V8HxT_w6gwSL7rFjK5ITmjMQGwDCbinPGRSqArKU4Sw5j61VSHQXhm3siL-7cZoe_t8Jh6G7_dHtbX0biKoVuVLfEnQMBVBeCgCaSAw6JlZL0jiGx5GlaF5w9g-K5EwjA0v7mgDglpXUZOLaLxMu5VPHxfJgUpQE17ZE&request_ab2=0&zoneid=5902452&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=e0a4e389-a650-448b-8c04-39fb14d6e963&userId=008056981a644e26ef5bfb4f674782a5&m=link | 139.45.197.236 | 200 OK | 2.4 kB |
URL GET HTTP/2cdn.itskiddien.club/?rb=soHTjhaHmt-xL7u5gnEA_LDEcmFWcrsn3jER2hTHGiJPFT--fA7imV5m1zkv3HkkMKoDiIVfiWbHUqfQS657Jc79F6ruUao1vF_AckL_-R24V8HxT_w6gwSL7rFjK5ITmjMQGwDCbinPGRSqArKU4Sw5j61VSHQXhm3siL-7cZoe_t8Jh6G7_dHtbX0biKoVuVLfEnQMBVBeCgCaSAw6JlZL0jiGx5GlaF5w9g-K5EwjA0v7mgDglpXUZOLaLxMu5VPHxfJgUpQE17ZE&request_ab2=0&zoneid=5902452&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=e0a4e389-a650-448b-8c04-39fb14d6e963&userId=008056981a644e26ef5bfb4f674782a5&m=link IP139.45.197.236:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectitskiddien.club FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2387), with no line terminators Hashd57279e32bedae05142d077e34ad23ea fe1323741925f0776be4aa5c6c62c49fdd746ad1 6f881a7df77414f498f9eec1a55e1cd4cb149ad8e44eef1067ce69f4ac5f28ad
GET /?rb=soHTjhaHmt-xL7u5gnEA_LDEcmFWcrsn3jER2hTHGiJPFT--fA7imV5m1zkv3HkkMKoDiIVfiWbHUqfQS657Jc79F6ruUao1vF_AckL_-R24V8HxT_w6gwSL7rFjK5ITmjMQGwDCbinPGRSqArKU4Sw5j61VSHQXhm3siL-7cZoe_t8Jh6G7_dHtbX0biKoVuVLfEnQMBVBeCgCaSAw6JlZL0jiGx5GlaF5w9g-K5EwjA0v7mgDglpXUZOLaLxMu5VPHxfJgUpQE17ZE&request_ab2=0&zoneid=5902452&js_build=iclick-v1.791.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=12&pl=https%3A%2F%2Fvidezz.net%2Fembed-4mqtknqed6xv.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.791.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=e0a4e389-a650-448b-8c04-39fb14d6e963&userId=008056981a644e26ef5bfb4f674782a5&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=008056183bbb4651f9fc78403abfd92c; oaidts=1715205655
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 22:00:56 GMT
content-type: application/json
x-trace-id: 5a9a3db6078347b08ced8c5e37a2f865
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008056981a644e26ef5bfb4f674782a5; expires=Thu, 08 May 2025 22:00:55 GMT; path=/; secure; SameSite=None
oaidts=1715205655; expires=Thu, 08 May 2025 22:00:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 15 May 2024 22:00:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| videzz.net/js/jquery.min.js | 78.142.18.54 | 200 OK | 96 kB |
URL GET HTTP/2videzz.net/js/jquery.min.js IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeJavaScript source, ASCII text, with very long lines (32086) Hash8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:42 GMT
vary: Accept-Encoding
etag: W/"662ca9a2-1762a"
expires: Fri, 07 Jun 2024 21:55:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/page.js | 172.67.39.148 | 200 OK | 3.0 kB |
URL GET HTTP/2static.addtoany.com/menu/page.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeJavaScript source, ASCII text, with very long lines (3132), with no line terminators Hash40486591ae8ea6d1423aeb13f1fd509b f847af56588642de93c6fe0d2ce182303f312455 16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EgezfhqgqVTMRSCdIrsKRfYkTxH%2FPj8LGo%2FZi7bo9fU4bzjrWOUuM%2FuqWdESz21N5bpaJYUt1gOALJJNuyaI4ehXqxRbTvLTpK26n%2FiZMmvypcd9Sxrz%2Bq3mFCmK6Ma%2FchKwisEm"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20558
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb995580256b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 5.5 kB |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3JjVm5LyS%2BCgEoRyl%2BSxSiREX9alW8ogKCXP%2F7nyY6rAb2FU3oCRMzOAARwuS4ZS%2F0huWcoSM7TL9IjgxBrpsXNfPOEF0Y52vdGgBG5FI4RbVWJxCrjnk%2FQ33px05zzL6cydwsUngY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99fdf477130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 98
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31bV2Jy
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z7bTCxhS%2FtusVxHx6zK8x75prTrpbN3GXN9fUyOPoK1cGcT0Vzbw%2F9YHHc4sfn044vGySHz6FytRcqe0uQjZ8i7pKGqg9HhoNAuW1wXpKQbePIAdO%2F%2B%2B%2FJG3lOuz6jFPEcx3EYpJhic%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9a04f9c7130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerSectigo Limited Subject*.zeusadx.com FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0 ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| static.addtoany.com/menu/svg/icons/facebook.js | 172.67.39.148 | 200 OK | 429 B |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/facebook.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (439), with no line terminators Hash874e1638740e061f9fa55eda3180724c 108a7e30fa0f7d50b961845ec970a2745f3c821f d1bf990d09417220fcb615079a569e0a403c75beef0eac536e5976b7751c0370
GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6B%2FV6ADt517psBnU6gY21U1Bic9HzuXd7VQoHHzOpIzDwZJWTz9ICNXIC3sHbp8LbOg8q2%2FF%2BORds3rmW9O1Ls0y6Q7edGN6XzyiY6nnZTscstDrjHgjuWo%2BViAul%2B3fVrY3dDtWjAtHYik3CIlkPl%2B8"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 15616
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee5e5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSuqVdFq4Wzx4FX%2BeKr3gTRRESW3m3amMHyy3MRN0sG2ty%2Fgy5%2FVGR0lkmop3YVPEvHpb2PyJcrEOigI579yXm7w%2B7W13f5v19qpF7Ew6qU5Ylg943rUCHpeRzcdcBbQQLU6grtnOkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99fbf327130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdP%2F5viT955HF3xJ0s35r%2BaKg4EiT822mQgyo0hL6jQckc9O%2F6RG%2FEfM5JkfO7SIBkbTPGQtQDE4HY3DaJhyhQ3GmNFXa7pduxvHiGb4E%2BXIagrWBADtIymV7XFBxDniIoCz2pa4CwY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb9a01f787130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 170 kB |
URL GET HTTP/2videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
File typeASCII text, with very long lines (50421) Size170 kB (169541 bytes) Hashbf9af199b5ef61988f82fa239ebf61da d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d
GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 07:30:38 GMT
vary: Accept-Encoding
etag: W/"662ca99e-29645"
expires: Fri, 07 Jun 2024 21:55:31 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c | 142.250.74.168 | 200 OK | 275 kB |
URL GET HTTP/3www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP142.250.74.168:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File typeJavaScript source, ASCII text, with very long lines (7711) Size275 kB (274642 bytes) Hash2eb3ee75da7c58ef6d00ecfad8b62f40 4a3fe865a7166e8dbc321841462e23982f2dd455 e55cd4c24921e69c212cef768dd26326da1ad56e9be2d2a50732aaa4a3e59992
GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 22:00:52 GMT
expires: Wed, 08 May 2024 22:00:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/0YDX8OE
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCIqmOxUNyTvP1F6LXo5WfQNjWZXCAr05jntYquYOH1p%2Fs%2Bgbf1UCqJcnzwY4YdE6Srm%2F0Qf5WzKbPJjqzb3rI4n2dxhQeyIefYoYC49lyx%2BAqYNg7WQwtOKPOTi4B7ypw3lElPbSGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99eee537130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=45 | 192.243.61.225 | 200 OK | 0 B |
URL GET HTTP/1.1gloomilysuffocate.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=45 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectgloomilysuffocate.com Fingerprint4E:51:75:6E:41:71:BE:56:1C:2E:83:BC:8F:79:51:1F:72:41:E2:54 ValidityMon, 06 May 2024 12:41:11 GMT - Sun, 04 Aug 2024 12:41:10 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=45 HTTP/1.1
Host: gloomilysuffocate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecfd40b682a05e4aaf489d29601350aa66=[5210995,5210997]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Wed, 08 May 2024 22:00:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 | 78.142.18.54 | 200 OK | 416 kB |
URL GET HTTP/2videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP78.142.18.54:443 ASN#208046 ColocationX Ltd.
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectvidezz.net Fingerprint89:44:E3:9D:95:DD:6E:D2:2B:FB:70:64:42:59:D2:BF:B6:36:E7:33 ValidityThu, 02 May 2024 00:27:53 GMT - Wed, 31 Jul 2024 00:27:52 GMT
Size416 kB (416358 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/embed-4mqtknqed6xv.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 08 May 2024 22:00:50 GMT
content-type: application/javascript
last-modified: Sat, 27 Apr 2024 07:30:33 GMT
vary: Accept-Encoding
etag: W/"662ca999-65a66"
expires: Fri, 07 Jun 2024 21:59:44 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/sub/Pj8pz0z | 172.67.205.77 | 200 OK | 234 B |
URL GET HTTP/2bid.bidclickmedia.com/sub/Pj8pz0z IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
File typeHTML document, ASCII text, with no line terminators Hashec45c51dfcbeb0d487d6d2ccf0cd9a23 eadd83e9b3def654d52e1b93ae5f5c13d8a69c99 3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce
GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:51 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2FYFaaaIC9e9nhilT0%2FQSXKS%2FM3Pa4Qk9KT3P3FpqdpP6BwIRFNnwlQNhYx%2FYsDY%2B%2BvLoRddoOh3dRsXwvZ7PM6JwgwbvbX7fhDjmHNdfYAPa1xkgoIWltk5%2Bf1CF26fhR5nK9Fk5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99b7a13b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bid.bidclickmedia.com/load | 172.67.205.77 | 302 Found | 0 B |
URL POST HTTP/3bid.bidclickmedia.com/load IP172.67.205.77:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectbidclickmedia.com Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7 ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/Pj8pz0z
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Wed, 08 May 2024 22:00:52 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDrXdtFImWCaQa7xLg%2FP97f1zTUvEW4huJwNlwpTyJu6OMI1V6%2B2jLpnLLlu2mGjbpJ5WLFYsx3XoVL7MxXuXgyzlvies0KyUARL5eIpcSp81bhM5JAsKvfbpjMmwgtkyXU%2BNJOOfwA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880cb99f2e9f7130-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js | 188.114.97.1 | 200 OK | 9.5 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js IP188.114.97.1:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeUnicode text, UTF-8 text, with very long lines (8821), with no line terminators Hashd0707ac5d95047febbb8f131cc7a9af4 65021f149e99900eeaf7d298d2303160872b43f3 3e2e7ab351d401339df520fbd7ce4f177643dca01cad22bf59dd4b3e14853810
GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:53 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6629
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZmpRUNpOJVzPBPMKhv1CnDRy5S80pN7HaVZMKvCeCm%2BT%2BC1N4cMS21tqyZyV2zlN8KAY6n1pESExQ9zJMmiO3azuMtznoP6bJXzHBXjOIGiql%2BcUVvbdAHyUSw41WdMc9BFLZb5fLjCi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9a439517128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| porn13.com/thumbs/AA/Ug/ys.jpg | 104.21.93.203 | 200 OK | 27 kB |
URL GET HTTP/2porn13.com/thumbs/AA/Ug/ys.jpg IP104.21.93.203:443
Requested byhttps://topsites.hadesex.com/?source=761082465&site_id=560254&spot_id=560254 CertificateIssuerGoogle Trust Services LLC Subjectporn13.com Fingerprint58:FC:38:73:36:76:B0:01:FD:A4:8D:7A:C1:D7:76:23:7F:55:F6:2A ValidityMon, 11 Mar 2024 02:37:58 GMT - Sun, 09 Jun 2024 02:37:57 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.18.100", baseline, precision 8, 352x171, components 3 Hashbbcaf5cb7e0d9a078f7d2d62fb3aaad8 95ce03abf9618f05f521c48fe487bbdb7d06e5af 12414585deb56a9d483d9b23eea3a32dc04c1646385fc385b3edd78bc52b34c8
GET /thumbs/AA/Ug/ys.jpg HTTP/1.1
Host: porn13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://topsites.hadesex.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 08 May 2024 22:00:55 GMT
content-type: image/jpeg
content-length: 27104
last-modified: Fri, 19 Aug 2022 16:16:31 GMT
etag: "62ffb75f-69e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 711789
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kWuweYvGljpE1C9aClIow4ilC36FX5CR8pRikux608wfJQ9oMo%2BiEdCGmXSxcTsV54l%2FPmCzWec0LQXbmJVJh5OyiraO9JkVL6OWlzcgpbWL4Uo9XYqxTVruCcEq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880cb9b1fb6cb521-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.addtoany.com/menu/svg/icons/viber.js | 172.67.39.148 | 200 OK | 1.0 kB |
URL GET HTTP/3static.addtoany.com/menu/svg/icons/viber.js IP172.67.39.148:443
Requested byhttps://videzz.net/embed-4mqtknqed6xv.html CertificateIssuerLet's Encrypt Subjectstatic.addtoany.com Fingerprint5B:74:98:2D:F8:22:DB:0D:4E:74:B7:99:A7:7C:80:F6:CA:1A:8E:CA ValidityTue, 23 Apr 2024 07:56:27 GMT - Mon, 22 Jul 2024 07:56:26 GMT
File typeASCII text, with very long lines (1027), with no line terminators Hashb216786a6e2822572e4c78284416fd02 b3a072140d798b6734431ff6a890da7cb8c701ce 265af7156e77fce7638988053d5b3f4894c92ae2bdacac504131a96cf6a0d370
GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 08 May 2024 22:00:52 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GF6l98r1SQYqjDtri4QPzTS5LMOpdVchUnK6BVf%2BlLdjgGTOroVtLoEgBZGV4DnC%2F8H50pBgMuYKNEVy7bN4602BG8Zh2ixMmsk5rDi0fS%2FzgSJQkky1xyzinR9KyteZiB1mtIVLwxRzIrwIJnPctQZD"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12262
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 880cb99dee665689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|