Report - videzz.net/jnkrqh6gmlbn.html

Report Overview

Submitted URL
videzz.net/jnkrqh6gmlbn.html
IP
78.142.18.54
ASN
#208046 ColocationX Ltd.
Submitted
2024-04-19 10:34:59
Access
public
Website Title
Watch Kono Suba Gods Blessing This Wonderful World S03E01 VOSTFR 1080p WEB x264 Tsundere Raws Wawacity city mkv
Final URL
videzz.net/jnkrqh6gmlbn.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
90

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-18	1.0 kB	89 kB	104.18.10.207
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-19	914 B	710 B	35.158.46.84
str35.vidoza.net	unknown	2016-11-18	2022-12-28	2023-09-17	1.5 kB	36 kB	109.202.99.227
specialsaucer.com	unknown	unknown	No data	No data	7.6 kB	47 kB	172.240.108.76
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-18	1.5 kB	846 B	192.243.59.13
zv.7vid.net	unknown	2018-07-27	2023-07-29	2024-03-08	679 B	541 B	135.181.208.216
allvideometrika.com	unknown	2022-05-16	2022-05-16	2024-03-08	520 B	705 B	104.21.83.61
profitablegatecpm.com	unknown	2024-02-05	2024-02-06	2024-03-06	435 B	17 kB	192.243.61.225
myliveforyoudreder.com	unknown	2023-07-27	2023-07-27	2024-03-08	402 B	1.8 kB	104.21.40.134
cdn.itskiddien.club	unknown	2022-10-06	2022-10-06	2024-03-04	1.6 kB	89 kB	139.45.197.236
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-17	814 B	173 kB	104.21.35.227
kr.cafenehkikki.com	unknown	2024-02-08	2024-02-22	2024-03-08	400 B	1.2 kB	23.109.170.29
xml.zeusadx.com	330930	2019-08-07	2019-09-23	2024-03-08	1.7 kB	578 B	174.137.133.17
tfosrv.com	65142	2020-11-17	2020-11-18	2024-03-08	1.3 kB	1.0 kB	216.18.168.29
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-19	3.0 kB	99 kB	104.17.25.14
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-19	2.5 kB	120 kB	142.250.74.106
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-04-16	500 B	23 kB	104.26.7.19
app.launchdarkly.com	1861	2014-07-15	2015-06-15	2024-04-18	2.9 kB	3.5 kB	151.101.2.217
cdn.o333o.com	158144	2015-02-16	2015-05-28	2024-03-08	393 B	138 kB	143.204.55.31
r.mylot.com	unknown	2004-09-03	2018-03-13	2024-03-17	550 B	771 B	54.208.156.204
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-04-18	2.0 kB	106 kB	172.67.141.24
veepteero.com	unknown	2023-05-08	2023-05-09	2024-03-25	1.5 kB	19 kB	139.45.197.242
tgp1.brazzersnetwork.com	143376	2006-12-23	2019-05-08	2024-03-24	11 kB	2.2 MB	66.254.114.234
images-assets-ht.project1content.com	140041	2018-04-17	2018-06-19	2024-04-06	470 B	2.5 kB	64.210.135.118
bid.bidclickmedia.com	unknown	2022-09-19	2023-03-09	2024-03-08	5.3 kB	57 kB	172.67.205.77
svanh-xqh.com	unknown	unknown	No data	No data	630 B	632 B	52.4.208.38
static-landing-assets.project1content.com	125763	2018-04-17	2021-09-02	2024-04-16	34 kB	15 MB	64.210.135.118
aistekso.net	unknown	2023-10-16	2023-10-16	2024-03-26	924 B	92 kB	139.45.197.244
static2-ma-ht.project1content.com	unknown	2018-04-17	2022-07-17	2024-03-23	4.2 kB	1.8 MB	64.210.135.118
videzz.net	unknown	2024-02-28	2024-03-04	2024-04-18	13 kB	2.5 MB	78.142.18.54
xml.xmlking.com	unknown	2020-07-27	2020-11-12	2024-03-08	1.1 kB	274 B	174.137.133.17
trafforsrv.com	101761	2017-12-28	2018-01-12	2024-04-15	596 B	415 B	216.18.168.28
s.pemsrv.com	unknown	2023-08-01	2023-08-04	2024-04-06	1.3 kB	2.5 kB	95.211.229.245
s.o333o.com	unknown	2015-02-16	2015-03-05	2024-03-24	389 B	1.2 kB	85.10.205.45
events.launchdarkly.com	1653	2014-07-15	2016-02-06	2024-04-12	1.3 kB	993 B	34.203.87.70
xml.cachegorilla.com	unknown	2021-07-23	2023-11-27	2024-03-08	561 B	139 B	173.239.53.20
ossgogoaton.com	unknown	2022-04-18	2022-04-18	2024-02-03	397 B	74 kB	172.67.184.45
tr.7vid.net	unknown	2018-07-27	2023-12-16	2024-03-08	3.2 kB	157 kB	135.181.208.216
www.google.no	25607	2001-02-26	2016-04-05	2024-04-19	575 B	578 B	142.250.74.163
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-04-18	453 B	739 B	139.45.195.8
fleraprt.com	unknown	2022-01-14	2022-01-14	2024-04-10	559 B	478 B	139.45.195.254
clientstream.launchdarkly.com	1222	2014-07-15	2017-04-20	2024-04-18	753 B	552 B	0.0.0.0
backfiremountslippery.com	unknown	unknown	No data	No data	487 B	467 B	172.240.108.76
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-04-18	1.7 kB	864 B	216.239.34.36
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	3.7 kB	226 kB	216.58.207.227
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-19	1.3 kB	372 kB	142.250.74.40
static.addtoany.com	4091	2006-03-10	2012-05-21	2024-04-18	4.5 kB	95 kB	172.67.39.148
www.affectionwave.com	unknown	2019-07-02	2019-07-06	2023-12-25	1.0 kB	167 kB	178.62.22.16
tzegilo.com	unknown	2022-01-14	2022-01-14	2024-04-03	393 B	20 kB	172.67.193.52

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	cafenehkikki.com	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-19	medium	backfiremountslippery.com	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-19	medium	unseenreport.com	Sinkholed
2024-04-19	medium	unseenreport.com	Sinkholed
2024-04-18	medium	fleraprt.com	Sinkholed
2024-04-18	medium	veepteero.com	Sinkholed
2024-04-18	medium	aistekso.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	ossgogoaton.com	Sinkholed
2024-04-18	medium	tzegilo.com	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	aistekso.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-19	medium	specialsaucer.com	Sinkholed
2024-04-18	medium	videzz.net	Sinkholed
2024-04-18	medium	veepteero.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (88)

	URL	Size	First Seen	Last Seen
	static.addtoany.com/menu/svg/icons/telegram.js	360 B	2023-03-08	2024-05-02
Pretty URL static.addtoany.com/menu/svg/icons/telegram.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:33:09 Last Seen2024-05-02 14:39:57 Times Seen807 Hash 48f25c508c92c3601cf047609318001f 59117e825084c63a0dda48edec82c14a60e16f23 6415561e892cf9d614e7179f71353af4ceadfd641d71c42fe54c9420eb0d0138 Loading...

	cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js	18 kB	2023-03-07	2024-05-01
Pretty URL cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-05-01 16:30:53 Times Seen2821 Hash 12dd498bf90c536803c2aad708b66c2b 5f9363d39a405d1c94328cf2303ff4a05c0ad163 c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a Loading...

	static.addtoany.com/menu/page.js	3.0 kB	2024-04-12	2024-05-02
Pretty URL static.addtoany.com/menu/page.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-02 14:39:57 Times Seen603 Hash 5f984fdd1d3384220c67422c1f544a95 79c8a48b5fab47972dd69ce7dfd08cee895006b5 6e0cc78c402cbc02fdfd41cd77c5fd6ffbd8066cc07935ea8eb5f3fcc59744a3 Loading...

	videzz.net/jnkrqh6gmlbn.html	162 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen78 Hash 035c117549bb95ad0992ae461d89e44e 2f45bc18613030f169e7c8ef25553df24e7003b6 0d89ce1d538634aeb6d56fa061bb107311c5daaa1c59aed01cb4e18c48081a96 Loading...

	videzz.net/jnkrqh6gmlbn.html	357 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen78 Hash 824c86e507e4c27bb34b991feedb5820 06bd36505ef9492db28ebb53c740d5c17d4516b4 0c45ee272e41a3a37bb7d5a0881665e4d54b762e20921cdb145bf5539fe4f551 Loading...

	videzz.net/jnkrqh6gmlbn.html	1.9 kB	2024-04-19	2024-04-19
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:11 Times Seen1 Hash b1e048f9bc674fff321b20c5ac562540 e3739d200ba53df668e6af1832e21e27355d24b0 e01e57afa81fbb378ae759912040710f5fc4a9ee3f063280f0f915689f8c6c9f Loading...

	videzz.net/jnkrqh6gmlbn.html	475 B	2023-03-07	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-01 23:07:57 Times Seen27 Hash 7019cbe0012d5199f2f496e930f3bf61 5d1696302b432ac66a71a81f8899876ddcd019b8 092b3dfb5e9bb66a05ea11eb25003bc70f3d1ebe6cd384f274e1b17eeb9b4ae7 Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.8a9c57b6.js	5.2 kB	2024-04-10	2024-04-20
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.8a9c57b6.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 07:59:09 Last Seen2024-04-20 10:16:53 Times Seen7 Hash 8194f56e6a8c546c2c17ed91bdadc57a c21007a6b083b8d6454c130ef521cfe8f8772b2f a538e97712871afe603143b1daf1fb2395c9522c263e78a27de5250d3fabdecc Loading...

	videzz.net/js/ads.js?v=1.0	211 B	2023-03-07	2024-05-02
Pretty URL videzz.net/js/ads.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:16:00 Times Seen137 Hash 09f34de71e8853387dd398fbb263af69 4ccb7007fcebcffe64eaa80f2991509fdbac55d5 6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523 Loading...

	ossgogoaton.com/tag.min.js	72 kB	2024-04-19	2024-04-19
Pretty URL ossgogoaton.com/tag.min.js IP 172.67.184.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 01:42:11 Last Seen2024-04-19 12:35:15 Times Seen4 Hash 20066b7d91ff72a24f0fa316e1061697 92eefc40f32b0098d984a125a067fc0505aec18f 7a9bf5b03fcbd400094b193d716f62044efc0acb171ac7475c5a798f3e4d04f2 Loading...

	videzz.net/jnkrqh6gmlbn.html	88 B	2023-03-07	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-01 23:07:57 Times Seen21 Hash 07b30612e7898526d72c8ce77c650c47 d6f554e4eb7ad6deb003a0541c0bbe264563059a 5d764749f6b3215245da9aa4db9e35df149910d9e5d69bbd108ddf7fbe5957df Loading...

	videzz.net/js/videojs.stm.5.min.js?0.189641347629596	7.2 kB	2024-03-08	2024-05-02
Pretty URL videzz.net/js/videojs.stm.5.min.js?0.189641347629596 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-08 05:50:53 Last Seen2024-05-02 05:15:59 Times Seen41 Hash 4630f52d883cdd6dc5b7e0aee209fe40 ae08102d07ab32e76d5dbd12fa7db315e6f51f4e b74ebfdefad877a934b2e7d38afb3a56ad4db4ebbd88a72b7ae4a44fad74c0d3 Loading...

	videzz.net/jnkrqh6gmlbn.html	42 B	2023-03-12	2024-04-30
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 17:26:16 Last Seen2024-04-30 21:01:49 Times Seen31 Hash ef7ab1eb5fe88b692b3d8d65ff95a2c4 1339642288bd1758b6b3864292da22d085349752 c2ba1c539107eb3a3ceb346cf19e3ba42b4e7104ac2c96dd5495aafb48d0b021 Loading...

	unknown	729 B	2023-07-09	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-04-29 10:27:16 Times Seen11 Hash 8b9caf322dc087ac4a7ead0a2ac35741 256a95350057596038880e672b77dc7feff104ca 900b56e1419fc696fc2a74f5f4983724e2667ec390e175c3f8411b04efecfa0e Loading...

	unknown	810 B	2024-02-04	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-04 03:21:38 Last Seen2024-04-29 10:27:16 Times Seen3 Hash 18ecbb41b612257efafd2e1b48cdcd84 b03d0fbbe2c33e03b2f4f11403fe7f7ca4625fc9 6cbb812a0ed750d54d3c21f2f4a404a82dcfa22cf2d8345e10ed8a1374001cef Loading...

	profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js	44 kB	2024-04-19	2024-04-19
Pretty URL profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js IP 192.243.61.225 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:13 Times Seen2 Hash 522713caa64ef0eb1ef197de23cd75eb 2fd79a9777759162a7649a86ffaec0a6983900a6 dbc1446c430ad574a3c9caf9c4552489513c011105908720f5ccd641033aae3f Loading...

	videzz.net/jnkrqh6gmlbn.html	388 B	2024-04-19	2024-04-19
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:11 Times Seen1 Hash 30fa9e6839e50b9b0074aea0afb67397 f8cfb9d9db9c6e915b819ea27f9d448aae50f794 71b4fa1d128f6b43fe20b3536390defcd8bc1b2d1e670d5d8793ee249025ade1 Loading...

	tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040	674 B	2024-04-19	2024-04-19
Pretty URL tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:11 Times Seen1 Hash 74ef340c7ed060590d8742e03e94c0a2 3c114f7d72958c70a5db169be67f28e0075290a5 d19e06fa54fd8b65738e1ec2264ffdd741796c1841252848a2079ea08238df3a Loading...

	unknown	731 B	2023-07-09	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-09 09:27:21 Last Seen2024-04-29 10:27:16 Times Seen13 Hash 899ffd6924a090dfa639b2692e4f3cf7 bfbedb6f11d2cfcb2cfd342e6516c40e7b32783c 3084dab3a2dd5383ab8bf9ad8a6dbeffe715389883af4a2701c74fa31c893b49 Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js	232 B	2023-03-14	2024-04-30
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:15:36 Last Seen2024-04-30 17:59:09 Times Seen35 Hash ed2f44cc9f2871d8668252e176c16e33 efa4750156409a21bc47ae02827d792d14ca899d 5544d0dd2f72ed204f9d4e9ca610e167ceb31854b27d188e55b1360319962e1b Loading...

	unknown	733 B	2023-10-28	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-28 21:18:21 Last Seen2024-04-19 12:35:11 Times Seen3 Hash 74c7a40e6867c2eee9ab2da9a46cb7e5 f3b8179daf690551dfc0bae43817a0de1d62bc80 133b9a37d572fecb74500875dd620ed87585ba499b137d5bcda34234f6496eee Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.2c1380a6.js	3.4 kB	2024-04-06	2024-04-20
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.2c1380a6.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 13:47:24 Last Seen2024-04-20 10:16:53 Times Seen14 Hash 1174d451890e9880f26274f6d81a7e81 ec7d9e4155f4fed51a6033faf3d696e2e6143864 7ecd67830e1cdf5650958a2917553432860e73644caf9139c477f1042793e5dd Loading...

	videzz.net/js/pop.js?v=1.0	35 B	2023-03-07	2024-05-02
Pretty URL videzz.net/js/pop.js?v=1.0 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:29 Last Seen2024-05-02 05:16:00 Times Seen152 Hash da4bf5414bf75eefb21872f9b59fe6fc e34335e0705397a4ad02c406a2e92333e6d2b0e5 d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d Loading...

	unknown	804 B	2024-04-19	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:11 Times Seen1 Hash 25683cda3111e6318b38f40af77f5594 b00f300e57175c537f1c5c5827481de9aaf41dc2 887a485d142234465c94805cd78e95581468124ef911f46d498a6fd997c5e1e3 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-56DK3TH	204 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-56DK3TH IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:16 Times Seen2 Hash 02e59485d16dcdcb9688bfac890504cc 0b47d1baeec14bd2fb97d18f11134a7c9c9bb589 46acfeb78ea6ff582031d16b7ba69976ca5bab14b94d9abebef1802d78d14867 Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js	421 B	2024-03-12	2024-04-30
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-12 20:15:37 Last Seen2024-04-30 17:59:10 Times Seen33 Hash a94050f26199e41905e348fbc2ad9724 4ad81ca158f6008863628a9dccd0232870a66a05 a97ab9aa6b0d346531f8fab56ba39727ccf80b4101a4b3f09af3eab4d895108d Loading...

	videzz.net/jnkrqh6gmlbn.html	1.9 kB	2023-03-26	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-01 23:07:57 Times Seen62 Hash 82e1ab0f6fb26e1a626e1ad6812a2e50 ff89302fd6c7736cfe3c0ce1bea0da569a763ced c1133cdc2ae23220a521a156d0edc736cea501341435673899a05f4d54597373 Loading...

	static.addtoany.com/menu/svg/icons/facebook.js	429 B	2024-04-12	2024-05-02
Pretty URL static.addtoany.com/menu/svg/icons/facebook.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:44 Last Seen2024-05-02 14:39:57 Times Seen79 Hash 014bcc757e484e12e3aea6c9d768fd4b 4c17157d0012f8002e4e6cf77c5f4a9747792cf4 4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49 Loading...

	static.addtoany.com/menu/svg/icons/reddit.js	893 B	2024-04-16	2024-05-02
Pretty URL static.addtoany.com/menu/svg/icons/reddit.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 17:58:32 Last Seen2024-05-02 14:39:57 Times Seen56 Hash 408cc755e613b4f00fbe10d7411ed087 14341990ed687477b3addbdd1a3b50ae8a98589b 68ed9b82b62d45cf5d12587a7e9566a4ddeb94d69bcb225e9e3c7268c76b3cbb Loading...

	tzegilo.com/stattag.js	19 kB	2024-02-10	2024-05-02
Pretty URL tzegilo.com/stattag.js IP 172.67.193.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-10 03:00:18 Last Seen2024-05-02 12:52:37 Times Seen1426 Hash 70ebd404c2e1e7bad13998538b56887c 86e57af8ba3cfc2c004da3311835f6b54ba6d848 d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f Loading...

	tr.7vid.net/LrfK7A3.js	239 kB	2024-03-22	2024-05-02
Pretty URL tr.7vid.net/LrfK7A3.js IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-02 10:28:57 Times Seen329 Hash a6781eeb8be115c2cc64c5b4898e5b9d 76001e6e130f936956842ce1fb672ca16be2370e cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2 Loading...

	cdn.o333o.com/vast-im.js	310 kB	2024-03-22	2024-05-02
Pretty URL cdn.o333o.com/vast-im.js IP 143.204.55.31 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:50 Last Seen2024-05-02 10:28:57 Times Seen197 Hash 04bdb2fd7797c33d38ad8a6a0997b389 a69a0999b9106aa1e49a6728c84b3e82b899276d 3039a1d2d40fce3b96ce115bc8fb858539ed084667fb0ee69fe68e0a682d9286 Loading...

	unknown	802 B	2024-04-19	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:11 Last Seen2024-04-19 12:35:11 Times Seen1 Hash 3a40057ad5495afbe4ea0da68af650fb 10f3a5117b4f54ac6771878808e02666246605eb ed67b84d62bedf4476567b2217591ef57ff425e72286e443b361937d8511f1da Loading...

	www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c	270 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:14 Times Seen2 Hash dc746228d07fe38621119fdda1e2d83d 806e05b04f1828963f2a27bc4e8892151fa5bf0a 69714e91cd258d1dd7594ce507dec53ceef2f0f8c55f4771e15fe098cf74c0f9 Loading...

	aistekso.net/401/5708419	88 kB	2024-04-18	2024-04-19
Pretty URL aistekso.net/401/5708419 IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 07:58:47 Last Seen2024-04-19 12:35:15 Times Seen8 Hash 267838f33148049cab8f792e93181d8b b400c1c8926ad14dce8edbd3699f6c08ec1183d1 cb6870ab36ef09e03091ba48c0d7806f9223f9d21e38838c09cf427dd42e3222 Loading...

	unknown	808 B	2024-04-19	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:12 Times Seen1 Hash 2ba0d55f4197030a7fa0dbf2db83fa42 96e7e39224cc474bbcfe66184600643c2cc7f622 84e0655dc5cd73831845f2c2e5ea503785fd0cd5aa8a706c63f781cd99c15f91 Loading...

	tgp1.brazzersnetwork.com/_p1cdn/tour/atlaslib-js.95baa5ea.js	40 kB	2024-04-03	2024-04-20
Pretty URL tgp1.brazzersnetwork.com/_p1cdn/tour/atlaslib-js.95baa5ea.js IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-03 12:12:56 Last Seen2024-04-20 10:16:55 Times Seen22 Hash 929d0b1994e844bbb48867d92d0419e2 d55177b33db30d79facc0772eddf996d174fa05d 9d09bdc89ffd10ef45fc488db8ab51b65d8fe72f4d59c06da4bf5f478e11a5e1 Loading...

	videzz.net/jnkrqh6gmlbn.html	1.9 kB	2023-05-14	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-14 23:54:05 Last Seen2024-05-01 23:07:58 Times Seen61 Hash a692b14c46b795baddef6cde7925aec0 83421ee7434ca7916a53f711c1a207c04e264e3c 0a136fef0aef4b2b4d90057c95c48e84618ecebe376ad324594150d0b8588f90 Loading...

	s.o333o.com/adgpt.js	2.0 kB	2024-03-22	2024-05-02
Pretty URL s.o333o.com/adgpt.js IP 85.10.205.45 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 21:45:49 Last Seen2024-05-02 10:28:57 Times Seen166 Hash 55f8db8e0ec58b646f0b5425b405fdd0 0c79af1239cafc7ec4783f20b0b886a61daccc09 3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237 Loading...

	videzz.net/jnkrqh6gmlbn.html	82 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-02 05:15:59 Times Seen74 Hash 67b70174cc2854586ec824f84b79d825 c9bde16aa4e39ab912e1a20fe298b028a3432596 a979d312087118fa753a8ed59077b51936c9595eb2a37cd369a6b4f579eebafd Loading...

	static.addtoany.com/menu/svg/icons/whatsapp.js	1.1 kB	2024-04-12	2024-05-02
Pretty URL static.addtoany.com/menu/svg/icons/whatsapp.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-02 14:39:57 Times Seen77 Hash 0e8b3ac6bda5451ff39c5ecd6d7b3873 fb477a11167000a30e45369e686ec43dd62d026b c15e1379ca2c59f99912500bbc23a0d1d88f43198cbe1b53d87776fa351385eb Loading...

	videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	159 kB	2023-03-07	2024-05-02
Pretty URL videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:17 Last Seen2024-05-02 05:16:00 Times Seen136 Hash 7c33538390b466ae717449d729bb32ea 49ea1eb1dc06467f516eae28e09863a23b244a31 a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02 Loading...

	videzz.net/jnkrqh6gmlbn.html	488 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen74 Hash c88a098ddb34ae8eb653079349e1eb71 c273d06595b90b3f3eadde95865d4fd88a2cdc4a f8be9aff934fb09a35261e76d411268402098e38f3c1468679a0ffddf96cb8cd Loading...

	tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A	960 kB	2024-04-19	2024-04-19
Pretty URL tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:12 Times Seen1 Hash 22b22f33226308ca87be1fe7ae4fc5cb 63f607c8ef8c38851ba74c65c32f17f714a2a0b8 b8634af91a65dcacab565371c0f4dc8afda6fc9436e5739ea6177ace6a9dddbb Loading...

	unknown	54 B	2023-04-11	2024-05-01
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 22:34:44 Last Seen2024-05-01 23:07:58 Times Seen862 Hash 21ad6a5e027895d7fef5bee4de0a6c02 1997f8ca0f217c1001a42318dc5976a0d5a56469 6e97ed48cf9a0f9bf4e5199bc5546e24c1067a10e7a582b886143be40f479bb5 Loading...

	videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	140 kB	2023-03-08	2024-05-02
Pretty URL videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:32:59 Last Seen2024-05-02 05:16:00 Times Seen79 Hash 8986804e792bac03d992cfa0d65281de 4a406ba9ac7ead8cfc1d181c6abd2340dae2bf44 e94d1a4f4bfe4d0efd8dc95e86573d32172fa8a0f08ee328c377962379bd9295 Loading...

	myliveforyoudreder.com/vidozza.js	1.6 kB	2023-03-08	2024-05-02
Pretty URL myliveforyoudreder.com/vidozza.js IP 104.21.40.134 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:37 Last Seen2024-05-02 05:15:59 Times Seen94 Hash b340619418518ced51fbbc860814ea19 e2cbf47a089e8941bcdb6f24c64fad9004852348 ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000 Loading...

	videzz.net/jnkrqh6gmlbn.html	221 B	2024-04-19	2024-04-19
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:12 Times Seen1 Hash 7e1e4b0a8a36bf27f261cc9f66feae0e be8283442b8efb3497d0be34cd911c1c84dd9ea0 62ce916b405db9638b9d70586e85b5feebf374b9dcb990a70b69d73c22f77b6c Loading...

	static.addtoany.com/menu/svg/icons/twitter.js	645 B	2024-04-12	2024-05-02
Pretty URL static.addtoany.com/menu/svg/icons/twitter.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 16:11:45 Last Seen2024-05-02 14:39:57 Times Seen75 Hash ca05cf90bd32d6134c0b92464c343f9a 187feb5cc71d225717838268487a0abc9b8d405c 3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636 Loading...

	cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150120	84 kB	2024-04-19	2024-04-19
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150120 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:16 Times Seen2 Hash e13561037b0a4307ff2f5c69154b89dc 14f8d3b256baacce05ff1cf812b9b12ba7b18be4 eda34b5626af40a812ca141d5d8158b9d44bc6b8ef2c01e8aac1bd38ef41f504 Loading...

	static.addtoany.com/menu/locale/ru.js	2.1 kB	2023-03-07	2024-05-02
Pretty URL static.addtoany.com/menu/locale/ru.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:27 Last Seen2024-05-02 05:15:59 Times Seen92 Hash c0717dc8cde3baa722c4e7d4c12a2cb0 6e8702b80bdcbe0cd5fc183ce582b2add61d0863 cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397 Loading...

	videzz.net/jnkrqh6gmlbn.html	1.9 kB	2023-09-20	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-01 23:07:58 Times Seen50 Hash ea18635ebabe6012d41f9fe215f59b54 4bb7351c02f51a2d10b55eb8daecf0862aec3db7 4e69daf6970b0700406f701311ff61bf0623749d951327a09de054a9906c8056 Loading...

	videzz.net/sw.js	42 kB	2023-03-07	2024-05-02
Pretty URL videzz.net/sw.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen122 Hash 764aafd976dd9cd9f33279bfafa02908 e9ad856ec00bccfdcbe17b79113681685c943b8d 2c20e295faeb1ef24dae1e26caa5089fdb2ba5a36a86a6a26780b8a515ca99aa Loading...

	videzz.net/jnkrqh6gmlbn.html	1.9 kB	2023-09-20	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-20 05:49:22 Last Seen2024-05-01 23:07:58 Times Seen50 Hash af6177bd7ff00168d56dcbb2dfad8aad b0565c811d5bc5e2b4923cc1194a81126512010c 68848e296ab0993815dd2ae9efbb9b41e1bddf7d57aafd1ce37fcb6588b09901 Loading...

	videzz.net/sandbox%20eval%20code	147 B	2023-04-11	2024-05-02
Pretty URL videzz.net/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 14:47:32 Times Seen344066 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A	25 B	2023-03-14	2024-04-27
Pretty URL tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 05:15:37 Last Seen2024-04-27 16:26:02 Times Seen68 Hash b16580b1a49d019b1c9281b516e56e3c 0935549944f775033e56a7c1efb45026e72c2ddb b70652cd68568dee5fe607a9d4c67994ea247547f4b83273ac06e062ea867e6f Loading...

	videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	11 kB	2023-03-07	2024-05-01
Pretty URL videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-01 23:08:00 Times Seen52 Hash f2b1e2d690c2c568d846e8da3ab66ccd f2a3fd880693ec75e586fdb37d1bd2cd6f6c468a 3efa361ccc887f0bffb9c9250de66cd562bc53671ffcb85cc0a6a0d30b0b8cfb Loading...

	unknown	601 B	2024-01-07	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-07 20:19:39 Last Seen2024-04-30 21:01:50 Times Seen19 Hash 1c412859cf3521fcfc7f9c33db7b2b43 63cfd2acf51f4c834cea7a6b61f0adf7fac10ba7 2e55c494ab73e28a67592bd3c6cacb8fa0b0624b72909a79e84fa3ff3aa78fd7 Loading...

	static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js	435 B	2023-03-14	2024-04-27
Pretty URL static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 05:15:36 Last Seen2024-04-27 16:26:03 Times Seen35 Hash bba82fdfdc2684ce6c44701d57090667 8625624d8247f8c9a94ab6ff74e977e54ee1d083 9116e30438d4725883a76b2efb55417c33529009297515869f1b92dd89d7f602 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-02
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 104.21.35.227 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-02 14:34:16 Times Seen1651 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	static.addtoany.com/menu/modules/core.BRQnzO8v.js	72 kB	2024-04-12	2024-05-02
Pretty URL static.addtoany.com/menu/modules/core.BRQnzO8v.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 02:34:00 Last Seen2024-05-02 14:40:00 Times Seen895 Hash 629401c31553d2f42a6ca46e58c2a97b 0ab6084caa72f90913c7e4119f491838726ec5c2 91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805 Loading...

	static2-ma-ht.project1content.com/tour/vendors~main.d2107e06.js	1.3 MB	2024-04-15	2024-04-20
Pretty URL static2-ma-ht.project1content.com/tour/vendors~main.d2107e06.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 17:01:03 Last Seen2024-04-20 10:16:53 Times Seen7 Hash 91c490d71b9cb4765494bda88999c314 c3dd18b9446d8c82a778269c90066ba5321f5485 a81f7d0f2bb7ad6abf882cdcedbfd51caeb25a921251fb280076d21c77743ce9 Loading...

	tgp1.brazzersnetwork.com/_p1cdn/tour/vortex.modern.min.js	38 kB	2024-02-06	2024-04-27
Pretty URL tgp1.brazzersnetwork.com/_p1cdn/tour/vortex.modern.min.js IP 66.254.114.234 ASN #29789 REFLECTED Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-06 13:03:22 Last Seen2024-04-27 16:26:03 Times Seen30 Hash 06031ae29667c65eb61158093cd96589 1b2eb0f574ed2a8147515b01dbcfa1d59b15aa87 27c67af023f2e2441f9e51f334267c1cab79c99d1f957e82992de8a62b0bd9f3 Loading...

	videzz.net/jnkrqh6gmlbn.html	1.9 kB	2023-12-02	2024-05-01
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-02 22:02:10 Last Seen2024-05-01 23:07:58 Times Seen41 Hash 861dcaf645aae37b6316256c150d9dfb 3a9f80b6a4bf4c7807b354238ee1092098ef0592 8580955f289133f8987846865a71337744c9e2f39defb5c7bad0df0752a47ae7 Loading...

	unknown	806 B	2024-04-19	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:12 Times Seen1 Hash 447de3d3d0218931ecc1c4cac99c73d0 c5ecf248b88c6287365e63ea4665acf644f0f72b 7cdf67162423534f7ea2472b9dd636094f568410a3f231d25d55414df2e137b8 Loading...

	unknown	27 B	2023-03-07	2024-04-26
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-03-07 01:18:32 Last Seen2024-04-26 20:05:46 Times Seen832 Hash 7e28ee163c060950044ca2a51367f6dd 13bcb7570d29f0217c14870854fa6c19c508f904 f250de3f4503c023bafd185b960787fdcb5d0738d5a49c6b5e2cec9c89377044 Loading...

	videzz.net/js/jquery.min.js	96 kB	2023-03-07	2024-05-02
Pretty URL videzz.net/js/jquery.min.js IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-02 13:17:45 Times Seen46852 Hash 8101d596b2b8fa35fe3a634ea342d7c3 d6c1f41972de07b09bfa63d2e50f9ab41ec372bd 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Loading...

	videzz.net/jnkrqh6gmlbn.html	416 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen78 Hash 7b2ab585a733a8e54eb7117dbe673331 38ba49b934ea93104d43c095a34cbebabee2416b 161196e2eb45160ec056dcf19476aaf0a8694cd099ce5ddb43f53f58fa86d0d8 Loading...

	videzz.net/jnkrqh6gmlbn.html	604 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen78 Hash 3f51f1dc48435128b95bc2f1354a7a17 1baedda0ccf0cdaaa29bf441fcfe0c5fb2f8d4d4 9a3b5d51bd26f5549b2a1ca571835e3c1f0beede7826fd81566bdbc1dad656e9 Loading...

	static.addtoany.com/menu/sm.25.html#type=core&event=load	0 B	2023-03-07	2024-05-02
Pretty URL static.addtoany.com/menu/sm.25.html#type=core&event=load IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 14:49:49 Times Seen37273770 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	specialsaucer.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js	82 kB	2024-04-19	2024-04-19
Pretty URL specialsaucer.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js IP 172.240.108.76 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:12 Last Seen2024-04-19 12:35:14 Times Seen2 Hash f6567cb1176528b42b6752a2baa56262 6dc75cc4b849d873805a179a8c6fe143ead2a0d8 9dd2c5232e13c9ca3196b3068cd2e30c16156d2340509b6b159f65a2915796c7 Loading...

	static2-ma-ht.project1content.com/tour/runtime.8c431a9a.js	8.6 kB	2024-04-10	2024-04-20
Pretty URL static2-ma-ht.project1content.com/tour/runtime.8c431a9a.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-10 07:59:09 Last Seen2024-04-20 10:16:54 Times Seen8 Hash 85dca37992d4daa74d30771370a3ba89 ca16a0144224456c2b57b341ffde7fb09d59cea4 05b0458a5a879d63b23ee2d3cb2c243b27eb341801b0456c38e7c5dc1ea84a46 Loading...

	videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	111 kB	2023-03-07	2024-05-01
Pretty URL videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-01 23:08:00 Times Seen55 Hash 6249517b9005ca7822f82d024996812f 9085d09ebbe9e6c5963644d49c82c350f1be141d fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca Loading...

	videzz.net/jnkrqh6gmlbn.html	0 B	2023-03-07	2024-05-02
Pretty URL videzz.net/jnkrqh6gmlbn.html IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-02 14:49:49 Times Seen37273770 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kr.cafenehkikki.com/1clkn/14903	6 B	2023-03-07	2024-05-02
Pretty URL kr.cafenehkikki.com/1clkn/14903 IP 23.109.170.29 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-02 10:41:44 Times Seen14041 Hash 9082dc37e5e8046929da411544ad071a 41e0e3963ed94e59e8a2f115994c382712411537 b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550 Loading...

	unknown	812 B	2024-02-04	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-04 03:21:37 Last Seen2024-04-29 10:27:16 Times Seen3 Hash c06518994f541746094ffa66e9dd59b9 f50c28e103e1244a3c3ab7b73bfc01956c94ad89 397489415d29273c4d0e5d3a152b8c6391436e21ebf73b0be47e9a99219ba989 Loading...

	static.addtoany.com/menu/svg/icons/viber.js	1.0 kB	2024-04-12	2024-05-02
Pretty URL static.addtoany.com/menu/svg/icons/viber.js IP 172.67.39.148 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-12 13:25:33 Last Seen2024-05-02 05:16:00 Times Seen66 Hash aeffbbeba6dd343b89fdc22cdf23f8c8 7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7 c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-02
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-02 14:47:33 Times Seen343559 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040	637 B	2024-04-19	2024-04-19
Pretty URL tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040 IP 135.181.208.216 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:13 Last Seen2024-04-19 12:35:13 Times Seen1 Hash 00a41c52378be40cde5f0346843fb7d4 32f43652a4ad7ca0f261324514fe475bca4e170a 49effff2fa98f4d8222a0be1c68f6585f3b8309148fd9b55b7787a1bd232809b Loading...

	static2-ma-ht.project1content.com/tour/main.2798796d.js	454 kB	2024-04-15	2024-04-20
Pretty URL static2-ma-ht.project1content.com/tour/main.2798796d.js IP 64.210.135.118 ASN #30361 SWIFTWILL2 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-15 17:01:03 Last Seen2024-04-20 10:16:53 Times Seen6 Hash bc8e1f0f2c50124d0b28f45b1aabe511 224bab26074e3a707df32a42657dad12491caf38 a007b3126ec217ec1e35b4158e983e6f80798a9525d950be2d880cca4498cffa Loading...

	www.googletagmanager.com/gtag/js?id=UA-158623850-1	203 kB	2024-04-19	2024-04-19
Pretty URL www.googletagmanager.com/gtag/js?id=UA-158623850-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-19 12:35:13 Last Seen2024-04-19 12:35:13 Times Seen2 Hash a13fffec7966cd14773692d8d3532da9 d0637018e1bb2245cdb616525da50b3f6364c890 c9f430c8bdb8af2fbd85aa8c503244897fb1979220cf7dd62d4954ddb60608ee Loading...

	videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42	416 kB	2023-03-07	2024-05-02
Pretty URL videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 IP 78.142.18.54 ASN #208046 ColocationX Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:08:16 Last Seen2024-05-02 05:15:59 Times Seen79 Hash 9721700ae4b3d8e0e81f9c6c1c8d511b 1c987ebb7fac787eaa3b2190c9b53bb685d5b8ea d4098ce7457b5191970d2df49c8b8f6c2ffc0d8510673777a08910f0b68d5c2f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 73497a37c3561adbd8ce84e4f017b368	9 B	2023-03-07	2024-05-02
Pretty Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-02 03:51:51 Times Seen2218 Hash 73497a37c3561adbd8ce84e4f017b368 9193ae73cb3dd2833be8c942714d5544bfb628c9 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351 Loading...

		Size	First Seen	Last Seen
	#1 Write - c661bb9a7cc33ed4849427e94a91858c	614 B	2023-09-20	2024-05-01
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-01 23:07:58 Times Seen50 Hash c661bb9a7cc33ed4849427e94a91858c 4be38292beb83aa1b58a668283dfe08ed97d7a42 e56ca9ad4497b40fd4b7c14e2c5e6c5b58563af9cb588188992d2189d22dc477 Loading...

	#2 Write - bf6e0ef92ae84c6ac72a2e33e3bd0ba5	614 B	2023-09-20	2024-05-01
Pretty Observations First Seen2023-09-20 05:49:23 Last Seen2024-05-01 23:07:58 Times Seen50 Hash bf6e0ef92ae84c6ac72a2e33e3bd0ba5 dd276e9188ea2de2da9b957adbb91c7e2b08d4ec 5f5f7af99db9aecf63f1ae5480d2b95a82e350abcdd3a765f5537235d12a4744 Loading...

	#3 Write - ab34ea7c979c46402352a8ce4c7b87cf	614 B	2023-12-02	2024-05-01
Pretty Observations First Seen2023-12-02 22:02:11 Last Seen2024-05-01 23:07:58 Times Seen41 Hash ab34ea7c979c46402352a8ce4c7b87cf 4ec90223aeea83fe3850db77b92c11eed50c99d3 fd21c10a5b8c554e00e76da6ce58475053e414d4280741ed032a857cf9876978 Loading...

	#4 Write - 7aea427efe0ebb35cac7f6c65074feaa	613 B	2023-03-26	2024-05-01
Pretty Observations First Seen2023-03-26 09:32:06 Last Seen2024-05-01 23:07:58 Times Seen62 Hash 7aea427efe0ebb35cac7f6c65074feaa 7f7025ff75b6c305cf0f7258c68dcc5c3b787ea6 d72f60419e2549dc6934524845bed150c6aa5e1541b5eac18dd5c145f40d2857 Loading...

	#5 Write - 43449de866396eb0131d8111f4fa3895	613 B	2023-05-14	2024-05-01
Pretty Observations First Seen2023-05-14 23:54:06 Last Seen2024-05-01 23:07:58 Times Seen61 Hash 43449de866396eb0131d8111f4fa3895 d74126ea9f2c40f8395c79b3e7f69760f91702fc a67ffe15bbd54d8f4cc64a1e458fc3b742f73783efb009b827b9cf3e9b502add Loading...

HTTP Transactions (221)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

1.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text
Size
1.8 kB (1761 bytes)
Hash
dcb0ac787e2b120c8aeec195cd6decb9
7cdd385b4fbdfd0801af64d9209e7ede132dd954
f2a6c653ee82cb36677404eab7c258ce985aef5a6d36a064a5a805548fadea82

HTTP Headers

GET /ajax/libs/bootstrap-datepicker/1.6.4/css/bootstrap-datepicker.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/css; charset=utf-8
content-length: 1761
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-42f8"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 629827
expires: Wed, 09 Apr 2025 10:34:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4L3cxfxT6ts0TQRhlbR7Htm8UzGwp%2F1eJbM4oQ7TkFxsh0Mvamxf7V4uI6TsSQkk9n3VJQFiVYzFirnaZb4nNd172%2BYFnrg%2BxCLvzm8z%2Fl6jtmngahyXM8%2BALh9krh4oSwRXhmZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c3df26ca756c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

867 B

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4034)
Size
867 B (867 bytes)
Hash
0680879d9be8b73e90cf1ed3de2724e1
e338268ddd73ef607dbbca2ff375867972f66353
5a25b8e7ed8c24b5e57fd9cefa475e451f2657e39404c17a5704bfe3f217d857

HTTP Headers

GET /ajax/libs/bootstrap-colorpicker/2.5.1/css/bootstrap-colorpicker.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/css; charset=utf-8
content-length: 867
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8d-10df"
last-modified: Mon, 04 May 2020 16:06:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4358438
expires: Wed, 09 Apr 2025 10:34:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nd6uSfExk3dns2Uq6KoEp%2BYZ%2BLMZnIECgnWt3NPFBYehwmptfJce9JeCNycBjrzQlLVM0DI%2FdTdLw3xYSoNTMaAEtw9iKW%2FpGACMFm8NSqXJZFa3qFhnVcSKX8awHHDF1fDjNY7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c3df26ca556c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

104.17.25.14

200 OK

2.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7172), with no line terminators
Size
2.1 kB (2141 bytes)
Hash
a99386c14c1250b20b42dd0db3df1741
cc8562d8ee2c39a2adea8d09eec3c4096571dd18
de1136175d3ed18ef84054ce8c6521c81bdceb97cb1505ab2c376d53138b6672

HTTP Headers

GET /ajax/libs/jquery.tablesorter/2.28.15/css/theme.green.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/css; charset=utf-8
content-length: 2141
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1c04"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 790137
expires: Wed, 09 Apr 2025 10:34:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gz8ouMmkHpYPItuGN3DG%2BoNQ3Fw%2FZDDUlqMAELOBwW9HTbjt38pw3%2Bfda8ZlW4zrxwGBVPwZx8UiSHJeDtKR87e3MM4Be1EH%2FQy1AHM1t2OMR%2BWTRZbW8SuygxCOroX6YPb4QXpU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c3df26ca856c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-158623850-1

142.250.74.40

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-158623850-1
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73350 bytes)
Hash
a13fffec7966cd14773692d8d3532da9
d0637018e1bb2245cdb616525da50b3f6364c890
c9f430c8bdb8af2fbd85aa8c503244897fb1979220cf7dd62d4954ddb60608ee

HTTP Headers

GET /gtag/js?id=UA-158623850-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 10:34:25 GMT
expires: Fri, 19 Apr 2024 10:34:25 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73350
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

videzz.net/js/pop.js?v=1.0

78.142.18.54

200 OK

35 B

URL GET HTTP/2
videzz.net/js/pop.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
ASCII text
Size
35 B (35 bytes)
Hash
da4bf5414bf75eefb21872f9b59fe6fc
e34335e0705397a4ad02c406a2e92333e6d2b0e5
d48b428c1788391a1aef29802daaa691077732dc7b821d0968831bc50b19278d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/pop.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
content-length: 35
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
etag: "66163909-23"
expires: Sun, 19 May 2024 10:28:44 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/ads.js?v=1.0

78.142.18.54

200 OK

211 B

URL GET HTTP/2
videzz.net/js/ads.js?v=1.0
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
Unicode text, UTF-8 text
Size
211 B (211 bytes)
Hash
09f34de71e8853387dd398fbb263af69
4ccb7007fcebcffe64eaa80f2991509fdbac55d5
6ca7e6aebc6e3eec26d39e540e255a738fd9e48e9b97bd0e2a714686377ac523

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/ads.js?v=1.0 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
content-length: 211
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-d3"
expires: Sun, 19 May 2024 10:28:44 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/adb_logo.png

78.142.18.54

200 OK

8.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/adb_logo.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 178 x 178, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8308 bytes)
Hash
98fcd22c469a5aa46df8ec4e7a8eafc9
e8d95f175d3008736995a482d7304410a1da490a
b1e79e219bf46ca5ef14a9619c5440e78c2ebdbc34b8f0c65f0777a8b02fc30c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/adb_logo.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: image/png
content-length: 8308
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-2074"
expires: Sun, 19 May 2024 10:28:53 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/attention.png

78.142.18.54

200 OK

6.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/attention.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 263 x 231, 8-bit/color RGBA, non-interlaced
Size
6.4 kB (6377 bytes)
Hash
d28ebe1b4425fa4ab5d804792b5aa626
3183e2c59cdaed547de5fb1fc940709ed5117003
36fc8d817d7a356b2b8e8697697a5ce86bedadfea8df2a4e88f9514bb1ce02f6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/attention.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: image/png
content-length: 6377
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-18e9"
expires: Sun, 19 May 2024 10:28:56 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

tr.7vid.net/lx4oag1.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
tr.7vid.net/lx4oag1.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /lx4oag1.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

tr.7vid.net/LrfK7A3.js

135.181.208.216

200 OK

77 kB

URL GET HTTP/2
tr.7vid.net/LrfK7A3.js
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65503), with no line terminators
Size
77 kB (76790 bytes)
Hash
a6781eeb8be115c2cc64c5b4898e5b9d
76001e6e130f936956842ce1fb672ca16be2370e
cb8949c4918f30d767c8a97d1b1ddb36eabccf8d93659a80f4e850caa3701da2

HTTP Headers

GET /LrfK7A3.js HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/javascript
content-length: 76790
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-12bf6"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 201
cf-ray: 8685d408ccf5d995-HEL
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 316350
expires: Wed, 09 Apr 2025 10:34:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VsJMNZsaDHTB%2BophpWitWrS6tKZsQHTMapAcw9Yx6%2FfrLchzC8wAefITtEHd5nA%2FXBu62fl1MFNm%2FVG5WKGZ0DnyOMvFatkzuFEeen054%2FmwrZ6pIrYHhTPgSEMVerGTPF0fNU27"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c3df4586d0b49-OSL
alt-svc: h3=":443"; ma=86400

kr.cafenehkikki.com/1clkn/14903

23.109.170.29

200 OK

26 B

URL GET HTTP/1.1
kr.cafenehkikki.com/1clkn/14903
IP
23.109.170.29:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectkr.cafenehkikki.com
Fingerprint50:EE:4F:95:B6:16:97:F3:4B:CE:8F:41:22:EB:63:02:F2:48:7A:F2
ValidityThu, 18 Apr 2024 00:50:14 GMT - Wed, 17 Jul 2024 00:50:13 GMT

File type
ASCII text, with no line terminators
Size
26 B (26 bytes)
Hash
9082dc37e5e8046929da411544ad071a
41e0e3963ed94e59e8a2f115994c382712411537
b7848d86edc8dc3b5bc6a5c666069f9a31e000cee51575d3b6083951607e1550

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1clkn/14903 HTTP/1.1
Host: kr.cafenehkikki.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:34:25 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 20-Apr-2024 10:34:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 20-Apr-2024 10:34:25 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet

142.250.74.106

200 OK

75 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
75 kB (74897 bytes)
Hash
e69e2657b18d638a32e88838de6b2c71
0d733407ca06533fcac73c944d1759353303e859
38854042c713d6d8beafb659cc6a4f6e91354b0fb4bd4198ba1dd576a6abc074

HTTP Headers

GET /css?family=Istok+Web:400,700|Open+Sans:400,600,700|Raleway:200,400,600|Roboto:400,500,700|Source+Sans+Pro:300,300i,400,400i,600,700,700i&amp;subset=cyrillic,cyrillic-ext%22%20rel=%22stylesheet HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 10:34:25 GMT
date: Fri, 19 Apr 2024 10:34:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

142.250.74.106

200 OK

16 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
16 kB (15885 bytes)
Hash
5c7c6bd8d0f684f63a0d9b7a13f26f73
b8ac36ecb421e6dc8ef1fcfae499b83ea6a19a46
cd470ed10d95afc645a0c8d20f7ea476dbe89b49ad4dfe9bea73085fcf1c74eb

HTTP Headers

GET /css?family=Armata|Average+Sans|Gafata|Istok+Web:400,700|Julius+Sans+One|Michroma|Montserrat+Alternates:400,500,600|Montserrat:400,500,600|Numans|Poppins:400,500|Rubik:400,500,700|Syncopate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 10:34:25 GMT
date: Fri, 19 Apr 2024 10:34:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

videzz.net/images-newtheme/ico_signup.png

78.142.18.54

200 OK

1.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/ico_signup.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced
Size
1.1 kB (1094 bytes)
Hash
eb2e533fce6d10e6f1231e3c07aa7e7a
194f55dab0899b59605972b6a0edd85bfd975488
6514b33f1b2a8766a828371bb8b15eb9dd0d7ea53db03f04f7b1e9d82e9b6c7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/ico_signup.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 1094
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-446"
expires: Sun, 19 May 2024 10:29:14 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/js/videojs.stm.5.min.js?0.189641347629596

78.142.18.54

200 OK

3.3 kB

URL GET HTTP/2
videzz.net/js/videojs.stm.5.min.js?0.189641347629596
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
3.3 kB (3334 bytes)
Hash
4846889f317e5f5be43a1fa7780276fb
fcb450ce7573064204314398b5ff74cff36adb82
9f571d3de00504ed13511825167c73b1c534129cc55674010965d9eefdb40e65

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.stm.5.min.js?0.189641347629596 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1c25"
expires: Sun, 19 May 2024 10:34:25 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: MISS
X-Firefox-Spdy: h2

profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js

192.243.61.225

200 OK

16 kB

URL GET HTTP/1.1
profitablegatecpm.com/fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js
IP
192.243.61.225:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectprofitablegatecpm.com
Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30
ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT

File type
JavaScript source, ASCII text, with very long lines (44076), with no line terminators
Size
16 kB (15846 bytes)
Hash
522713caa64ef0eb1ef197de23cd75eb
2fd79a9777759162a7649a86ffaec0a6983900a6
dbc1446c430ad574a3c9caf9c4552489513c011105908720f5ccd641033aae3f

HTTP Headers

GET /fd/40/b6/fd40b682a05e4aaf489d29601350aa66.js HTTP/1.1
Host: profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a321e021d4ebc793d4beda0fa9d49afb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 115165
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.o333o.com/adgpt.js

85.10.205.45

200 OK

820 B

URL GET HTTP/2
s.o333o.com/adgpt.js
IP
85.10.205.45:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subjects.o333o.com
FingerprintC1:C0:0F:C0:EF:0F:F7:7A:36:2F:00:9E:5C:55:63:54:63:A3:A6:46
ValidityMon, 12 Feb 2024 00:00:00 GMT - Fri, 28 Feb 2025 23:59:59 GMT

File type
ASCII text, with very long lines (2040), with no line terminators
Size
820 B (820 bytes)
Hash
55f8db8e0ec58b646f0b5425b405fdd0
0c79af1239cafc7ec4783f20b0b886a61daccc09
3ec8849ba857ec32cdc682ea93f0c1f8e8ab97980af4f1d8ec312684ed0f5237

HTTP Headers

GET /adgpt.js HTTP/1.1
Host: s.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/javascript
content-length: 820
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
vary: Accept-Encoding
etag: "65fd69b1-334"
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
X-Firefox-Spdy: h2

cdn.o333o.com/vast-im.js

143.204.55.31

200 OK

137 kB

URL GET HTTP/2
cdn.o333o.com/vast-im.js
IP
143.204.55.31:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subjectcdn.o333o.com
Fingerprint61:0E:6A:7F:7E:40:48:40:58:0F:EF:89:DB:CF:AD:C2:FB:52:F1:AC
ValidityThu, 09 Nov 2023 00:00:00 GMT - Mon, 09 Dec 2024 23:59:59 GMT

File type
gzip compressed data, from Unix
Size
137 kB (136955 bytes)
Hash
43ef0994b572d0b5f9826bbb58808c75
0fe16e6bec80efe639a9d6cd7c84d3d1796eea8f
e40914ab0a63ef5994be9a428218d9590c3f269651f7fe51fb16a583bc381902

HTTP Headers

GET /vast-im.js HTTP/1.1
Host: cdn.o333o.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 11 Apr 2024 09:31:41 GMT
last-modified: Fri, 22 Mar 2024 11:21:21 GMT
etag: W/"65fd69b1-4bcd7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: MSP0BLQWTAk8qtRYOHL_QJ32RimPT8zahR01VQPVfrUObpSBb8Cqlw==
age: 694964
X-Firefox-Spdy: h2

videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

4.9 kB

URL GET HTTP/2
videzz.net/js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
4.9 kB (4884 bytes)
Hash
1c046b5e1b0c7b479b2cf496e25b2c1d
8268e30df30aff397e7a4c2eb59a946b0723b5d5
15a9569adb6985456ffcf98ae160e1604e8bac8c87f852c29878cad501d6eabc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/main.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-2c05"
expires: Sun, 19 May 2024 10:28:25 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7

104.18.10.207

200 OK

10 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?v=7
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
10 kB (10273 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css?v=7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5a80fdb25a1f4c70c38767b1307ad4b6
cdn-cache: HIT
cf-cache-status: HIT
age: 12557157
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df25d53b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/js/jquery.min.js

78.142.18.54

200 OK

39 kB

URL GET HTTP/2
videzz.net/js/jquery.min.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
39 kB (38905 bytes)
Hash
48247cb3c6c3051e8f2fdd9fde450850
72e92b9cc7a3a97ca48ed53d4079720fc7f77c83
5b96b7aba0b973de80d2751575b376e7609f95207db35e6386afd12a918eb4b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-1762a"
expires: Sun, 19 May 2024 10:31:22 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/telergram_button.png

78.142.18.54

200 OK

7.1 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/telergram_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.1 kB (7130 bytes)
Hash
30c0202bb8d66d562c2f6f74e04cecf5
330d3cb6d6e12800458fb4e711f5ad2669ed6418
5c594f5b1f831711af5d0089fb853c7511a83dbc3ce86f99b93e63e9c5c8fc60

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/telergram_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 7130
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
etag: "66163909-1bda"
expires: Sun, 19 May 2024 10:29:25 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/twitter_button.png

78.142.18.54

200 OK

7.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/twitter_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.3 kB (7332 bytes)
Hash
d680a9ff6f8107a4582fc3da7b95b852
df709fd8b064642697ce5075aef16d7ec3df9475
d496e33f83306ba9f7659dda81264fe833b2c8ce3b3ca5ef1cfd9a0d99397c24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/twitter_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 7332
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-1ca4"
expires: Sun, 19 May 2024 10:29:26 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/viber_button.png

78.142.18.54

200 OK

7.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/viber_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
7.6 kB (7583 bytes)
Hash
36454bc0a71ba0919c38f4b072ea1792
b90bd02d15eb470070f5767b12f8879cfa54033f
795878ef409474a5ba791a786239a77cc30f83576713e3788d88f0c306c98c58

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/viber_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 7583
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-1d9f"
expires: Sun, 19 May 2024 10:31:17 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/whatsapp_button.png

78.142.18.54

200 OK

9.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/whatsapp_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
9.4 kB (9402 bytes)
Hash
093cb56d9d65dd0ccb57f24eb7444cba
3d862fe04fc38402dfb6e8afcfb9adc526907d54
9e433e4399b92cd8a014e00765fc534baae47b5ebacadea618e0f3dc041b6266

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/whatsapp_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 9402
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-24ba"
expires: Sun, 19 May 2024 10:31:25 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.25.14

200 OK

77 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4382081
expires: Wed, 09 Apr 2025 10:34:25 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UoGgMcfD70FLpAGObjlWMSK%2BbfGnuSU0HS3ba3anib%2FwPtU7Yh1nF5qVxKA%2F0Vcmck81onELbQnlAOElFs1X%2B1V86V6HHLifxi2rAxI5uHWFaJOO9uTrYUdItTMtVqou2k72Df0E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c3df75a280b49-OSL
alt-svc: h3=":443"; ma=86400

videzz.net/images-newtheme/locale/spritesheet_25.png

78.142.18.54

200 OK

3.4 kB

URL GET HTTP/2
videzz.net/images-newtheme/locale/spritesheet_25.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 25 x 71, 8-bit/color RGBA, non-interlaced
Size
3.4 kB (3355 bytes)
Hash
f114e74e1fb82ce234e7a2503506e2ac
5adb3ddc13861aa417471710f1ceaca66ef71c74
e0edc9d8ec79eb53ad2d9e2644b27bc02cc62ad78e8033e4cc016a62132ed51d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/locale/spritesheet_25.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1; file_id=37918487; aff=103040
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: image/png
content-length: 3355
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
etag: "66163909-d1b"
expires: Sun, 19 May 2024 10:28:06 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Zj8D76R

172.67.205.77

200 OK

48 kB

URL GET HTTP/2
bid.bidclickmedia.com/sub/Zj8D76R
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
48 kB (48381 bytes)
Hash
a59a1eb59104d4bf5ae063b28f80a03e
a03719ddbf97ee76f24a77994dc2fed934bad2db
80499cd3508dab092fa2c87d292031821e2230653503f1dd41c2b9c04571fc47

HTTP Headers

GET /sub/Zj8D76R HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g0fSQsEeWOqbe8MUTV1m9AjZ0h%2FmENQo3ICiMVyEl3%2F8fMLMIEfLcSxAzfpx9q3087CoPPBsVbBnWnD%2FijLCZPD3gQnEC8NmwQ%2F9As25Z6b9dn98xDhBE%2BVDEIzUxu1bBS2%2BeLppyvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df6ffd51c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 115166
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a6c54eb358310d0ba1b91cfa3ff68a69
d1e09a34de622e331c50d944fbd71262d4ff715e
8139dd469b494a0f0b21627a93261626fb5ab614e82ebfdccd3caeaf1823e039

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=083c7ef1-dcba-4871-9ebf-7083c3d68150:2:1; expires=Mon, 17 Apr 2034 10:34:26 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.18.10.207

200 OK

77 kB

URL GET HTTP/3
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 19:08:24
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0a41a35b44b9a221d4e11fe69e9304aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1403875
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df8cb005693-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c

142.250.74.40

200 OK

94 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (7711)
Size
94 kB (93504 bytes)
Hash
dc746228d07fe38621119fdda1e2d83d
806e05b04f1828963f2a27bc4e8892151fa5bf0a
69714e91cd258d1dd7594ce507dec53ceef2f0f8c55f4771e15fe098cf74c0f9

HTTP Headers

GET /gtag/js?id=G-HEX1BG8H46&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 10:34:26 GMT
expires: Fri, 19 Apr 2024 10:34:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93504
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.addtoany.com/menu/svg/icons/twitter.js

172.67.39.148

200 OK

870 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/twitter.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (645), with no line terminators
Size
870 B (870 bytes)
Hash
ca05cf90bd32d6134c0b92464c343f9a
187feb5cc71d225717838268487a0abc9b8d405c
3003867b66a32c12fdafeefc27cf06d906e5a99ba275550ab757f4bb04834636

HTTP Headers

GET /menu/svg/icons/twitter.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"af2b829f9b79fabec7c0148a8b7e444b"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no0s8wf%2B47RtY8CEer2btpxxEiQg64a2epQXM1gVeuJI2MFbat7D2FpnM2CTnrpqF8xhWPrS4hZNCEW3DGu0x8AI7gl43a8FCrFs3fa3QDBL33XfcQ%2F%2Bao27VUMmVJ9PHZZcsnwPTuha9DeAmuHyZVOg"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df91bdf1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/sw.js

78.142.18.54

200 OK

12 kB

URL GET HTTP/2
videzz.net/sw.js
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
12 kB (12325 bytes)
Hash
56e6de7c57d5f9fa66fc9e49124e13ec
98ad9cd0747f86cac18066703801173acff5aba2
709b0313805a7cda66fa510b22b82b5e5548a1013dabec6858e7406524f73d87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw.js HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:24 GMT
vary: Accept-Encoding
etag: W/"66163908-a554"
expires: Sun, 19 May 2024 10:31:25 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

str35.vidoza.net/i/01/07583/jnkrqh6gmlbn.jpg?v=1713522864

109.202.99.227

200 OK

36 kB

URL GET HTTP/2
str35.vidoza.net/i/01/07583/jnkrqh6gmlbn.jpg?v=1713522864
IP
109.202.99.227:443
ASN
#49453 Global Layer B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 720x405, components 3
Size
36 kB (35950 bytes)
Hash
a3a7693f195825634d879a732cbfc30d
7f65f5cea3c93e5034c31ff218f5c5a5cf159a0c
4601303d500a7d7820c65edfee9c8013c8728f9c46b3ab665402b6fa3d2cc9eb

HTTP Headers

GET /i/01/07583/jnkrqh6gmlbn.jpg?v=1713522864 HTTP/1.1
Host: str35.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: image/jpeg
content-length: 35950
last-modified: Wed, 10 Apr 2024 23:02:00 GMT
etag: "66171a68-8c6e"
expires: Fri, 03 May 2024 10:34:26 GMT
cache-control: max-age=1209600
accept-ranges: bytes
X-Firefox-Spdy: h2

specialsaucer.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js

172.240.108.76

200 OK

30 kB

URL GET HTTP/1.1
specialsaucer.com/f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30245 bytes)
Hash
f6567cb1176528b42b6752a2baa56262
6dc75cc4b849d873805a179a8c6fe143ead2a0d8
9dd2c5232e13c9ca3196b3068cd2e30c16156d2340509b6b159f65a2915796c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f1/77/6d/f1776d24271c5ad55c5f1492e2d01e10.js HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-3428_new=1; expires=Mon, 22 Apr 2024 10:34:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dff68d65f34e9ff825c5f9b29d9e3307
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

35.158.46.84

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
35.158.46.84:443
ASN
#16509 AMAZON-02

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a6c54eb358310d0ba1b91cfa3ff68a69
d1e09a34de622e331c50d944fbd71262d4ff715e
8139dd469b494a0f0b21627a93261626fb5ab614e82ebfdccd3caeaf1823e039

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: uid_id2=083c7ef1-dcba-4871-9ebf-7083c3d68150:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://videzz.net
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

static.addtoany.com/menu/locale/ru.js

172.67.39.148

200 OK

6.5 kB

URL GET HTTP/3
static.addtoany.com/menu/locale/ru.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (2130), with no line terminators
Size
6.5 kB (6459 bytes)
Hash
c0717dc8cde3baa722c4e7d4c12a2cb0
6e8702b80bdcbe0cd5fc183ce582b2add61d0863
cde5eaa4da56876821229a97a09a4b53e929ea30b7310848d0e84212a5137397

HTTP Headers

GET /menu/locale/ru.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
cf-polished: origSize=2289
etag: W/"9797b535a7dbc5ec8be5d83312871549"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSZZPHRQHmmj7W9b8uSrlEOmUNd5EPtJjQ6dGciF28UUVd2CDtNJ%2FBwzXajDEbBux%2FcEjPyaUJyeHlp1cPBVMV3Q2eK944CTAvvX7nWPfNzysCaOl3kzBNgW%2F9nsUG4Ry0l3jQ6qpq%2Bc1bomXdrURWCn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1457
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df90bcb1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

myliveforyoudreder.com/vidozza.js

104.21.40.134

200 OK

1.1 kB

URL GET HTTP/2
myliveforyoudreder.com/vidozza.js
IP
104.21.40.134:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectmyliveforyoudreder.com
FingerprintD6:1F:6C:5C:81:FF:C4:D3:4D:C9:A9:22:DD:0B:D4:18:59:4E:58:B7
ValidityWed, 20 Mar 2024 02:24:57 GMT - Tue, 18 Jun 2024 02:24:56 GMT

File type
JavaScript source, ASCII text, with very long lines (852), with CRLF line terminators
Size
1.1 kB (1099 bytes)
Hash
b340619418518ced51fbbc860814ea19
e2cbf47a089e8941bcdb6f24c64fad9004852348
ebbf367cc151e337e4c4d375e86682b6e1593b25224c6c733b4cea4f507c4000

HTTP Headers

GET /vidozza.js HTTP/1.1
Host: myliveforyoudreder.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
last-modified: Mon, 24 Oct 2022 14:14:49 GMT
etag: W/"63569dd9-64f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJvg%2FOxbWiP2qMcTTyEtiQyIprKhNSvSU7fF4y9D%2FDYIaRhaE8heNfof2zxOkfFIVPx%2FQ6o%2BzuAERW%2B9aHSCXe5El2YeIiBIyBXVhOKOqy0sp2JlT22WfmpxO%2FCcK9PJ6dSZHIFtdKCh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3df8de41b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://r.mylot.com/p.aspx?u=dd9a2d06-a966-42fd-958f-80c83638114c

specialsaucer.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHoMXRVD3JsKgCCoy6e6Z9My4BzHGaNi4WXcV9STVXdWTMtVVTVX%2FmMwpuCB7HHLx2vkm2eC6%2BOugJxfpLCgsCBlPOZg%2FwYuwZ5kxOO6Dqve%2B972C771XXxzk58RHTs%2FW3tMjISVdXmm5zZc%2F9rzLzU2h8mFz2As%2BDTqXm6Z4vR%2B03Fea7%2FBoRy%2F7rue6nus114XhsR4uz0iI9G7fa%2FXdVsdveSsdDM2j2OYOLHXAinPyDASbLt13LkFENVTy3Rq3O5lOX3s7ySXNtEHBjj9UO0qXCskijI2DWB1fVEPb0%2FV70OpoLhe6%2BK8wFFPi%2FHoPoTq%2BEImwOJzrDCW4QsieQFnU4LKGoDUifROCnRIgYri6BZXcvqpNSXf%2FZemMnZKlh39DlFOy9OclqOSbVSmGzRta5pnQymIYVxDDGmJQI81PkI0aEOUJouxzCPY7WX64CZUcblmpIVg1712IGiKuIfkY1DrIZ0c4yGMHeeogYWfNyPO8rssi6vb6UdRmXR4GzPVoN%2Fao5wY95NFM3hhZOkYkx4jMHlKzhx0xhsl%2Fgd2uYJkDm02J8%2F4eClah5ASlJSgpQSkIyoygLKojJq1vq9tM2jz0Lrx%2F4dvVRGeDA3qkswFXBNSMYVh1kJ6Tp2fzcV5s%2BNjhZ82Yddww6PnUXeEdSuNOr8%2F8fuB67RWX0iCAFRWEbcxbHokpeSn%2BCamYkid%2FIwjpCaw8QSSeBc2fBy0r0O0KI%2FVtQoVqFYLpEW0pnoHpCmm2hGzXOZDn5Ln5kq58eQc8ekAuDJGpkJoKn4n7BAN5a3Jdl%2BTwui4t%2BX4rzUQiRnS2wBsZzfjjd67w3VIbtrFmx1%2B9Gc2IWXj3A26zTaqYUANLvl4VjHGzrk3Eyc8b9iMeXsvt9mpuVJ5uXntrfSNJDbdWaFWDitNP9hGJKXnqx835z3y1%2BReEqWHyCkm%2BUCp0jSjdg00XOasJjFzgMHVQ5tXE%2BOEiKQWB5AtMwwr2fzhcxBNDZ6%2BpqA7sLQxMAzS7CZVUKEyFQlagcgybPzbJUvPgjT%2Fac0MoG5NQmsZhKI3cnw95du3DirNmt912adBf8bpdyrthx%2B%2FFgcco9TuBHwS0jcxO4xfe%2FeEfAAAA%2F%2F8BAAD%2F%2F2%2BNxB9zBAAA

172.240.108.76

200 OK

7 B

URL GET HTTP/1.1
specialsaucer.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHoMXRVD3JsKgCCoy6e6Z9My4BzHGaNi4WXcV9STVXdWTMtVVTVX%2FmMwpuCB7HHLx2vkm2eC6%2BOugJxfpLCgsCBlPOZg%2FwYuwZ5kxOO6Dqve%2B972C771XXxzk58RHTs%2FW3tMjISVdXmm5zZc%2F9rzLzU2h8mFz2As%2BDTqXm6Z4vR%2B03Fea7%2FBoRy%2F7rue6nus114XhsR4uz0iI9G7fa%2FXdVsdveSsdDM2j2OYOLHXAinPyDASbLt13LkFENVTy3Rq3O5lOX3s7ySXNtEHBjj9UO0qXCskijI2DWB1fVEPb0%2FV70OpoLhe6%2BK8wFFPi%2FHoPoTq%2BEImwOJzrDCW4QsieQFnU4LKGoDUifROCnRIgYri6BZXcvqpNSXf%2FZemMnZKlh39DlFOy9OclqOSbVSmGzRta5pnQymIYVxDDGmJQI81PkI0aEOUJouxzCPY7WX64CZUcblmpIVg1712IGiKuIfkY1DrIZ0c4yGMHeeogYWfNyPO8rssi6vb6UdRmXR4GzPVoN%2Fao5wY95NFM3hhZOkYkx4jMHlKzhx0xhsl%2Fgd2uYJkDm02J8%2F4eClah5ASlJSgpQSkIyoygLKojJq1vq9tM2jz0Lrx%2F4dvVRGeDA3qkswFXBNSMYVh1kJ6Tp2fzcV5s%2BNjhZ82Yddww6PnUXeEdSuNOr8%2F8fuB67RWX0iCAFRWEbcxbHokpeSn%2BCamYkid%2FIwjpCaw8QSSeBc2fBy0r0O0KI%2FVtQoVqFYLpEW0pnoHpCmm2hGzXOZDn5Ln5kq58eQc8ekAuDJGpkJoKn4n7BAN5a3Jdl%2BTwui4t%2BX4rzUQiRnS2wBsZzfjjd67w3VIbtrFmx1%2B9Gc2IWXj3A26zTaqYUANLvl4VjHGzrk3Eyc8b9iMeXsvt9mpuVJ5uXntrfSNJDbdWaFWDitNP9hGJKXnqx835z3y1%2BReEqWHyCkm%2BUCp0jSjdg00XOasJjFzgMHVQ5tXE%2BOEiKQWB5AtMwwr2fzhcxBNDZ6%2BpqA7sLQxMAzS7CZVUKEyFQlagcgybPzbJUvPgjT%2Fac0MoG5NQmsZhKI3cnw95du3DirNmt912adBf8bpdyrthx%2B%2FFgcco9TuBHwS0jcxO4xfe%2FeEfAAAA%2F%2F8BAAD%2F%2F2%2BNxB9zBAAA
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHoMXRVD3JsKgCCoy6e6Z9My4BzHGaNi4WXcV9STVXdWTMtVVTVX%2FmMwpuCB7HHLx2vkm2eC6%2BOugJxfpLCgsCBlPOZg%2FwYuwZ5kxOO6Dqve%2B972C771XXxzk58RHTs%2FW3tMjISVdXmm5zZc%2F9rzLzU2h8mFz2As%2BDTqXm6Z4vR%2B03Fea7%2FBoRy%2F7rue6nus114XhsR4uz0iI9G7fa%2FXdVsdveSsdDM2j2OYOLHXAinPyDASbLt13LkFENVTy3Rq3O5lOX3s7ySXNtEHBjj9UO0qXCskijI2DWB1fVEPb0%2FV70OpoLhe6%2BK8wFFPi%2FHoPoTq%2BEImwOJzrDCW4QsieQFnU4LKGoDUifROCnRIgYri6BZXcvqpNSXf%2FZemMnZKlh39DlFOy9OclqOSbVSmGzRta5pnQymIYVxDDGmJQI81PkI0aEOUJouxzCPY7WX64CZUcblmpIVg1712IGiKuIfkY1DrIZ0c4yGMHeeogYWfNyPO8rssi6vb6UdRmXR4GzPVoN%2Fao5wY95NFM3hhZOkYkx4jMHlKzhx0xhsl%2Fgd2uYJkDm02J8%2F4eClah5ASlJSgpQSkIyoygLKojJq1vq9tM2jz0Lrx%2F4dvVRGeDA3qkswFXBNSMYVh1kJ6Tp2fzcV5s%2BNjhZ82Yddww6PnUXeEdSuNOr8%2F8fuB67RWX0iCAFRWEbcxbHokpeSn%2BCamYkid%2FIwjpCaw8QSSeBc2fBy0r0O0KI%2FVtQoVqFYLpEW0pnoHpCmm2hGzXOZDn5Ln5kq58eQc8ekAuDJGpkJoKn4n7BAN5a3Jdl%2BTwui4t%2BX4rzUQiRnS2wBsZzfjjd67w3VIbtrFmx1%2B9Gc2IWXj3A26zTaqYUANLvl4VjHGzrk3Eyc8b9iMeXsvt9mpuVJ5uXntrfSNJDbdWaFWDitNP9hGJKXnqx835z3y1%2BReEqWHyCkm%2BUCp0jSjdg00XOasJjFzgMHVQ5tXE%2BOEiKQWB5AtMwwr2fzhcxBNDZ6%2BpqA7sLQxMAzS7CZVUKEyFQlagcgybPzbJUvPgjT%2Fac0MoG5NQmsZhKI3cnw95du3DirNmt912adBf8bpdyrthx%2B%2FFgcco9TuBHwS0jcxO4xfe%2FeEfAAAA%2F%2F8BAAD%2F%2F2%2BNxB9zBAAA HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8efcef8a15d08d84c319f6a9f44a24da
Strict-Transport-Security: max-age=0; includeSubdomains

backfiremountslippery.com/pixel/purst?dl=0&th=0&sc=0&rs=1928&rd=1928&fd=672&bv=24.4.6608&tmpl=136

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
backfiremountslippery.com/pixel/purst?dl=0&th=0&sc=0&rs=1928&rd=1928&fd=672&bv=24.4.6608&tmpl=136
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectbackfiremountslippery.com
Fingerprint4C:4C:15:19:EC:06:7F:C0:14:8E:7E:E3:13:57:ED:02:02:18:72:B6
ValidityTue, 16 Apr 2024 10:17:54 GMT - Mon, 15 Jul 2024 10:17:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1928&rd=1928&fd=672&bv=24.4.6608&tmpl=136 HTTP/1.1
Host: backfiremountslippery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319

174.137.133.17

302 Found

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=531847&auth=KhbHhS&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Location: https://tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true

bid.bidclickmedia.com/load

172.67.205.77

302 Found

722 B

URL POST HTTP/3
bid.bidclickmedia.com/load
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with very long lines (306)
Size
722 B (722 bytes)
Hash
1608b0c62d7fbb3680879d817819bf30
15b8c3677ec329cd582095641843ddf9f2c52989
c8cd58545ed30e741436f941951cf27325682f4ccbaed33f337f9b2ec15bcda1

HTTP Headers

POST /load HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 93
Origin: https://bid.bidclickmedia.com
DNT: 1
Connection: keep-alive
Referer: https://bid.bidclickmedia.com/sub/31pnK5n
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: text/html; charset=utf-8
location: https://xml.zeusadx.com/redirect?feed=531847&auth=KhbHhS&pubid=162319
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqbvjrqaXEkTKOciGzAOb2cyWaLh%2BBEVW4o74pkU81Vi4LAxlP3t7XVOHhj07hw2lZuTKAKX9H6peq2qFzUIvkb7DJh%2FuVkuU61zZYfJeETIZQbbE1nZSeXr6JQ34zZh%2B%2Beca9lGxxg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3dfa4890b515-OSL
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/viber.js

172.67.39.148

200 OK

869 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/viber.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (1003), with no line terminators
Size
869 B (869 bytes)
Hash
aeffbbeba6dd343b89fdc22cdf23f8c8
7be9f0a8fbd22f85cd4408ed04b69e98cbb79de7
c38246b300667ea8ab28940a729e65168f981baf8adc8d708c299e85b9e2dcee

HTTP Headers

GET /menu/svg/icons/viber.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"ab1da422605fdb35fd02440984d36475"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jdllmjIIRPRO2sHETKfzSGgQqV%2B5f6wC121kOiSfff%2FleOBxlgQKvNn%2B2DUe%2Fr5kpz9KGft%2FRsHDcGcIpGt%2F42uj0Qb%2BUMIa9aqfRrxL31k1iZW4bD4Y1%2BVj76SQGbCP3FxdALOTUrcyP3H539%2BTGVdC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df92be21c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true

216.18.168.29

302 Found

0 B

URL GET HTTP/1.1
tfosrv.com/show_std.php?id_site=13111&id_channel=60781&uf=true
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /show_std.php?id_site=13111&id_channel=60781&uf=true HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Fri, 19 Apr 2024 10:34:27 GMT
content-length: 0
location: https://tfosrv.com/impression.php?channel_id=60781&id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e&site_id=13111&uuid=04a05a01-4935-4727-aca0-5ec4af2c02ba
set-cookie: sppc_uuid=7e695a94-19c7-4802-af05-569351de7422; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1814164684.1713522866&gtm=45je44h0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=446455023

142.250.74.163

200 OK

42 B

URL GET HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1814164684.1713522866&gtm=45je44h0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=446455023
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint0E:DD:25:54:7B:C3:7F:EC:27:35:B1:EC:15:C4:B7:D2:09:71:3B:68
ValidityMon, 04 Mar 2024 07:26:33 GMT - Mon, 27 May 2024 07:26:32 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-HEX1BG8H46&cid=1814164684.1713522866&gtm=45je44h0v9104348843za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=446455023 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Apr 2024 10:34:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

specialsaucer.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=171

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
specialsaucer.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=171
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=171 HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

tfosrv.com/impression.php?channel_id=60781&id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e&site_id=13111&uuid=04a05a01-4935-4727-aca0-5ec4af2c02ba

216.18.168.29

302 Found

0 B

URL GET HTTP/1.1
tfosrv.com/impression.php?channel_id=60781&id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e&site_id=13111&uuid=04a05a01-4935-4727-aca0-5ec4af2c02ba
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint17:0E:13:E0:E3:EE:17:88:09:10:8F:63:F4:7E:31:5A:D9:33:7D:80
ValidityTue, 31 Oct 2023 00:00:00 GMT - Mon, 18 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /impression.php?channel_id=60781&id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e&site_id=13111&uuid=04a05a01-4935-4727-aca0-5ec4af2c02ba HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Cookie: sppc_uuid=7e695a94-19c7-4802-af05-569351de7422
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Fri, 19 Apr 2024 10:34:27 GMT
content-length: 0
location: https://trafforsrv.com/click.php?id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e
set-cookie: sppc_uuid=04a05a01-4935-4727-aca0-5ec4af2c02ba; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

r.mylot.com/p.aspx?u=dd9a2d06-a966-42fd-958f-80c83638114c

54.208.156.204

200 OK

526 B

URL GET HTTP/2
r.mylot.com/p.aspx?u=dd9a2d06-a966-42fd-958f-80c83638114c
IP
54.208.156.204:443
ASN
#14618 AMAZON-AES

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerAmazon
Subject*.mylot.com
Fingerprint81:6A:9D:DF:7B:03:C9:DC:EE:3A:40:EA:60:8A:17:66:07:6C:3E:6C
ValidityMon, 01 Jan 2024 00:00:00 GMT - Tue, 28 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (526), with no line terminators
Size
526 B (526 bytes)
Hash
6622faed0c50f013f2ace4da87a49319
5a91c30137827aa89caee5b0d608d680fdfa3d56
4fbaa47db498ffc76a9c2b2ff1c3550b29aea083a92a56820f66412433447ba5

HTTP Headers

GET /p.aspx?u=dd9a2d06-a966-42fd-958f-80c83638114c HTTP/1.1
Host: r.mylot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/html; charset=utf-8
content-length: 526
cache-control: private
set-cookie: ASP.NET_SessionId=hoxckxvbqbiehwp5lfingmut; path=/; HttpOnly; SameSite=Lax
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html

104.26.7.19

200 OK

22 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html
IP
104.26.7.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
22 kB (22025 bytes)
Hash
8c9101795aca3483089be55cf5b02499
f6831a6efed20f53cf5974bd24d364572f8cc677
578dd8de5a7a475eb4fde7d1bef95915af6e15ec6fe35166075b34b7ca874b5b

HTTP Headers

GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 102990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6qp0pS5hCvMmXWV%2ByQNlTfde6zGZup3puMLkpNpNEVX4TsTXmN5iMebzcqrNspV03e6RGrEr3qDGk7nTSyFNvHEMS%2B%2B%2F2wzCde4CYkLHcNg1nLpUD3qJPjU%2B77AOyfnpUjgbmQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3dfff97d5693-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

104.17.25.14

200 OK

5.1 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17660)
Size
5.1 kB (5117 bytes)
Hash
12dd498bf90c536803c2aad708b66c2b
5f9363d39a405d1c94328cf2303ff4a05c0ad163
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

HTTP Headers

GET /ajax/libs/postscribe/2.0.8/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 5117
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-45f4"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 321887
expires: Wed, 09 Apr 2025 10:34:27 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1b6TA25o1SjRoKayRW8YLsxNlvrntqAiyREIEkqiQaW4UNbikbwGt3Xu397mBELLccGOKyaW%2FxmcbkFsg3G%2BVCTgtkdmQf2QflCTfuVfMQzn9fqeBovyGL5ytXbXdnBdhVsrmrsW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 876c3e0369140b49-OSL
alt-svc: h3=":443"; ma=86400

xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591363&auth=0yfQfB&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591363&auth=0yfQfB&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

68 kB

URL GET HTTP/2
videzz.net/js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
gzip compressed data, from Unix
Size
68 kB (68541 bytes)
Hash
b5a921283662a846b8debc983aea35ce
0da3998c2e18b085a595bc2408098e809b9361c8
909356359bff7cbec01fb075c1d3b70dffcae9062639c37866331a9a37da2b98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/footer.static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-22364"
expires: Sun, 19 May 2024 10:31:16 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

trafforsrv.com/click.php?id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e

216.18.168.28

302 Found

0 B

URL GET HTTP/1.1
trafforsrv.com/click.php?id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e
IP
216.18.168.28:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.trafforsrv.com
FingerprintC4:DD:C6:65:15:A0:54:82:7D:C9:E3:43:74:BA:ED:16:CC:DD:F5:00
ValidityTue, 31 Oct 2023 00:00:00 GMT - Sat, 16 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?id=c98afbab-20ed-4540-beab-c7bc05133cf2%3Aaeb9f712-102b-43ea-9fa7-af98e1740e0e HTTP/1.1
Host: trafforsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
server: nginx
date: Fri, 19 Apr 2024 10:34:27 GMT
content-length: 0
location: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
set-cookie: sppc_uuid=1e9d3e4b-9fd4-449e-bf49-3ed23c222e0f; max-age=31536000; path=/; secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css

172.67.141.24

200 OK

1.0 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
1.0 kB (1006 bytes)
Hash
9b388680bb9d9cf0d8e7e4dad7b39ac5
393a2393f3b96b727a3114d249fffb35bf34d9f5
758934b1fbbad9e578664b4efbb5ee3303482d0d37ec7837b4bb2fa4915be70f

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:46 GMT
etag: W/"65bbb0f2-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 102990
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29LfHFosY4zRAfBj80QDZPq5rAilRYaX%2F3fUJnsSXHcuMbNVogtMeTUr7Hh9uzOjpeem3j9f6GrMTj2bLLiNDTXs7pQ7WLdVQ9czXpFSlcgLfr1rPi0MUEWtMOMf4BnTYzNkeeGO6LjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3e01fd95712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/0YDX8OE

172.67.205.77

200 OK

876 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/0YDX8OE
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text
Size
876 B (876 bytes)
Hash
f5ed6ce7b82ba2323315254d8ec73268
130f2deb64cffe104ed683e06bb6f60d3755ac1c
fea4d8201695c74087e6b7cdd58df01361f12fcad31870e7d9fbbed7402a2926

HTTP Headers

GET /sub/0YDX8OE HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLzbIo5Ut28RiVU1rOHsumNl6WJ8vF3dLpemmIluZpwOq3jUayMnDKbyZcyKvvKPpXeXEwwu%2FLa0FSnZdJe4%2BkWjdzKdkYKO57fsIhUFBl9i0ZlGbrGDcjP8vxEkKhSuHRb%2F8Z9XRq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df7fe85b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

specialsaucer.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=176

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
specialsaucer.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=176
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=176 HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

static.addtoany.com/menu/svg/icons/facebook.js

172.67.39.148

200 OK

273 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/facebook.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (429), with no line terminators
Size
273 B (273 bytes)
Hash
014bcc757e484e12e3aea6c9d768fd4b
4c17157d0012f8002e4e6cf77c5f4a9747792cf4
4b475960843a5619b907af1f0a89e3136bd5e6a4a700ec78cb417f302647cf49

HTTP Headers

GET /menu/svg/icons/facebook.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"68925fa8e347041c6006837e73c518bc"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6GJdn8sjfSnuFPLDtJ%2FQfURHSV9%2BVKFPN%2BoVMIE1WLd%2FjnFWUFJ2yQt7T11BUY%2FmaD3PEQ7eEP6%2Bz96%2BX%2BOzAKq%2BjuM95%2B0V1zYfujak10jOE9EJBhjR6qVVwcABhbLdH5ABU1D%2FXBghUl5L%2FyVYWLhC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df90bcd1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.xmlking.com/redirect?feed=591364&auth=oodr9S&pubid=195183
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.xmlking.com
Fingerprint61:F0:9B:53:D2:DF:03:A0:08:09:BE:79:B1:70:10:34:65:07:7B:6D
ValidityWed, 26 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=591364&auth=oodr9S&pubid=195183 HTTP/1.1
Host: xml.xmlking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
specialsaucer.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=178
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=178 HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 16:27:38 GMT
expires: Wed, 16 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 238009
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:54:31 GMT
expires: Wed, 16 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 290396
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

s.pemsrv.com/splash.php?idzone=5040978&type=8

95.211.229.245

200 OK

478 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F
ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT

File type
HTML document, ASCII text, with very long lines (717)
Size
478 B (478 bytes)
Hash
0a0facbef164c9e58f80ef97a1a0827e
11213522b288f0683c8f640b87b1e4e246ad8030
8b9ce633f14b63226137606c6901f59c4b354efbce58f82c4def4f93e5ed9aaf

HTTP Headers

GET /splash.php?idzone=5040978&type=8 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662248b3e4cae4.418278502783667660%22%3B%7D; expires=Sun, 19 Apr 2026 10:34:27 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
Accept-Ch: Sec-Ch-Ua,Sec-Ch-Ua-Mobile,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Full-Version-list,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Bitness,Sec-Ch-Ua-Arch
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

724 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
724 B (724 bytes)
Hash
e949f107146f80ef61a5f3d3a8ba72c3
135706ca8eceb5af199775e7827468377051e1c6
e211d6a233a3d6a04d6f4b079c172917eca909259edd7399eeebfb1098059640

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 10:34:27 GMT
date: Fri, 19 Apr 2024 10:34:27 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

specialsaucer.com/pixel/sbs?c=1

192.243.59.20

200 OK

0 B

URL GET HTTP/1.1
specialsaucer.com/pixel/sbs?c=1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1362x764&iframe=1

95.211.229.245

302 Found

0 B

URL GET HTTP/1.1
s.pemsrv.com/splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1362x764&iframe=1
IP
95.211.229.245:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectpemsrv.com
FingerprintB9:FB:69:72:AD:12:6D:F5:F8:05:0B:EE:45:B6:E0:BD:1A:B2:E5:0F
ValidityTue, 27 Feb 2024 16:50:21 GMT - Mon, 27 May 2024 16:50:20 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /splash.php?idzone=5040978&type=8&p=https%3A%2F%2Fbid.bidclickmedia.com%2F&tested=1&check=4982d74cc5945eb5f443cbeab8c29c8c&screen_resolution=1280x1024&container_resolution=1362x764&iframe=1 HTTP/1.1
Host: s.pemsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://s.pemsrv.com/splash.php?idzone=5040978&type=8
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662248b3e4cae4.418278502783667660%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 10:34:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: X-CH-VALUES
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22662248b3e4cae4.418278502783667660%22%3B%7D; expires=Sun, 19 Apr 2026 10:34:28 GMT; path=; domain=.pemsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-link%22%3A%22v4%7C%7CNOR%7C5040978%7C95887222%7C203712%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C662248b3e4cae4.418278502783667660%7Cc83b2609dce0c49ddeb451cf74df4f3a%7C0%7Cbid.bidclickmedia.com%7C1280x1024%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C1713522868%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0f269ee516a18b2e4a9da2472ed23715%7Cok%22%7D; expires=Thu, 18 Jul 2024 10:34:28 GMT; path=/; domain=.pemsrv.com; Secure; SameSite=none
Location: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Accept-CH: 
X-Robots-Tag: noindex, follow

svanh-xqh.com/zclkvisitor/655ecf40-fe38-11ee-9f7f-0affeaaa72b5/2b23d770-f59c-11e4-816f-0afe289da1cd?campaignid=206ac2c0-7581-11ea-b16e-12e5dcaa70ed

52.4.208.38

302 Found

0 B

URL GET HTTP/2
svanh-xqh.com/zclkvisitor/655ecf40-fe38-11ee-9f7f-0affeaaa72b5/2b23d770-f59c-11e4-816f-0afe289da1cd?campaignid=206ac2c0-7581-11ea-b16e-12e5dcaa70ed
IP
52.4.208.38:443
ASN
#14618 AMAZON-AES

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerAmazon
Subjectsvanh-xqh.com
FingerprintBC:CF:12:9E:EF:DF:2D:95:50:62:76:FA:78:BE:AD:68:8A:76:07:19
ValidityMon, 15 Apr 2024 00:00:00 GMT - Wed, 14 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zclkvisitor/655ecf40-fe38-11ee-9f7f-0affeaaa72b5/2b23d770-f59c-11e4-816f-0afe289da1cd?campaignid=206ac2c0-7581-11ea-b16e-12e5dcaa70ed HTTP/1.1
Host: svanh-xqh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.mylot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Fri, 19 Apr 2024 10:34:28 GMT
content-length: 0
location: https://www.affectionwave.com/
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=083c7ef1-dcba-4871-9ebf-7083c3d68150&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=083c7ef1-dcba-4871-9ebf-7083c3d68150&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=083c7ef1-dcba-4871-9ebf-7083c3d68150&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=fd40b682a05e4aaf489d29601350aa66&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 10:34:28 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fe1c1e32bfe7aaf2f2218bade7bfacb2
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=083c7ef1-dcba-4871-9ebf-7083c3d68150&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10

192.243.59.13

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=083c7ef1-dcba-4871-9ebf-7083c3d68150&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=083c7ef1-dcba-4871-9ebf-7083c3d68150&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=f1776d24271c5ad55c5f1492e2d01e10&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=10 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 10:34:28 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51e56c3937b0cb0c67e8a6d3e2e11200
Strict-Transport-Security: max-age=0; includeSubdomains

my.rtmark.net/gid.js?userId=0080430857394891e749943030e1596d

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=0080430857394891e749943030e1596d
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
3d654f270a5f03c3d65ab078c52ad534
1451b27a0dba56923357d6d0197f847eb65aecd7
084faac7596bfcf939deed62b6fe6c52742a1158d9a41ff4ab3e4f7d599bb0d1

HTTP Headers

GET /gid.js?userId=0080430857394891e749943030e1596d HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://videzz.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=0080430857394891e749943030e1596d; expires=Sat, 19 Apr 2025 10:34:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0ef083e5-dd17-49a5-b0a4-5376917f2d01

139.45.195.254

200 OK

12 B

URL POST HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0ef083e5-dd17-49a5-b0a4-5376917f2d01
IP
139.45.195.254:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subjectfleraprt.com
Fingerprint32:DB:C5:24:21:ED:1D:C3:40:C3:46:9F:CF:EE:98:4D:72:29:4C:3C
ValidityTue, 09 Jan 2024 00:00:00 GMT - Mon, 13 Jan 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=0ef083e5-dd17-49a5-b0a4-5376917f2d01 HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1398
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 19 Apr 2024 10:34:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js

64.210.135.118

200 OK

232 B

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/ContainerBlock.877c97af.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
232 B (232 bytes)
Hash
ed2f44cc9f2871d8668252e176c16e33
efa4750156409a21bc47ae02827d792d14ca899d
5544d0dd2f72ed204f9d4e9ca610e167ceb31854b27d188e55b1360319962e1b

HTTP Headers

GET /tour/@one/blocks/async/ContainerBlock.877c97af.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/javascript
content-length: 232
last-modified: Fri, 16 Feb 2024 21:44:10 GMT
etag: "3a99970fe-e8-61186a4e49e80"
expires: Thu, 20 Jun 2024 23:30:37 GMT
cache-control: max-age=10511277
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-7846-2-6914-h-0-0---;7846-18-7351----0-0-0
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js

64.210.135.118

200 OK

421 B

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/RowBlock.3b6ad7f7.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (421), with no line terminators
Size
421 B (421 bytes)
Hash
a94050f26199e41905e348fbc2ad9724
4ad81ca158f6008863628a9dccd0232870a66a05
a97ab9aa6b0d346531f8fab56ba39727ccf80b4101a4b3f09af3eab4d895108d

HTTP Headers

GET /tour/@one/blocks/async/RowBlock.3b6ad7f7.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/javascript
content-length: 421
last-modified: Fri, 16 Feb 2024 21:44:10 GMT
etag: "3a953ca06-1a5-61186a4e49e80"
expires: Thu, 20 Jun 2024 23:30:37 GMT
cache-control: max-age=10511277
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-22540-h-0-0---;7846-22-7351----0-0-0
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js

64.210.135.118

200 OK

435 B

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/ColumnBlock.8745db90.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (435), with no line terminators
Size
435 B (435 bytes)
Hash
bba82fdfdc2684ce6c44701d57090667
8625624d8247f8c9a94ab6ff74e977e54ee1d083
9116e30438d4725883a76b2efb55417c33529009297515869f1b92dd89d7f602

HTTP Headers

GET /tour/@one/blocks/async/ColumnBlock.8745db90.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/javascript
content-length: 435
last-modified: Fri, 16 Feb 2024 21:44:10 GMT
etag: "3a9ab3d86-1b3-61186a4e49e80"
expires: Thu, 20 Jun 2024 23:30:37 GMT
cache-control: max-age=10511277
vary: Accept-Encoding
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-6249-3-3471-h-0-0---;7846-23-7351----0-0-1
X-Firefox-Spdy: h2

app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff

151.101.2.217

200 OK

23 B

URL GET HTTP/2
app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff
IP
151.101.2.217:443
ASN
#54113 FASTLY

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
gzip compressed data
Size
23 B (23 bytes)
Hash
f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f

HTTP Headers

OPTIONS /sdk/goals/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Referer: https://tgp1.brazzersnetwork.com/
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 19 Apr 2024 10:34:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410020-HEL
x-cache: HIT
x-cache-hits: 33
x-timer: S1713522870.524159,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23
X-Firefox-Spdy: h2

app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff

151.101.2.217

200 OK

26 B

URL GET HTTP/2
app.launchdarkly.com/sdk/goals/63bdba6ee6d64c12826b8bff
IP
151.101.2.217:443
ASN
#54113 FASTLY

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
JSON text data
Size
26 B (26 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /sdk/goals/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
cache-control: max-age=0
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 19 Apr 2024 10:34:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410020-HEL
x-cache: HIT
x-cache-hits: 266
x-timer: S1713522870.540741,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 26
X-Firefox-Spdy: h2

app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19

151.101.2.217

200 OK

23 B

URL GET HTTP/2
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19
IP
151.101.2.217:443
ASN
#54113 FASTLY

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
gzip compressed data
Size
23 B (23 bytes)
Hash
f0d79988b7772c003d04a28bd7417a62
58423a999eec2997bcfffb247e9ecd3dfd0abf44
30e6fa98fb48c2b132824d1ac5e2243c0be9e9082ff32598d34d7687ca7f6c7f

HTTP Headers

OPTIONS /sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19 HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent,x-launchdarkly-wrapper
Referer: https://tgp1.brazzersnetwork.com/
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Fri, 19 Apr 2024 10:34:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410020-HEL
x-cache: HIT
x-cache-hits: 41
x-timer: S1713522870.562032,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23
X-Firefox-Spdy: h2

151.101.2.217

200 OK

180 B

URL GET HTTP/2
app.launchdarkly.com/sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19
IP
151.101.2.217:443
ASN
#54113 FASTLY

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGlobalSign nv-sa
Subjectapp.launchdarkly.com
Fingerprint0E:80:83:6E:DA:34:B1:44:89:98:74:A9:22:2A:70:56:1D:54:1E:3F
ValidityThu, 04 Apr 2024 00:55:36 GMT - Tue, 06 May 2025 00:55:35 GMT

File type
JSON text data
Size
180 B (180 bytes)
Hash
f49df299358be8bb6965fe98c18d3de8
1db004cb4142b82410913fa0aa8ef4700ed3af0e
1d9765e0ef4d9d7b952a82a0ebbecde9e35d6eff68b7134c2b971779f886540b

HTTP Headers

GET /sdk/evalx/63bdba6ee6d64c12826b8bff/users/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19 HTTP/1.1
Host: app.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/json
cache-control: max-age=0
etag: "3dbb"
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
content-encoding: gzip
accept-ranges: bytes
date: Fri, 19 Apr 2024 10:34:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410028-HEL, cache-hel1410020-HEL
x-cache: HIT
x-cache-hits: 9
x-timer: S1713522870.590334,VS0,VE0
vary: Authorization, Accept-Encoding
age: 0
content-length: 180
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/_ats/eta/guid?app_id=&eventName=&

66.254.114.234

200 OK

128 B

URL GET HTTP/2
tgp1.brazzersnetwork.com/_ats/eta/guid?app_id=&eventName=&
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type
JSON text data
Size
128 B (128 bytes)
Hash
e2b0487fe78e95b3a4bd961ae5458fa4
aa4e6b4a76a54a2d564c39adb2c291583b7f36a8
9ca0b233dd3ff43314826ce35f9ed6b07f6a3272da078099a36620e335772790

HTTP Headers

GET /_ats/eta/guid?app_id=&eventName=& HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Content-Type: application/x-www-form-urlencoded
DNT: 1
Connection: keep-alive
Cookie: ats=eyJhIjoxNDksImNuIjoiRlJFRV82NTI5NzQ0IiwibiI6MTQsInMiOjkwLCJlIjo5MDY3LCJwIjozMzl9; atstrackPiece1=eyJhZmZVcmwiOiJwcm9qZWN0b25lLmNvbSIsImFmZkNvZGUiOiJleUpoSWpveE5Ea3NJbU51SWpvaVJsSkZSVjgyTlRJNU56UTBJaXdpYmlJNk1UUXNJbk1pT2prd0xDSmxJam81TURZM0xDSndJam96TXpsOSIsIm5ldHdvcmtDb2RlIjoiQloiLCJVSUQiOiJkOGEwZWZiMC1kYWVhLTQ0MDktYjY0OC1kYmUxZTk4NWExMjciLCJTVUlEIjoiM2E5ZGJmYjctYmQ1Yi00ZWRlLTgwNGUtZjJlZWMxZjFlZWIzIiwiZGF0YSI6eyJ2YWx1ZSI6MSwiYWIiOjAsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2t1IjoiTnVsbCIsImluc3RhbmNlSWQiOjIxNDQxMSwicGFnZUlkIjozNjM0MzUxLCJhZElkIjoiODE2MTc4X0ZSRUUiLCJwb3N0YmFja1BhcmFtcyI6Im9wYzRBU09xbHBsdXN0ZGRWYmJaUFBPNmVXaXlhZHpxcGJYVXpPb2ROVTZWMHJwWFQxVVUwdW9tcG9ucG5kUk5UUlBUUzZWMHpwWFN1bGRLNlowcnBYVE9ycm5ucHQwbzNwMXozcGpwbXRuc3RxbG5zdG9ycnNycmxkcmJScFBYTGR0cnZMclRkdHR2cFRWTnJ4WlR0eFR4Um02VjJuZTBlbmUydjNldnYuLjNlY2VvZjNUVDJ5cW1sbnBjNlYwcnBYU3VsZEs2VjBycFhUV1RVVlR6MjEydWM2VjBycFhTdWxkSzZWMHJwWFN1bDRucnUzM3FtcnptdDBuM3B6dTJ6bnBzbjMybm9zbXFjSDJBIiwicmVmZXJyYWxEb21haW4iOiJzLnBlbXNydi5jb20iLCJyZWZlcnJhbFBhdGgiOiJo; atstrackPiece2=dHRwczovL3MucGVtc3J2LmNvbS8ifSwiZG1wIjp7fSwiZGVmYXVsdENvZGUiOiJleUpoSWpvNU5EazJMQ0pqSWpvMU5qVTROVFF5TlN3aWJpSTZNVFFzSW5NaU9qa3dMQ0psSWpvNU1EWTNMQ0p3SWpvemZRPT0iLCJzcGxpdEF0bGFzRGF0YSI6dHJ1ZSwic3RlcHMiOiJ8O2F1Iiwidm9ydGV4ZGF0YSI6eyJfc3NjcmVlbiI6IjEyODAgeCAxMDI0IiwiX3Nicm93c2VyIjoiRmlyZWZveCIsIl9zYnJvd3NlclZlcnNpb24iOiI5Ni4wIiwiX2Jtb2JpbGUiOmZhbHNlLCJfc29zIjoiTGludXgiLCJfc29zVmVyc2lvbiI6Ii0iLCJfYmNvb2tpZXMiOnRydWUsIl9zZmxhc2hWZXJzaW9uIjoibm8gY2hlY2siLCJfc2xhbmd1YWdlcyI6ImVuLVVTLGVuIiwiX3NwbHVnaW5zIjoiUERGIFZpZXdlcixDaHJvbWUgUERGIFZpZXdlcixDaHJvbWl1bSBQREYgVmlld2VyLE1pY3Jvc29mdCBFZGdlIFBERiBWaWV3ZXIsV2ViS2l0IGJ1aWx0LWluIFBERiJ9LCJ2aXNpdFN0YXJ0IjoxNzEzNTIyODY5NjYxfQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/json
content-length: 128
set-cookie: eta_guid=03044b47-88ac-42ab-b17a-496ee5b601c4_1713522869;Path=/;Max-Age=315360000;Expires=Wed, 12 Jul 2034 00:00:01 UTC;SameSite=None;HttpOnly;
sessionid=e7455d46-5ee0-4d9f-a9e3-7617729b7dd4; Path=/; SameSite=None;HttpOnly;
__s=662248B5-42FE72EA01BB28B2F4-1F1782;
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/_p1cdn/tour/vortex.modern.min.js

66.254.114.234

200 OK

22 kB

URL GET HTTP/2
tgp1.brazzersnetwork.com/_p1cdn/tour/vortex.modern.min.js
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type
gzip compressed data, max speed, from Unix
Size
22 kB (22289 bytes)
Hash
2711f62cd29127874d34bf3442f812a0
75c71409ea5da15bba267f33d6c0c421f39d40c6
e9a92ff6bee06e4fe694f6b562f806e35d1e54c5d5341bc2dab5780d08b5b2f3

HTTP Headers

GET /_p1cdn/tour/vortex.modern.min.js HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 08 Feb 2024 21:05:55 GMT
etag: W/"3a8c4c948-94e3-610e52d5eb2c0"
expires: Sat, 15 Jun 2024 11:16:34 GMT
cache-control: max-age=10694520
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: dfw1-15026-1-734762-h-0-0---;15011-134-13810----0-0-0
set-cookie: __s=662248B5-42FE72EA01BB28B2F4-1F177A;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Droid+Sans:400,700

142.250.74.106

200 OK

23 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Droid+Sans:400,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
23 kB (22690 bytes)
Hash
3181fc7c97b2f35fc534a67f853007ae
9adb0e9f6a86c330b058874cf32bfce11a39a9b5
48a2b2ab83ae7af92f204829e8aaa2f716f022540eb54606f0fe9ef9a3a4ba79

HTTP Headers

GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 10:34:29 GMT
date: Fri, 19 Apr 2024 10:34:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A

66.254.114.234

200 OK

56 kB

URL GET HTTP/2
tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type
HTML document, ASCII text, with very long lines (59861)
Size
56 kB (56079 bytes)
Hash
ec7cc9e40a27a7b9435a6039e43ad866
08c8a9387f8774f3f9b0b77b30455f153ae98530
aa293b1efbf4d23b319d7b0f74e5aba7b8d7140fa85c974dc8b594ec03be04e8

HTTP Headers

GET /tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.pemsrv.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-trace: 2BCBF653963BD2862C9EDEA017FE413788D2883D5A9E0648B47210911900
x-powered-by: Juan
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x_ats_page_id: N/A
x_ats_page_type: CUSTOM
x_ats_instance_id: 214411
x_ats_instance_type: tour
etag: W/"ea7ef-CMipOH+HdPP5sLd7MEVfFTrphTA"
content-encoding: br
cache-control: no-transform
set-cookie: instance_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJtaW5kZ2VlayIsImF1ZCI6Im1pbmRnZWVrIiwic3ViIjoiaW5zdGFuY2UtYXBpIiwiZXhwIjoxNzEzNjU3NjAwLCJpZCI6MjE0NDExLCJicmFuZCI6ImJyYXp6ZXJzIiwiaG9zdG5hbWUiOiJ0Z3AxLmJyYXp6ZXJzbmV0d29yay5jb20ifQ.Y5mrXOBlFNEuXR36ypKN6okr2165VsLKygYjikR-SPo; Max-Age=86400; Path=/; Expires=Sat, 20 Apr 2024 10:34:28 GMT
__s=662248B4-42FE72EA01BB28B2F4-1F1760;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/runtime.8c431a9a.js

64.210.135.118

200 OK

19 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/runtime.8c431a9a.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
19 kB (19174 bytes)
Hash
bb4c30a8d09e301a289aafb8084a5ca6
b07a6fe8427eb41dae5c5d44f07187b94cc73af1
037f7acf1348d5dd5a861a690a560994cac3045c4b539a49c9103fc7116156b1

HTTP Headers

GET /tour/runtime.8c431a9a.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Apr 2024 19:20:37 GMT
etag: W/"3ac5c7455-2198-6159ab3442b40"
expires: Sat, 10 Aug 2024 00:54:29 GMT
cache-control: max-age=10579024
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-6249-2-3434-h-0-0---;7846-19-7351----0-0-0
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400

142.250.74.106

200 OK

2.6 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:400
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
gzip compressed data, max compression
Size
2.6 kB (2630 bytes)
Hash
b3f572a06fac9a19c41143005dd122f6
1373a2a881cd5a4105e885b568aae58379175930
0d503e33c3f0775ef0b01e9470f510507cbec75b587e77cc2c7b4a6dd80a6f15

HTTP Headers

GET /css?family=Roboto:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 10:34:29 GMT
date: Fri, 19 Apr 2024 10:34:29 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

veepteero.com/?rb=zghJJEaLGHuWkB3tjFrr5P84Sjk_cpxMunj75nk9gBF2DJQNAYyIB6OArOOO26gw4rpSPt5nNNuHj9Y6heWQFxWi4zpfVCdfpL5ZQuMauBuy7p2x9QxVqPYQkEydSPjKOr55vaJrm9AQ6_s6tReR0lapAg4Z-08TvXCEmyaPKNBiksLSqG0GEGXIx-5TS9gR79L0JQoi2pfnP7AKGtGv4mfCctTeFfQcjEILvvAe6TrU5j4QwGpHOqZM6QwWRW3ASHul3Q%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=13&pl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=ba99e5c8-fd16-4a8f-8ba9-0e49f330a6a5&userId=0080430857394891e749943030e1596d&m=link

139.45.197.242

200 OK

14 kB

URL GET HTTP/2
veepteero.com/?rb=zghJJEaLGHuWkB3tjFrr5P84Sjk_cpxMunj75nk9gBF2DJQNAYyIB6OArOOO26gw4rpSPt5nNNuHj9Y6heWQFxWi4zpfVCdfpL5ZQuMauBuy7p2x9QxVqPYQkEydSPjKOr55vaJrm9AQ6_s6tReR0lapAg4Z-08TvXCEmyaPKNBiksLSqG0GEGXIx-5TS9gR79L0JQoi2pfnP7AKGtGv4mfCctTeFfQcjEILvvAe6TrU5j4QwGpHOqZM6QwWRW3ASHul3Q%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=13&pl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=ba99e5c8-fd16-4a8f-8ba9-0e49f330a6a5&userId=0080430857394891e749943030e1596d&m=link
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (14030 bytes)
Hash
895a68579e312b63aad54ba87f3e1344
ce7cde76a6705131a4accf9d6d62ead884fd8b8c
bf51d5ba58dda9aff4df83caf433139f1fc401168be9b3ef29166b36cf0a03e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=zghJJEaLGHuWkB3tjFrr5P84Sjk_cpxMunj75nk9gBF2DJQNAYyIB6OArOOO26gw4rpSPt5nNNuHj9Y6heWQFxWi4zpfVCdfpL5ZQuMauBuy7p2x9QxVqPYQkEydSPjKOr55vaJrm9AQ6_s6tReR0lapAg4Z-08TvXCEmyaPKNBiksLSqG0GEGXIx-5TS9gR79L0JQoi2pfnP7AKGtGv4mfCctTeFfQcjEILvvAe6TrU5j4QwGpHOqZM6QwWRW3ASHul3Q%3D%3D&request_ab2=0&zoneid=5708417&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=13&pl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=ba99e5c8-fd16-4a8f-8ba9-0e49f330a6a5&userId=0080430857394891e749943030e1596d&m=link HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/json
x-trace-id: 3b56fc95f755e9c795e08a3575a242dd
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080430857394891e749943030e1596d; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
oaidts=1713522868; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 26 Apr 2024 10:34:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/header.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/header.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/header.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-1-10402-h-0-0---;7846-25-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-2-22500-h-0-0---;7846-25-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/navbar.png

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/navbar.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/navbar.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-2-10439-h-0-0---;7846-25-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6141-1-19725-e-0-0-404-0.000--;7846-25-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_03.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6141-2-19801-e-0-0-404-0.004--;7846-25-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_03.gif

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_03.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_03.gif HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-19572-e-0-0-404-0.004--;7846-25-7351----0-0-3
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_02.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-10481-e-0-0-404-0.000--;7846-25-7351----0-0-3
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_04.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-2-10439-h-0-0---;7846-17-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-10481-h-0-0---;7846-17-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_04.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R2_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7846-2-6916-e-0-0-404-0.000--;7846-17-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_02.gif

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_02.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_02.gif HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-10482-e-0-0-404-0.004--;7846-17-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_02.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-2-19649-h-0-0---;7846-19-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_03.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6249-2-3431-h-0-0---;7846-18-7351----0-0-0
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_04.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R4_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-1-10402-h-0-0---;7846-18-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/_p1cdn/tour/atlaslib-js.95baa5ea.js

66.254.114.234

200 OK

1.8 MB

URL GET HTTP/2
tgp1.brazzersnetwork.com/_p1cdn/tour/atlaslib-js.95baa5ea.js
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.8 MB (1762677 bytes)
Hash
06b4bff9a640a16b06193a17f1868a74
9db842706d221a62ccb0ea5fe87c1ad32319ab78
ccb658e92f243394cab9b6b9641ea3170691aa3d8a3258e2688ff1f935c7e8af

HTTP Headers

GET /_p1cdn/tour/atlaslib-js.95baa5ea.js HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 07 Mar 2024 19:01:06 GMT
etag: W/"3aa5997d8-9d5b-61316b28c2080"
expires: Fri, 12 Jul 2024 00:23:30 GMT
cache-control: max-age=10430581
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: dfw1-15026-2-735000-h-0-0---;15010-124-47092----0-0-2
set-cookie: __s=662248B4-42FE72EA01BB28B2F4-1F1767;
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6141-1-19723-h-0-0---;7846-17-7351----0-0-0
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/header.jpg

64.210.135.118

200 OK

20 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/header.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 1920x120, components 3
Size
20 kB (20467 bytes)
Hash
6c16c40b4043103bc1630403a95b3f82
625abc15c577d32c385e97897fd301a592863ff4
915efc3672c9d42673cd379263822375ff4b27bc2c6fec0411ad6ac7056e8640

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/header.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 20467
last-modified: Mon, 17 May 2021 15:18:34 GMT
etag: "372544003-4ff3-5c2881b5d6680"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-3-19694-h-0-0---;7846-23-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/navbar.jpg

64.210.135.118

200 OK

18 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/navbar.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1920x60, components 3
Size
18 kB (17505 bytes)
Hash
00d0fbf802a635e66b5583a06aa4591d
9d9626eea9d83c077b9041225abf629429ee082b
1897b71f137b582ae4d1b387056fd3327d5f2901202302139617336b18c14c86

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/navbar.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 17505
last-modified: Mon, 17 May 2021 15:18:35 GMT
etag: "372544007-4461-5c2881b6ca8c0"
expires: Tue, 26 Mar 2024 09:30:30 GMT
cache-control: max-age=10582779
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-22539-h-0-0---;7846-23-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_01.jpg

64.210.135.118

200 OK

180 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
180 kB (179481 bytes)
Hash
ab996ce13f3af31146afd0b0842cff59
4391f0438425854d5bd3cc99099707b834988722
64f97309beb5cc9f3a37989731a356b74b3326ab76e99a0e94a8c67834b317be

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 179481
last-modified: Thu, 16 Nov 2023 04:41:03 GMT
etag: "372544014-2bd19-60a3da08ad5c0"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-2-10439-h-0-0---;7846-23-7351----0-0-0
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/_ats/eta/events?app_id=10303&eventName=UNIQUE_TRACK

66.254.114.234

200 OK

313 kB

URL POST HTTP/2
tgp1.brazzersnetwork.com/_ats/eta/events?app_id=10303&eventName=UNIQUE_TRACK
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type
data
Size
313 kB (313134 bytes)
Hash
7c561ca6f12c14c5bb109970f98b1fa1
185f762f4301d93a49ef774cf12b506842894ffb
5c631453eb94f9454df52140d284f53ea3b1c8faa572a70501416e45eb15bbda

HTTP Headers

POST /_ats/eta/events?app_id=10303&eventName=UNIQUE_TRACK HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Content-Type: application/x-www-form-urlencoded
Content-Length: 1516
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Cookie: ats=eyJhIjoxNDksImNuIjoiRlJFRV82NTI5NzQ0IiwibiI6MTQsInMiOjkwLCJlIjo5MDY3LCJwIjozMzl9; atsd=3a9dbfb7-bd5b-4ede-804e-f2eec1f1eeb3; atsm=3a9dbfb7-bd5b-4ede-804e-f2eec1f1eeb3; atss=3a9dbfb7-bd5b-4ede-804e-f2eec1f1eeb3; atstrackPiece1=eyJhZmZVcmwiOiJwcm9qZWN0b25lLmNvbSIsImFmZkNvZGUiOiJleUpoSWpveE5Ea3NJbU51SWpvaVJsSkZSVjgyTlRJNU56UTBJaXdpYmlJNk1UUXNJbk1pT2prd0xDSmxJam81TURZM0xDSndJam96TXpsOSIsIm5ldHdvcmtDb2RlIjoiQloiLCJVSUQiOiJkOGEwZWZiMC1kYWVhLTQ0MDktYjY0OC1kYmUxZTk4NWExMjciLCJTVUlEIjoiM2E5ZGJmYjctYmQ1Yi00ZWRlLTgwNGUtZjJlZWMxZjFlZWIzIiwiZGF0YSI6eyJ2YWx1ZSI6MSwiYWIiOjAsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2t1IjoiTnVsbCIsImluc3RhbmNlSWQiOjIxNDQxMSwicGFnZUlkIjozNjM0MzUxLCJhZElkIjoiODE2MTc4X0ZSRUUiLCJwb3N0YmFja1BhcmFtcyI6Im9wYzRBU09xbHBsdXN0ZGRWYmJaUFBPNmVXaXlhZHpxcGJYVXpPb2ROVTZWMHJwWFQxVVUwdW9tcG9ucG5kUk5UUlBUUzZWMHpwWFN1bGRLNlowcnBYVE9ycm5ucHQwbzNwMXozcGpwbXRuc3RxbG5zdG9ycnNycmxkcmJScFBYTGR0cnZMclRkdHR2cFRWTnJ4WlR0eFR4Um02VjJuZTBlbmUydjNldnYuLjNlY2VvZjNUVDJ5cW1sbnBjNlYwcnBYU3VsZEs2VjBycFhUV1RVVlR6MjEydWM2VjBycFhTdWxkSzZWMHJwWFN1bDRucnUzM3FtcnptdDBuM3B6dTJ6bnBzbjMybm9zbXFjSDJBIiwicmVmZXJyYWxEb21haW4iOiJzLnBlbXNydi5jb20iLCJyZWZlcnJhbFBhdGgiOiJo; atstrackPiece2=dHRwczovL3MucGVtc3J2LmNvbS8ifSwiZG1wIjp7fSwiZGVmYXVsdENvZGUiOiJleUpoSWpvNU5EazJMQ0pqSWpvMU5qVTROVFF5TlN3aWJpSTZNVFFzSW5NaU9qa3dMQ0psSWpvNU1EWTNMQ0p3SWpvemZRPT0iLCJzcGxpdEF0bGFzRGF0YSI6dHJ1ZSwic3RlcHMiOiJ8O2F1O3Y7dDt1Iiwidm9ydGV4ZGF0YSI6eyJfc3NjcmVlbiI6IjEyODAgeCAxMDI0IiwiX3Nicm93c2VyIjoiRmlyZWZveCIsIl9zYnJvd3NlclZlcnNpb24iOiI5Ni4wIiwiX2Jtb2JpbGUiOmZhbHNlLCJfc29zIjoiTGludXgiLCJfc29zVmVyc2lvbiI6Ii0iLCJfc2ZsYXNoVmVyc2lvbiI6Im5vIGNoZWNrIiwiX3NsYW5ndWFnZXMiOiJlbi1VUyxlbiIsImd1aWQiOiIwMzA0NGI0Ny04OGFjLTQyYWItYjE3YS00OTZlZTViNjAxYzQiLCJod21vZGVsIjoiVW5rbm93biIsImh3ZmFtaWx5IjoiRW11bGF0b3IiLCJkZXZ0eXBlIjoiRGVza3RvcCJ9LCJ2aXNpdFN0YXJ0IjoxNzEzNTIyODY5NjYxLCJjb2RlVHlwZSI6ImF0cyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: application/json
set-cookie: eta_guid=69498aef-ee9d-4857-962c-37d2b4397374_1713522869;Path=/;Max-Age=315360000;Expires=Wed, 12 Jul 2034 00:00:01 UTC;SameSite=None;HttpOnly;
sessionid=4e2a14c4-eef2-49e0-aa75-82e21fe7e555; Path=/; SameSite=None;HttpOnly;
__s=662248B5-42FE72EA01BB28B2F4-1F1787;
access-control-allow-origin: https://tgp1.brazzersnetwork.com
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
x-eta-guid: 69498aef-ee9d-4857-962c-37d2b4397374
x-eta-sessionid: 4e2a14c4-eef2-49e0-aa75-82e21fe7e555
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-1-22433-e-0-0-404-0.200--;7846-18-7351----0-0-202
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_03.jpg

64.210.135.118

200 OK

352 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
352 kB (351717 bytes)
Hash
ca6e546dd596cae0fe66b6b778391e3b
faff8021254a4310114072e86ef131186d72590f
5f7ee56b4077fa1ea6ee829cbe7fa1695374bdadb29b0c8fa0e296eb69c445ae

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 351717
last-modified: Thu, 16 Nov 2023 04:41:04 GMT
etag: "372544012-55de5-60a3da09a1800"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-3-3488-h-0-0---;7846-29-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_03.gif

64.210.135.118

200 OK

22 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_03.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 430 x 430
Size
22 kB (22470 bytes)
Hash
d1cb4a33278891010a9b5ca11bb4d52f
c2074a00a054f602eb1d300c40f2c44e77f87eae
8b55330deb61941b4a7bca977b596613649ba46da272732df3750596d7631cf1

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_03.gif HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/gif
content-length: 22470
last-modified: Fri, 05 Apr 2024 14:37:28 GMT
etag: "372544011-57c6-6155a651e7a00"
expires: Sun, 04 Aug 2024 15:14:50 GMT
cache-control: max-age=10456589
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-6848-h-0-0---;7846-17-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_02.jpg

64.210.135.118

200 OK

415 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
415 kB (414696 bytes)
Hash
dfe6826b28b53dc0e3208440c1a7bfef
d05bf5c6ebbb9f3db5c99468ce7bba92bb308068
2184f23f705ebe17c81d540f84fb15cc40ad2bc9978b7a81bc4f22dae88dfd4f

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 414696
last-modified: Thu, 16 Nov 2023 04:41:04 GMT
etag: "372544004-653e8-60a3da09a1800"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6141-1-19725-h-0-0---;7846-17-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_04.jpg

64.210.135.118

200 OK

172 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
172 kB (172413 bytes)
Hash
fbed5e6f82a2a0fffa75568738189ecd
8e56833943a0d0a2091cceb746647bdcf14f3636
f7d57169eb7555af36f7e7e263871b78db43783b8a8fc35531904e6fd73617f2

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 172413
last-modified: Thu, 16 Nov 2023 04:40:57 GMT
etag: "372543fec-2a17d-60a3da02f4840"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-22542-h-0-0---;7846-25-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_04.mp4

64.210.135.118

206 Partial Content

960 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_04.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
960 kB (959567 bytes)
Hash
a9d44769af464fda47084dd169fb0b7c
928a29127de05ff300ebfe3f5a0994f6a2530b0b
3924f2fc632cb0bd500cdb2e44a39d92a7a73606ca4047b397564fb67becbc63

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_04.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 959567
last-modified: Thu, 23 Nov 2023 15:21:48 GMT
etag: "372544008-ea44f-60ad364ee9b00"
expires: Tue, 23 Jul 2024 20:06:17 GMT
cache-control: max-age=10621309
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-959566/959567
x-cdn-diag: ams5-7846-3-6967-h-0-0---;7846-19-7351----0-1-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_03.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6249-1-3378-h-0-0---;7846-24-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_02.gif

64.210.135.118

200 OK

22 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_02.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 430 x 430
Size
22 kB (22470 bytes)
Hash
d1cb4a33278891010a9b5ca11bb4d52f
c2074a00a054f602eb1d300c40f2c44e77f87eae
8b55330deb61941b4a7bca977b596613649ba46da272732df3750596d7631cf1

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_02.gif HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/gif
content-length: 22470
last-modified: Fri, 05 Apr 2024 14:37:28 GMT
etag: "37254400b-57c6-6155a651e7a00"
expires: Sun, 04 Aug 2024 15:14:50 GMT
cache-control: max-age=10456589
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-2-6915-h-0-0---;7846-24-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_04.gif

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_04.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_04.gif HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-10480-h-0-0---;7846-24-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-1-10405-h-0-0---;7846-24-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_03.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-1-22434-h-0-0---;7846-24-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_04.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7846-2-6914-h-0-0---;7846-24-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_01.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7846-3-6967-h-0-0---;7846-24-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_02.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6141-2-19802-h-0-0---;7846-24-7351----0-0-2
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

tgp1.brazzersnetwork.com/_ats/eta/events?app_id=10303&eventName=TRACK

66.254.114.234

200 OK

341 B

URL POST HTTP/2
tgp1.brazzersnetwork.com/_ats/eta/events?app_id=10303&eventName=TRACK
IP
66.254.114.234:443
ASN
#29789 REFLECTED

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerLet's Encrypt
Subjectbrazzersnetwork.com
Fingerprint88:AB:08:D2:E9:0E:FD:34:1F:CD:0A:B3:E0:9F:DB:C8:07:2F:D4:AA
ValidityWed, 10 Apr 2024 00:01:06 GMT - Tue, 09 Jul 2024 00:01:05 GMT

File type
HTML document, ASCII text
Size
341 B (341 bytes)
Hash
490b16800b507f63e89e446c265f8fef
19d1c75cb4ca30def97baf8da95383302a6a7854
a4283d6079afac9a1b0fd208fc111f98c413b0a1ba7b8cad5bf604882d390058

HTTP Headers

POST /_ats/eta/events?app_id=10303&eventName=TRACK HTTP/1.1
Host: tgp1.brazzersnetwork.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Content-Type: application/x-www-form-urlencoded
Content-Length: 1509
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Cookie: ats=eyJhIjoxNDksImNuIjoiRlJFRV82NTI5NzQ0IiwibiI6MTQsInMiOjkwLCJlIjo5MDY3LCJwIjozMzl9; atsd=3a9dbfb7-bd5b-4ede-804e-f2eec1f1eeb3; atsm=3a9dbfb7-bd5b-4ede-804e-f2eec1f1eeb3; atss=3a9dbfb7-bd5b-4ede-804e-f2eec1f1eeb3; atstrackPiece1=eyJhZmZVcmwiOiJwcm9qZWN0b25lLmNvbSIsImFmZkNvZGUiOiJleUpoSWpveE5Ea3NJbU51SWpvaVJsSkZSVjgyTlRJNU56UTBJaXdpYmlJNk1UUXNJbk1pT2prd0xDSmxJam81TURZM0xDSndJam96TXpsOSIsIm5ldHdvcmtDb2RlIjoiQloiLCJVSUQiOiJkOGEwZWZiMC1kYWVhLTQ0MDktYjY0OC1kYmUxZTk4NWExMjciLCJTVUlEIjoiM2E5ZGJmYjctYmQ1Yi00ZWRlLTgwNGUtZjJlZWMxZjFlZWIzIiwiZGF0YSI6eyJ2YWx1ZSI6MSwiYWIiOjAsInVzZXJBZ2VudCI6Ik1vemlsbGEvNS4wIChYMTE7IExpbnV4IHg4Nl82NDsgcnY6OTYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC85Ni4wIiwic2t1IjoiTnVsbCIsImluc3RhbmNlSWQiOjIxNDQxMSwicGFnZUlkIjozNjM0MzUxLCJhZElkIjoiODE2MTc4X0ZSRUUiLCJwb3N0YmFja1BhcmFtcyI6Im9wYzRBU09xbHBsdXN0ZGRWYmJaUFBPNmVXaXlhZHpxcGJYVXpPb2ROVTZWMHJwWFQxVVUwdW9tcG9ucG5kUk5UUlBUUzZWMHpwWFN1bGRLNlowcnBYVE9ycm5ucHQwbzNwMXozcGpwbXRuc3RxbG5zdG9ycnNycmxkcmJScFBYTGR0cnZMclRkdHR2cFRWTnJ4WlR0eFR4Um02VjJuZTBlbmUydjNldnYuLjNlY2VvZjNUVDJ5cW1sbnBjNlYwcnBYU3VsZEs2VjBycFhUV1RVVlR6MjEydWM2VjBycFhTdWxkSzZWMHJwWFN1bDRucnUzM3FtcnptdDBuM3B6dTJ6bnBzbjMybm9zbXFjSDJBIiwicmVmZXJyYWxEb21haW4iOiJzLnBlbXNydi5jb20iLCJyZWZlcnJhbFBhdGgiOiJo; atstrackPiece2=dHRwczovL3MucGVtc3J2LmNvbS8ifSwiZG1wIjp7fSwiZGVmYXVsdENvZGUiOiJleUpoSWpvNU5EazJMQ0pqSWpvMU5qVTROVFF5TlN3aWJpSTZNVFFzSW5NaU9qa3dMQ0psSWpvNU1EWTNMQ0p3SWpvemZRPT0iLCJzcGxpdEF0bGFzRGF0YSI6dHJ1ZSwic3RlcHMiOiJ8O2F1O3Y7dDt1Iiwidm9ydGV4ZGF0YSI6eyJfc3NjcmVlbiI6IjEyODAgeCAxMDI0IiwiX3Nicm93c2VyIjoiRmlyZWZveCIsIl9zYnJvd3NlclZlcnNpb24iOiI5Ni4wIiwiX2Jtb2JpbGUiOmZhbHNlLCJfc29zIjoiTGludXgiLCJfc29zVmVyc2lvbiI6Ii0iLCJfc2ZsYXNoVmVyc2lvbiI6Im5vIGNoZWNrIiwiX3NsYW5ndWFnZXMiOiJlbi1VUyxlbiIsImd1aWQiOiIwMzA0NGI0Ny04OGFjLTQyYWItYjE3YS00OTZlZTViNjAxYzQiLCJod21vZGVsIjoiVW5rbm93biIsImh3ZmFtaWx5IjoiRW11bGF0b3IiLCJkZXZ0eXBlIjoiRGVza3RvcCJ9LCJ2aXNpdFN0YXJ0IjoxNzEzNTIyODY5NjYxLCJjb2RlVHlwZSI6ImF0cyJ9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: application/json
set-cookie: eta_guid=2d5d236c-3a76-4f0d-a95a-e549609d732d_1713522869;Path=/;Max-Age=315360000;Expires=Wed, 12 Jul 2034 00:00:01 UTC;SameSite=None;HttpOnly;
sessionid=64c3b47e-e0ae-4ab6-a724-b0cf7440439d; Path=/; SameSite=None;HttpOnly;
__s=662248B5-42FE72EA01BB28B2F4-1F1788;
access-control-allow-origin: https://tgp1.brazzersnetwork.com
access-control-allow-methods: GET, POST
access-control-allow-credentials: true
cache-control: no-cache, no-transform
content-disposition: inline
x-content-type-options: nosniff
x-xss-protection: 0
pragma: no-cache
timing-allow-origin: *
x-eta-guid: 2d5d236c-3a76-4f0d-a95a-e549609d732d
x-eta-sessionid: 64c3b47e-e0ae-4ab6-a724-b0cf7440439d
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_02.jpg

64.210.135.118

200 OK

42 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 430x860, Scaling: [none]x[none], YUV color, decoders should clamp
Size
42 kB (41556 bytes)
Hash
3677af641794d26d28c7220465405d6e
314ab8bedf8b1156a3c6c60111421c356046791c
d84f6db47c465e638bbcc56289af97eb3b5e11061f35be7c1ec65180677abefb

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 41556
last-modified: Fri, 21 Apr 2023 19:30:32 GMT
etag: "372544010-a254-5f9ddb0bfc600"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-1-3378-h-0-0---;7846-24-7351----0-0-2
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_04.jpg

64.210.135.118

200 OK

123 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=860, bps=158, PhotometricInterpretation=RGB, orientation=upper-left, width=430], progressive, precision 8, 430x860, components 3
Size
123 kB (123394 bytes)
Hash
547a80d5e5659356fc62e3e65c0a457b
5b560836c9416a470d9a72bbd6dc52f37a647bf5
b7dda80acc242a57ace51329208bd154eca6b229ec05811857b205b9b7991da6

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 123394
last-modified: Fri, 21 Apr 2023 19:30:28 GMT
etag: "372543fe4-1e202-5f9ddb082bd00"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-1-22435-h-0-0---;7846-24-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_03.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-1-22434-h-0-0---;7846-24-7351----0-0-0
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_01.jpg

64.210.135.118

200 OK

373 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
373 kB (373109 bytes)
Hash
7af19804cd5bc79c7f75ad4389e21e05
340d20d546a6dd03eb39ef9a5edaaac7c253473a
4c8fc85b04c4b602ea19a3f4fb3e5b2892dc392ef3ab6202881e99a0cbf88124

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 373109
last-modified: Thu, 16 Nov 2023 04:40:57 GMT
etag: "372543fe9-5b175-60a3da02f4840"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-3432-h-0-0---;7846-24-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_04.jpg

64.210.135.118

200 OK

348 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
348 kB (347572 bytes)
Hash
9450b6bb0f379e8baf9e380d99fc651a
3d65af2551c9ec8befc0943c1b862b6bd7387305
61bec37bbda973f37f9ecf5646fb1d70ccff1ba39173987fce65dc7953ec6ade

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 347572
last-modified: Thu, 16 Nov 2023 04:40:58 GMT
etag: "372543fe5-54db4-60a3da03e8a80"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-3-10480-h-0-0---;7846-24-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_03.jpg

64.210.135.118

200 OK

354 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
354 kB (353535 bytes)
Hash
6ac205baf17d912571649964c6e33f29
86b5141039979f6ff8a1a5385245983160290cb2
776de6099c08e361fafad4e28a83d6225f376ce285f76510e991b125037e95b8

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R4_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 353535
last-modified: Thu, 16 Nov 2023 04:40:57 GMT
etag: "372544013-564ff-60a3da02f4840"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-6968-h-0-0---;7846-24-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_04.jpg

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R7_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6140-1-19582-h-0-0---;7846-24-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_03.mp4

64.210.135.118

206 Partial Content

857 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_03.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
857 kB (856740 bytes)
Hash
b1abf3f2bed89edc2c115a258b0a8bd8
2c8747aa049628e5fb39f5b2f36472267c7a5f4f
234f8c95d9a99b391597d3bd6e2a3ab5282eac6996645d5f634d6ada0fbe8307

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_03.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 856740
last-modified: Thu, 23 Nov 2023 15:21:48 GMT
etag: "372543ff9-d12a4-60ad364ee9b00"
expires: Sun, 14 Jul 2024 03:40:07 GMT
cache-control: max-age=10419543
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-856739/856740
x-cdn-diag: ams5-6249-3-3488-h-0-0---;7846-24-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/cta.png

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/cta.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/cta.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-2-10440-h-0-0---;7846-28-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_02.mp4

64.210.135.118

206 Partial Content

961 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_02.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
961 kB (961362 bytes)
Hash
524523823a57aa97cec9a347a0fd6ba9
b0facf423b6301adff2ab9f01a9b8609fc8437b9
3fdcbae88a2db58c7b620c856922b9300e64bff28d83cd44a17cc94b065baadd

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R1_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 1172034
last-modified: Thu, 23 Nov 2023 15:21:48 GMT
etag: "37254400e-11e242-60ad364ee9b00"
expires: Tue, 26 Mar 2024 09:30:30 GMT
cache-control: max-age=10582779
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-1172033/1172034
x-cdn-diag: ams5-7846-2-6915-h-0-0---;7846-25-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/footer-logo.png

64.210.135.118

404 Not Found

213 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/footer-logo.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
HTML document, ASCII text
Size
213 B (213 bytes)
Hash
6fecd14f70325f2d628b78d654504561
19e94676a4b6d082182531cad97eed51f741bcb0
4963381010fbc88562fcde9a599a12291546653e92ba259247d22a2403c6b180

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/footer-logo.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-6139-2-22498-h-0-0---;7846-28-7351----0-0-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_01.jpg

64.210.135.118

200 OK

145 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
145 kB (145190 bytes)
Hash
3e6d2c66532e25d77f9c896f3f6af568
a8c6529ded410ec48c366c9c51659646b83e028e
dc8f3b7283f6fe88934917fd9f17a10220786237fdde918693f14d9f8551ef28

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R3_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 145190
last-modified: Thu, 16 Nov 2023 04:40:56 GMT
etag: "37254400a-23726-60a3da0200600"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-6849-h-0-0---;7846-28-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_02.mp4

64.210.135.118

206 Partial Content

2.4 MB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_02.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
2.4 MB (2364909 bytes)
Hash
1422dbeea832e766f3f7cb08cc34e898
03a1ca040eb536c683550012252fd02c8b6665e5
88f37e71821c36891605899ed76ccce1e7975534b14190920d2080b327271442

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R5_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 1700841
last-modified: Fri, 05 May 2023 17:32:03 GMT
etag: "37a0eca17-19f3e9-5faf5aacc4ac0"
expires: Mon, 20 May 2024 20:41:01 GMT
cache-control: max-age=10532592
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-1700840/1700841
x-cdn-diag: ams5-7846-2-6917-h-0-0---;7846-29-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_04.gif

64.210.135.118

200 OK

22 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_04.gif
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
GIF image data, version 89a, 430 x 430
Size
22 kB (22470 bytes)
Hash
d1cb4a33278891010a9b5ca11bb4d52f
c2074a00a054f602eb1d300c40f2c44e77f87eae
8b55330deb61941b4a7bca977b596613649ba46da272732df3750596d7631cf1

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_04.gif HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/gif
content-length: 22470
last-modified: Fri, 05 Apr 2024 14:37:28 GMT
etag: "372543feb-57c6-6155a651e7a00"
expires: Sun, 04 Aug 2024 15:14:50 GMT
cache-control: max-age=10456589
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-22542-h-0-0---;7846-21-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_03.jpg

64.210.135.118

200 OK

172 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
172 kB (171482 bytes)
Hash
2a8ab8d25cab12f4494a84cb38c01b2e
0f060cb27a26e930a2c6ea516ccaa496b7758e5d
93b6ac6d9a80a72ef2574e5d254b10069cb6022b6fea7c9c8d4ece0f4b7a01f8

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 171482
last-modified: Thu, 16 Nov 2023 04:40:59 GMT
etag: "372544006-29dda-60a3da04dccc0"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-2-19649-h-0-0---;7846-21-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_01.jpg

64.210.135.118

200 OK

266 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
266 kB (266210 bytes)
Hash
363543c5c8bb6b4c442a8f449d02f722
9cee6d721bdf151f39ad6d8d806493526d8a3d5a
0e4847bdab29056ae4151cdf55099f65bbe3e430bf32d2bd4774752f7c03f7dd

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 266210
last-modified: Thu, 16 Nov 2023 04:41:00 GMT
etag: "372543fe6-40fe2-60a3da05d0f00"
expires: Sun, 24 Mar 2024 09:10:35 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-6849-h-0-0---;7846-21-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_03.jpg

64.210.135.118

200 OK

355 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
355 kB (355368 bytes)
Hash
c7dea6a6652899116162fe1a40500f2c
fa7bca340d861b0bfbbd74f393508cb983d89cc2
90fcc7cb3bcdff3d23ef126f3f97042f877b455324a880d2e390f687f65ad076

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 355368
last-modified: Thu, 16 Nov 2023 04:41:01 GMT
etag: "372543fea-56c28-60a3da06c5140"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-10404-h-0-0---;7846-21-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_04.jpg

64.210.135.118

200 OK

333 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
333 kB (332748 bytes)
Hash
d340163a0092a2d4742c0092f7bed22d
7442d29b62d2576c0adaf0f5882db56b313b027f
f03004a7e387940d548b1052ee6c4f58258f85bdfacf3d48d3aea0c0b4fc990a

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 332748
last-modified: Thu, 16 Nov 2023 04:41:01 GMT
etag: "37254400f-513cc-60a3da06c5140"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-10404-h-0-0---;7846-24-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_01.jpg

64.210.135.118

200 OK

197 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
197 kB (196915 bytes)
Hash
05fa608781287313fe227fd736028a6d
a8a4c46dd206410afecb310c8fd0716f4dd9ca20
4fb718f32596324ad13a4138606925a3ba4567e9b3027d10b4095749f750a8fc

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 196915
last-modified: Thu, 16 Nov 2023 04:41:02 GMT
etag: "372543ff7-30133-60a3da07b9380"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-10404-h-0-0---;7846-24-7351----0-0-1
X-Firefox-Spdy: h2

www.affectionwave.com/join

178.62.22.16

200 OK

166 kB

URL GET HTTP/2
www.affectionwave.com/join
IP
178.62.22.16:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectwww.affectionwave.com
Fingerprint0C:71:66:22:A4:A4:48:99:84:6D:AE:89:0A:E8:4C:C2:B7:9C:D9:66
ValidityTue, 26 Mar 2024 03:11:36 GMT - Mon, 24 Jun 2024 03:11:35 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2996)
Size
166 kB (165522 bytes)
Hash
d4595c40d8f3c39e3a3329a650425f54
17a9b389ee0bfde04257add40432144b303a7afb
5b31b222122e78ef4040036ff30014b61defe115adac1f7445cc68e48b6daff4

HTTP Headers

GET /join HTTP/1.1
Host: www.affectionwave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.mylot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
set-cookie: PHPSESSID=li2o26m3omqbfpj40uvjvhil2p81a0ns3q6mjopc; path=/; secure; HttpOnly
cache-control: must-revalidate, no-cache, no-store, private
strict-transport-security: max-age=31536000
content-encoding: br
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_03.jpg

64.210.135.118

200 OK

142 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_03.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
142 kB (141941 bytes)
Hash
b3984cf8ae2dac71c585df735127044d
c864bd64b8ede32d1d516465b6d8e5e39884d387
d248332a7f6c25b01f787cfe0b638d0470ed7688080f612786a5f8ffbe51b998

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_03.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:31 GMT
content-type: image/jpeg
content-length: 141941
last-modified: Thu, 16 Nov 2023 04:41:02 GMT
etag: "372544015-22a75-60a3da07b9380"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-1-19573-h-0-0---;7846-31-7351----0-0-0
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_02.jpg

64.210.135.118

200 OK

342 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
342 kB (341572 bytes)
Hash
875ab73eef4e58692b4f2e61414d2316
1773af0fcb68570fdb5e826c6aedb0b451b1e751
866a7b0161856034c70d4b407979f1cbdbffe680a0a64572c6da8bf3d25d5599

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R6_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:31 GMT
content-type: image/jpeg
content-length: 341572
last-modified: Thu, 16 Nov 2023 04:41:01 GMT
etag: "372543ff8-53644-60a3da06c5140"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-10403-h-0-0---;7846-31-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_04.jpg

64.210.135.118

200 OK

159 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_04.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
159 kB (159078 bytes)
Hash
ac61470d4d4ff107c638575159256413
f7570088bd9afedf93abb344c12cacb80a4b1bb8
d19852ef00814636c4926419c35011344326e976cfe8b4de27cf32a98c07a5f3

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_04.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:31 GMT
content-type: image/jpeg
content-length: 159078
last-modified: Thu, 16 Nov 2023 04:41:02 GMT
etag: "37254400d-26d66-60a3da07b9380"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-10405-h-0-0---;7846-33-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/cta.png

64.210.135.118

200 OK

10 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/cta.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 538 x 260, 8-bit/color RGBA, non-interlaced
Size
10 kB (10299 bytes)
Hash
c1670f4f8db521da2b25a864d1abef57
7ffa55f21a6654ab4215c7f0a01f48f94692d8b6
aa86562736d392f04542e17f4d50ccbdea523d7221f5ebeedddf2e397532a6c1

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/cta.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:31 GMT
content-type: image/png
content-length: 10299
last-modified: Mon, 06 Nov 2023 22:38:17 GMT
etag: "372544009-283b-60983829da840"
expires: Fri, 08 Mar 2024 01:36:34 GMT
cache-control: max-age=10551431
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-6966-h-0-0---;7846-35-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/footer-logo.png

64.210.135.118

200 OK

7.8 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/footer-logo.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 720 x 108, 8-bit/color RGBA, non-interlaced
Size
7.8 kB (7760 bytes)
Hash
07cac4b53df357f3ed90131f551a8b66
1f19078215e6696e53d312f071535c44a4076f37
ba21324830685eb1f514fca4d01b09dc85996e8da77a0245697eb11a3c8b1135

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/footer-logo.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:31 GMT
content-type: image/png
content-length: 7760
last-modified: Thu, 02 Nov 2023 18:49:02 GMT
etag: "37254400c-1e50-6092fd7638380"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6249-2-3432-h-0-0---;7846-23-7351----0-0-1
X-Firefox-Spdy: h2

events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff

34.203.87.70

202 Accepted

0 B

URL POST HTTP/2
events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff
IP
34.203.87.70:443
ASN
#14618 AMAZON-AES

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerAmazon
Subjectevents.launchdarkly.com
FingerprintD6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF
ValidityWed, 21 Jun 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events/diagnostic/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Referer: https://tgp1.brazzersnetwork.com/
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Fri, 19 Apr 2024 10:34:32 GMT
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff

34.203.87.70

202 Accepted

0 B

URL POST HTTP/2
events.launchdarkly.com/events/diagnostic/63bdba6ee6d64c12826b8bff
IP
34.203.87.70:443
ASN
#14618 AMAZON-AES

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerAmazon
Subjectevents.launchdarkly.com
FingerprintD6:A9:BF:61:8A:C6:FF:34:00:EB:52:E2:2A:24:55:4D:E5:29:01:CF
ValidityWed, 21 Jun 2023 00:00:00 GMT - Sat, 20 Jul 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /events/diagnostic/63bdba6ee6d64c12826b8bff HTTP/1.1
Host: events.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-LaunchDarkly-User-Agent: JSClient/2.24.2
X-LaunchDarkly-Wrapper: react-client-sdk/2.29.2
Content-Length: 857
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 202 Accepted
date: Fri, 19 Apr 2024 10:34:32 GMT
content-type: application/json
content-length: 0
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44h0v9104348843z8832020053za200&_p=1713522865531&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1814164684.1713522866&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713522866&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&dt=Watch%20Kono%20Suba%20Gods%20Blessing%20This%20Wonderful%20World%20S03E01%20VOSTFR%201080p%20WEB%20x264%20Tsundere%20Raws%20Wawacity%20city%20mkv&en=error_network&tfd=31187

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44h0v9104348843z8832020053za200&_p=1713522865531&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1814164684.1713522866&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713522866&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&dt=Watch%20Kono%20Suba%20Gods%20Blessing%20This%20Wonderful%20World%20S03E01%20VOSTFR%201080p%20WEB%20x264%20Tsundere%20Raws%20Wawacity%20city%20mkv&en=error_network&tfd=31187
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44h0v9104348843z8832020053za200&_p=1713522865531&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1814164684.1713522866&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=2&sid=1713522866&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&dt=Watch%20Kono%20Suba%20Gods%20Blessing%20This%20Wonderful%20World%20S03E01%20VOSTFR%201080p%20WEB%20x264%20Tsundere%20Raws%20Wawacity%20city%20mkv&en=error_network&tfd=31187 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
access-control-allow-origin: https://videzz.net
date: Fri, 19 Apr 2024 10:34:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kb5TbiHXmrK3TuglYYC8ueL70S%2BPuptriVo%2B2XBoEWezAcoSE2xVrJsn0SJC51h6du9kDNMTiLxXHqRucZoMJqRFqCgk4aJcwWI4faOhMxOCPuLF7blNKcp28Yg1jobuMvTHPg0wZ28%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df70fd91c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

aistekso.net/401/5708419

139.45.197.244

200 OK

88 kB

URL GET HTTP/2
aistekso.net/401/5708419
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
88 kB (87882 bytes)
Hash
267838f33148049cab8f792e93181d8b
b400c1c8926ad14dce8edbd3699f6c08ec1183d1
cb6870ab36ef09e03091ba48c0d7806f9223f9d21e38838c09cf427dd42e3222

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/5708419 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
x-trace-id: 5c7c61c575a93c9204d06caf3a1c58f5
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=030043d9f5634162faf17f44acb467c6; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

zv.7vid.net/api/spots/70102?s1=103040&v2=1&fill=0&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&i=1&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671

135.181.208.216

200 OK

67 B

URL GET HTTP/2
zv.7vid.net/api/spots/70102?s1=103040&v2=1&fill=0&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&i=1&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subject1111.spinna.online
FingerprintF3:80:AE:D8:32:E7:57:75:94:99:58:76:4C:57:59:80:E8:9A:B7:ED
ValidityFri, 29 Mar 2024 23:27:07 GMT - Thu, 27 Jun 2024 23:27:06 GMT

File type
XML document, ASCII text, with no line terminators
Size
67 B (67 bytes)
Hash
c3928cea84e0c684b265b8fb465a9e72
aace4c0c8b0fbb35d2932f4f27e01ef627161574
3238d03797cab82118740c0d6ddace8d6bc9caf168e94d2ade893f541c1f8a25

HTTP Headers

GET /api/spots/70102?s1=103040&v2=1&fill=0&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&i=1&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671 HTTP/1.1
Host: zv.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://videzz.net
access-control-expose-headers: X-Asg-Config, X-t
set-cookie: nauid=S5DpQm6yONWMVBTPbMSS; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
x-t: 0
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_04.mp4

64.210.135.118

206 Partial Content

1.6 MB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_04.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type

Size
1.6 MB (1621463 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_04.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 2162026
last-modified: Fri, 05 May 2023 17:32:03 GMT
etag: "37bbe719b-20fd6a-5faf5aacc4ac0"
expires: Mon, 29 Jan 2024 09:41:52 GMT
cache-control: max-age=10768735
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-2162025/2162026
x-cdn-diag: ams5-7619-3-10481-h-0-0---;7846-25-7351----0-0-1
X-Firefox-Spdy: h2

tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040

135.181.208.216

200 OK

674 B

URL GET HTTP/2
tr.7vid.net/api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
ASCII text, with very long lines (814), with no line terminators
Size
674 B (674 bytes)
Hash
bdfd91b0409b99c651103f44d8965aff
b56b603146066c42bc3bbea861ebf43f15ac0a96
3ad1732d9dd49c5d0cad8f7ca97362d39b86a22e47205c3b373023f0abe8c34f

HTTP Headers

GET /api/users/424503?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=QYTwlQyG20qhscI9PAkB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/favicon.ico?v=2

78.142.18.54

200 OK

1.2 kB

URL GET HTTP/2
videzz.net/favicon.ico?v=2
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
07075ddac650ad1577e310576f4ac231
1c8f551262fac5a047a268b82fa932c405ab13ff
c5f2d482ae4405a8e9f16a7ab09c5d04380283eb0cb0a9b237b32bc1bca47901

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico?v=2 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1; file_id=37918487; aff=103040; sb_main_fd40b682a05e4aaf489d29601350aa66=1; sb_count_fd40b682a05e4aaf489d29601350aa66=1; _ga_HEX1BG8H46=GS1.1.1713522866.1.0.1713522866.60.0.0; _ga=GA1.1.1814164684.1713522866; asgfp2=172e5b6362817b33a26bdcbe3d1af8ae; pp_main_f1776d24271c5ad55c5f1492e2d01e10=1; pp_idelay_f1776d24271c5ad55c5f1492e2d01e10=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=083c7ef1-dcba-4871-9ebf-7083c3d68150%3A2%3A1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=specialsaucer.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: image/x-icon
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-47e"
expires: Sun, 19 May 2024 10:31:34 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/3
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 21224, version 1.0
Size
21 kB (21224 bytes)
Hash
13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c

HTTP Headers

GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 01:58:51 GMT
expires: Wed, 16 Apr 2025 01:58:51 GMT
cache-control: public, max-age=31536000
age: 290138
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_01.jpg

64.210.135.118

200 OK

313 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x860, components 3
Size
313 kB (313006 bytes)
Hash
1e32c301641cea6322f2f54133ed2c86
3ed0508c91b665500abb8d884d1460b607c9c6dd
46718d7309f7365bdad00e7881347b457e43d8f085c5cd4f2a51e755dec569c2

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R2_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 313006
last-modified: Thu, 16 Nov 2023 04:41:03 GMT
etag: "372544005-4c6ae-60a3da08ad5c0"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-6967-h-0-0---;7846-23-7351----0-0-0
X-Firefox-Spdy: h2

images-assets-ht.project1content.com/5e9845115bf501.55618659.jpg

64.210.135.118

200 OK

2.1 kB

URL GET HTTP/2
images-assets-ht.project1content.com/5e9845115bf501.55618659.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 72x36, components 3
Size
2.1 kB (2065 bytes)
Hash
6e25c31d24acd9a948a91b5a1d8abbc4
8284a9b3b4287780e5f3c011e0b7f6ca7b54dd34
38c3608f1c53b13cd5567fecc6957d3568be15148abe43819e32bad5aa5d18f5

HTTP Headers

GET /5e9845115bf501.55618659.jpg HTTP/1.1
Host: images-assets-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: image/jpeg
content-length: 2065
last-modified: Thu, 16 Apr 2020 11:44:17 GMT
etag: "372006d6f-811-5a366f3dea640"
expires: Fri, 26 Jan 2024 08:58:32 GMT
cache-control: max-age=10462384
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6139-3-22539-h-0-0---;7846-26-7351----0-0-0
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/vendors~main.d2107e06.js

64.210.135.118

200 OK

1.3 MB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/vendors~main.d2107e06.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type

Size
1.3 MB (1345797 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tour/vendors~main.d2107e06.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Apr 2024 19:52:56 GMT
etag: W/"3ac7d8383-148905-615c36285b600"
expires: Sat, 10 Aug 2024 13:23:08 GMT
cache-control: max-age=10435353
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-6141-1-19723-h-0-0---;7846-19-7351----0-0-1
X-Firefox-Spdy: h2

specialsaucer.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66

192.243.59.20

200 OK

11 kB

URL GET HTTP/1.1
specialsaucer.com/sbar.json?key=fd40b682a05e4aaf489d29601350aa66
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type
JSON text data
Size
11 kB (11140 bytes)
Hash
37b7c0af8580818fb9b625e14f2049b9
e0522d1fd8eff580a87d9bb1cdc0edd2c83c8823
62acf81d56cffa0c1f73a93e5b159a51c1736a1d7bff06e6be5576a4d7f4c599

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=fd40b682a05e4aaf489d29601350aa66 HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 19 Apr 2024 10:34:26 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://videzz.net
Access-Control-Allow-Origin: https://videzz.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19071538; expires=Sat, 20 Apr 2024 10:34:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 20 Apr 2024 10:34:26 GMT; secure; SameSite=None
uncs=1; expires=Sat, 20 Apr 2024 10:34:26 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 20 Apr 2024 10:34:26 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 20 Apr 2024 10:34:26 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 87fbb55cce5979191ec11156cf32fbb1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

static2-ma-ht.project1content.com/tour/assets/probiller.5f27a427.png

64.210.135.118

200 OK

8.5 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/assets/probiller.5f27a427.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 170 x 43, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8497 bytes)
Hash
5f27a427e3542a7170d713e12763ed5e
c57ffdec39259bec85aa633529df86c8e25638ae
ce087c55c6cfa777c2070304a44b3a756c57a31f124a9befcfe69af6bd103483

HTTP Headers

GET /tour/assets/probiller.5f27a427.png HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: image/png
content-length: 8497
last-modified: Tue, 23 Jan 2024 22:03:01 GMT
etag: "3a75bac57-2131-60fa41c1d4f40"
expires: Fri, 31 May 2024 23:00:31 GMT
cache-control: max-age=10641991
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-6968-h-0-0---;7846-23-7351----0-0-1
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31pnK5n

172.67.205.77

200 OK

234 B

URL GET HTTP/2
bid.bidclickmedia.com/sub/31pnK5n
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
f80bebf9471a9840ef5768e8c6b26672
164896726fce06ed3a1b8cbed00ab7c0493b6d24
5367258c378438d9831e9138819e8e68c4b7e6525dde7a086fb82a083398099c

HTTP Headers

GET /sub/31pnK5n HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1i3Ghn3xbX%2FEKyA%2BN3VJp%2Fz%2FRxQ7uGfvU%2B%2ByXP6S6GuZYtBnqOq%2FcNG44nltf8jaYtJGojZfX3iD4n1pp6aEVVFdJ5HK2R8Erxj6s4ZW%2FXTE2S%2BWsUeQnPCZfcrLDTcGwcsJokabzCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df6ffd21c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

str35.vidoza.net/nvl4dtbapufeieno3u4anafamq7hqrybtrwytsqujovkfxufao6autoexhua/v.mp4

0.0.0.0

0 B

URL GET
str35.vidoza.net/nvl4dtbapufeieno3u4anafamq7hqrybtrwytsqujovkfxufao6autoexhua/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidoza.net
FingerprintDD:9C:2A:D1:7E:90:60:D1:BE:1C:39:29:07:29:9C:34:6A:76:A6:C6
ValidityWed, 14 Feb 2024 01:21:54 GMT - Tue, 14 May 2024 01:21:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4dtbapufeieno3u4anafamq7hqrybtrwytsqujovkfxufao6autoexhua/v.mp4 HTTP/1.1
Host: str35.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx/1.20.1
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: video/mp4
content-length: 214696655
last-modified: Wed, 10 Apr 2024 23:01:59 GMT
etag: "66171a67-ccc02cf"
content-range: bytes 0-214696654/214696655
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/main.2798796d.js

64.210.135.118

200 OK

454 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/main.2798796d.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type

Size
454 kB (454212 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tour/main.2798796d.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Apr 2024 19:52:56 GMT
etag: W/"3ac65d6af-6ee44-615c36285b600"
expires: Sat, 10 Aug 2024 13:23:08 GMT
cache-control: max-age=10435353
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-7846-1-6849-h-0-0---;7846-19-7351----0-0-1
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InQWmbiwyTCdX0cqUF6m39KbRuBEpOosaHt%2FR%2FaHGEIvMUpSWI%2BxqwVNMXYS%2FMClRLN4nJpDapstrts8AKdbznvTiU2r%2FitCSX32qBR8%2FA4n72CMXLk2OYRsCcMPwAvEeFUa7riv6mw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df82ea6b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

1.4 MB

URL GET HTTP/2
videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
1.4 MB (1360962 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
vary: Accept-Encoding
etag: W/"66163918-14c442"
expires: Sun, 19 May 2024 10:31:41 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

str35.vidoza.net/nvl4dtbapufeieno3u4anafamq7hqrybtrwytsqujovkfxufao6autoexhua/v.mp4

0.0.0.0

0 B

URL GET
str35.vidoza.net/nvl4dtbapufeieno3u4anafamq7hqrybtrwytsqujovkfxufao6autoexhua/v.mp4
IP
0.0.0.0:0
ASN
#0

Requested by
https://videzz.net/jnkrqh6gmlbn.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /nvl4dtbapufeieno3u4anafamq7hqrybtrwytsqujovkfxufao6autoexhua/v.mp4 HTTP/1.1
Host: str35.vidoza.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570

173.239.53.20

200 OK

0 B

URL GET HTTP/1.1
xml.cachegorilla.com/redirect?feed=612977&auth=kAeZgJ&pubid=197570
IP
173.239.53.20:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.cachegorilla.com
Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A
ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=612977&auth=kAeZgJ&pubid=197570 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

videzz.net/jnkrqh6gmlbn.html

78.142.18.54

200 OK

45 kB

URL User Request GET HTTP/2
videzz.net/jnkrqh6gmlbn.html
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
HTML document, ASCII text, with very long lines (1926), with CRLF, LF line terminators
Size
45 kB (45074 bytes)
Hash
d365df228a1941c46e09c6cec3c5783f
ea3b45a95f88ece898c25a1b50e39e48a04c0be7
77f099cbd201afdbd2539407399093e9c7b30db6d8ede14ae20337627f8641f7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /jnkrqh6gmlbn.html HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 18 Apr 2024 10:34:24 GMT
set-cookie: lang=1; domain=.videzz.net; path=/; HttpOnly
xfsts=; domain=.videzz.net; path=/; expires=Thu, 20-Apr-2023 10:34:24 GMT; HttpOnly
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

111 kB

URL GET HTTP/2
videzz.net/js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
111 kB (111387 bytes)
Hash
6249517b9005ca7822f82d024996812f
9085d09ebbe9e6c5963644d49c82c350f1be141d
fda81a2fcc97f139d2a1ea94209efc760dc9421b514280bf5a6cd97d8140ddca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/vue.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:25 GMT
vary: Accept-Encoding
etag: W/"66163909-1b31b"
expires: Sun, 19 May 2024 10:28:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1kmp6s0n2uvg3yJOiTrHINJ1MDCLH%2FfYU7D6AXt9HVd5qZ461N9Dt3z%2BGKq1ulvkRufGZD3Siepwy%2F4rH9T9lor8OFmxvAAiTq73l6JL1ReptZAu7Iob3uqcPka6xkvlliI%2F7Tr%2BdLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df82ea3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040

135.181.208.216

200 OK

637 B

URL GET HTTP/2
tr.7vid.net/api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
ASCII text, with very long lines (773), with no line terminators
Size
637 B (637 bytes)
Hash
59ab11396fb130c77123027f1222cc8d
deb9fce62728038e8a093fa9b152ae87b116bcb9
cb66efd3a1961cb283540c5b43dc99c729532f924cd1b72437c29f6bb599edf0

HTTP Headers

GET /api/users/59846?host=videzz.net&ev=212&wh=1024&ww=1280&uuid=&url=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&sid=bd12e766-e6c2-41b5-8360-62920dbd5671&i=1&kw=kono%2Csuba%2Cgods%2Cblessing%2Cthis%2Cwonderful%2Cworld%2Cs03e01%2Cvostfr%2C1080p%2Cweb%2Cx264%2Ctsundere%2Craws%2Cwawacity%2Ccity%2Cmkv&s1=103040 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: nauid=QYTwlQyG20qhscI9PAkB
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.2c1380a6.js

64.210.135.118

200 OK

3.4 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/FooterBlock.2c1380a6.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3536), with no line terminators
Size
3.4 kB (3387 bytes)
Hash
b481fb54034f68c59309626000642a8b
863da1a157a2799b001b1d27630973710be7bb62
f7a956711354364beab1d73657b4f74dc14643b016b1f6f2866c7ba458861383

HTTP Headers

GET /tour/@one/blocks/async/FooterBlock.2c1380a6.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 03 Apr 2024 16:07:49 GMT
etag: W/"3abbcbc51-d3b-615336c8d9f40"
expires: Mon, 05 Aug 2024 10:25:24 GMT
cache-control: max-age=10685871
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-7619-2-10440-h-0-0---;7846-24-7351----0-0-1
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_01.jpg

64.210.135.118

200 OK

175 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_01.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
175 kB (174930 bytes)
Hash
82b6243c23f0d953afb882aac3895849
b1f439a942a9fb581eb5cddda3b2610ac398946f
f813a507a547043121bbe682fb0593635903d3b0e60265f24d129253b2974515

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_01.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/jpeg
content-length: 174930
last-modified: Thu, 16 Nov 2023 04:40:58 GMT
etag: "372543ff6-2ab52-60a3da03e8a80"
expires: Sun, 24 Mar 2024 09:10:34 GMT
cache-control: max-age=10408785
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-3-6968-h-0-0---;7846-28-7351----0-0-0
X-Firefox-Spdy: h2

tr.7vid.net/api/settings/59846

135.181.208.216

200 OK

32 B

URL GET HTTP/2
tr.7vid.net/api/settings/59846
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
32 B (32 bytes)
Hash
70e03b2246021ebcd2ca54e5607ab872
04b2d0e74ccb5feec8976d1c6a92eee8a84cdba8
c3cbbee3b165de8cb5725efe3cc7abc569c13214dbc37a70ace8758cc2d5b73f

HTTP Headers

GET /api/settings/59846 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-origin: *
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Armr3jLZZ4IRPR0hnvOUGx1RISbdNDSyfcqit66uL%2BsGZECbl%2BgeAIQpX1Wt03rOdBBYRBYLM5MOSlx%2FCwIiqW2v9%2Fc0nRUCTx3u2quUI%2B1Y0SSpWXnqcyUQPx5hqMqNIJpFafdrJY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df83eb8b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

allvideometrika.com/f.php?sid=212515

104.21.83.61

200 OK

0 B

URL GET HTTP/2
allvideometrika.com/f.php?sid=212515
IP
104.21.83.61:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectallvideometrika.com
FingerprintA7:8E:7D:C9:07:A5:B6:A9:6D:38:81:8F:95:98:D9:44:DD:EA:AD:21
ValiditySat, 24 Feb 2024 11:56:27 GMT - Fri, 24 May 2024 11:56:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f.php?sid=212515 HTTP/1.1
Host: allvideometrika.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UaQ88HjGQnuac9e2mBsyZfkgOM6X5sAfaXUWB9j5%2FWz72JejM%2BZVDA0ENHebKXiP4pAUkPa%2FfnUcAdobbsQDl4uxOgVPtQV%2FP6wvjJ2lc1EHtfupTmIgDNY%2BtqsdKQpFZivn%2B6Fk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3dfb3c1e0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

bid.bidclickmedia.com/sub/31bV2Jy

172.67.205.77

200 OK

239 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/31bV2Jy
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
239 B (239 bytes)
Hash
d5b23342c3da61ad8cb32c85b5a9a6ca
3ca89fd68565941a5f5dec87720a2164c9b860ae
53073b03453dec44b400acecc549d6446aba803406a391777a94cc2504173bbb

HTTP Headers

GET /sub/31bV2Jy HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkeGkeKaPSTo3fqZFb%2BzjMJE4JKWLQojzxxTgB2YgXrA4uwvsjFESs0%2BMtYpC4bBnLCMtiL%2FZ94ng97qYMRqidLnKiAdXSSWMbesx2UWEK23C7ThtDiUt3%2BKMfghhFRaxirIwE8uLGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df84ec1b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ossgogoaton.com/tag.min.js

172.67.184.45

200 OK

72 kB

URL GET HTTP/2
ossgogoaton.com/tag.min.js
IP
172.67.184.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectossgogoaton.com
FingerprintB8:1E:A6:C4:2B:2A:31:03:63:B7:B8:7D:1A:4D:46:B1:54:80:C7:C6
ValidityWed, 06 Mar 2024 10:18:26 GMT - Tue, 04 Jun 2024 10:18:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65494)
Size
72 kB (72487 bytes)
Hash
20066b7d91ff72a24f0fa316e1061697
92eefc40f32b0098d984a125a067fc0505aec18f
7a9bf5b03fcbd400094b193d716f62044efc0acb171ac7475c5a798f3e4d04f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: ossgogoaton.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: afdec351ad4a38b9edc699f7c1900acc
cache-control: max-age=86400
last-modified: Thu, 18 Apr 2024 11:27:06 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
expires: Fri, 19 Apr 2024 18:19:45 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 58482
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2Fyq2%2FpdrnTP8zUujgK3GvzkF2F8bvmx4aLDXzHWShmYWkvNyccdrv43X8vEbMbNRF2%2B07XZoJRypPHPF%2BInIMxtI5WLdfh%2BGS8pVawi163wkN2mKADMGjQxG4lckSrjWxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3e046dea0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

172.67.193.52

200 OK

19 kB

URL GET HTTP/2
tzegilo.com/stattag.js
IP
172.67.193.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjecttzegilo.com
Fingerprint28:2E:D0:DF:04:78:60:5A:D2:5B:1F:EA:59:80:9C:2F:89:C1:9D:D1
ValiditySat, 30 Mar 2024 15:54:48 GMT - Fri, 28 Jun 2024 15:54:47 GMT

File type
JavaScript source, ASCII text, with very long lines (18486)
Size
19 kB (19136 bytes)
Hash
70ebd404c2e1e7bad13998538b56887c
86e57af8ba3cfc2c004da3311835f6b54ba6d848
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:13 GMT
etag: W/"65c37cc1-4ac0"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1606
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mz24ELDeiKyPI4DadnvDlXnNkdiNtYiVRlffOwJTT%2BDceCGubnXDy1DrGlOuNdSNtfrjOxXusgvAWuVV09cgUcUX0yAR6AYBY6gbAu8FI7E9Hj7ySGK6Fay96PRc%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3e091b2b7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/sm.25.html

172.67.39.148

200 OK

716 B

URL GET HTTP/3
static.addtoany.com/menu/sm.25.html
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
HTML document, ASCII text, with very long lines (744), with no line terminators
Size
716 B (716 bytes)
Hash
c3c97893ca5c74e7504aa4ec474ea41b
cdccb12d7e73682e0e807107243ede7d5e14c962
b79f65e9ffe3bad9bd9cdcffed0758430f7eb1a630c368dc173eecdeb2821f00

HTTP Headers

GET /menu/sm.25.html HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XqYdf3zT6f5djRXIIJwMp9CmOr869HlwkvaSLOezMHs8bCNXKhchHrxUkAX8VobSQtGTx9av1ds6j%2BrAMbeIHt6gjCWQ%2F0%2FDDuSz%2BYQMTMfH9cMBRVSXt9wfmQ0xD6qcBrOg5iLUMVJymypfmtsURYC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 1599
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df74aad1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static.addtoany.com/menu/svg/icons/whatsapp.js

172.67.39.148

200 OK

1.1 kB

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/whatsapp.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (1122), with no line terminators
Size
1.1 kB (1108 bytes)
Hash
d822c46f36a55fdbfcc5029e62e19937
c575da68fa99eeb33863f281395755cbf20004d4
062ec1f7c3acea435122961b771eb2e4d136a3e870b17d3e811413f5aa78ed3e

HTTP Headers

GET /menu/svg/icons/whatsapp.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"83af4df8173e43227812296bb8542dcf"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jWKI1OdsgbKSSTP8GoOtOhOKwQZxTKwLszgx9k%2BDMGmsGKC5miCWXMTCDxhml1%2BDIyezqjP%2F1TFlvruSrPSHWyFchgoghrBAuphUoHmG9VP4ODKiD5REkfluPD1gVIjmFYN898HTH2wMXNp45zD%2BhTqy"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df92bea1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

bid.bidclickmedia.com/sub/Pj8pz0z

172.67.205.77

200 OK

234 B

URL GET HTTP/3
bid.bidclickmedia.com/sub/Pj8pz0z
IP
172.67.205.77:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbidclickmedia.com
Fingerprint2D:71:60:23:79:D8:E4:4A:B8:81:BA:F0:ED:58:CB:A8:66:21:A7:E7
ValiditySun, 31 Mar 2024 14:28:20 GMT - Sat, 29 Jun 2024 14:28:19 GMT

File type
HTML document, ASCII text, with no line terminators
Size
234 B (234 bytes)
Hash
ec45c51dfcbeb0d487d6d2ccf0cd9a23
eadd83e9b3def654d52e1b93ae5f5c13d8a69c99
3a5e0788bab23d00613d25c36fabb29d38bb3e51af54bf370854620392a249ce

HTTP Headers

GET /sub/Pj8pz0z HTTP/1.1
Host: bid.bidclickmedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAgrGPIUQI5uweso6HzBp%2FPgjrZhjxr5CSd53h%2FAeVjPxiHuHZk91s2mkdw80bcybEQG%2FkQnSsmK%2Fc1aH7XN4COJin1%2Boe3JAElLyeFhAxEmMUyej5tnw%2BZ0VSodE1BDXaLfJ7VNRAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c3df83eb3b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js

172.67.141.24

200 OK

386 B

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (399), with no line terminators
Size
386 B (386 bytes)
Hash
022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:55:49 GMT
etag: W/"65bbb0f5-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 229858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmYSOQstx7Qc3%2BrEe08sXmT%2BjHo64hLn1ebeMXZDp0yMYE7STOao3YFe%2Fw0JxwHorsxRw2aYkjhzUa2v1%2FSUZ0K00jT1cGADVfyH9rOmQGqZHMQSVzOmJGBruU7LIbZR4LsOgqN3gljd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3e01fd96712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

videzz.net/images-newtheme/social/facebook_button.png

78.142.18.54

200 OK

3.3 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/facebook_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
3.3 kB (3296 bytes)
Hash
7136dd30e8f2bac19a84c71f7051fbe4
9e0386c21a34c2034c5736d083f2aa9d74aa9698
0f707e70a8cef21089769a1d44002cad814fb3ff42834d59093d7f6e21be72cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/facebook_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 3296
last-modified: Wed, 10 Apr 2024 07:00:40 GMT
etag: "66163918-ce0"
expires: Sun, 19 May 2024 10:31:39 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css

172.67.141.24

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (79245 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
etag: W/"65bbb0f0-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 229858
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf%2BbSzqkllMRPFI3Yn4RFmpkGBcV%2F%2BMB9%2BiWdwttJvjdWRrI5JnQhrCAoJZek0ZA5WJybY7i2A50v1ENbVqv44xBxXiuuK3fW3YS%2Ft4nIJSW9M8GXGSsBjAgQxWJ70Q00kg1QBLX%2FRWf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3e01fd9b712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static.addtoany.com/menu/page.js

172.67.39.148

200 OK

3.0 kB

URL GET HTTP/2
static.addtoany.com/menu/page.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
JavaScript source, ASCII text, with very long lines (3132), with no line terminators
Size
3.0 kB (3003 bytes)
Hash
40486591ae8ea6d1423aeb13f1fd509b
f847af56588642de93c6fe0d2ce182303f312455
16a6753a1de5c5602b0ca4afe3d17b95e2cb18d6b79bf7cdccedba3a733c1138

HTTP Headers

GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"e346c2841e4abbb66ee259e9540abb61"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2AC7bE2UDFKM7qC5jDQxDxGBrcVDlnPDaJpMnzeeMpH%2BWmJ3duBGtVLq6wxk1QIfxp7e6MatgiRO5LypYWukV0nng7cUXW9aran8y9cwM8v0JAzIBzS1YQZ9pyCABT%2BXorAHEebwrAhbk61YRrQnUdl"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1600
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df25c39b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

tr.7vid.net/api/spots/190874?p=1&s1=103040

135.181.208.216

200 OK

94 B

URL GET HTTP/2
tr.7vid.net/api/spots/190874?p=1&s1=103040
IP
135.181.208.216:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjecta.gatwins.site
Fingerprint66:D4:C4:E9:BC:6E:82:9E:D0:2F:00:69:9A:DF:C2:6D:18:04:0B:1B
ValidityWed, 10 Apr 2024 10:27:11 GMT - Tue, 09 Jul 2024 10:27:10 GMT

File type
HTML document, ASCII text, with no line terminators
Size
94 B (94 bytes)
Hash
c118b24869f85e4f08ea9cef3bde4492
7a7f0b87ac0967b24b246f54e649e640bd7d6c45
976c66117f2dcd0d138138f1cb8bb49aba832c76cf821cae5321e0217b92367d

HTTP Headers

GET /api/spots/190874?p=1&s1=103040 HTTP/1.1
Host: tr.7vid.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: text/html
vary: Accept-Encoding
set-cookie: nauid=QYTwlQyG20qhscI9PAkB; Path=/; Expires=Wed, 11 Nov 2037 11:11:11 GMT; Secure; SameSite=None
x-robots-tag: noindex, nofollow
cache-control: private
content-encoding: gzip
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_02.mp4

64.210.135.118

206 Partial Content

792 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_02.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
792 kB (792045 bytes)
Hash
1dc90607fba6c99b83e64ac19a6df301
52d464c003bd9f22a433d963e9a737d2f469c0da
3c983e1ca58d8b4b91856e808bbaba78b1033cde0124b038f3122e4cf61b8e6a

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R5_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 792045
last-modified: Thu, 23 Nov 2023 15:21:48 GMT
etag: "372543fe7-c15ed-60ad364ee9b00"
expires: Thu, 11 Jul 2024 15:52:55 GMT
cache-control: max-age=10429136
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-792044/792045
x-cdn-diag: ams5-7619-3-10481-h-0-0---;7846-28-7351----0-0-1
X-Firefox-Spdy: h2

aistekso.net/401/5708419?oo=1&oaid=0080430857394891e749943030e1596d&sw_version=v1.335.0

139.45.197.244

200 OK

2.4 kB

URL GET HTTP/2
aistekso.net/401/5708419?oo=1&oaid=0080430857394891e749943030e1596d&sw_version=v1.335.0
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectaistekso.net
Fingerprint3E:A5:CE:35:F4:D9:45:6B:A1:3B:2E:9C:B3:9E:78:4D:8A:4B:51:BB
ValiditySun, 24 Mar 2024 05:08:27 GMT - Sat, 22 Jun 2024 05:08:26 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2561), with no line terminators
Size
2.4 kB (2369 bytes)
Hash
492baabe1a6ba7bf165666d8a4609d96
6eca0dbfbf2ec1609ea2dd036d30ba2c9e786f0e
61ff0348232174cf955174ec718e28f076fcf59d285d638bf443d6cd805ed343

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /401/5708419?oo=1&oaid=0080430857394891e749943030e1596d&sw_version=v1.335.0 HTTP/1.1
Host: aistekso.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: OAID=030043d9f5634162faf17f44acb467c6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/json
x-trace-id: 75cecaefee620b2a2fd22575941da804
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://videzz.net
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
set-cookie: OAID=0080430857394891e749943030e1596d; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

159 kB

URL GET HTTP/2
videzz.net/js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
159 kB (158902 bytes)
Hash
7c33538390b466ae717449d729bb32ea
49ea1eb1dc06467f516eae28e09863a23b244a31
a2f37fa7aee9e9248856735b807b028c93be60eb6bb9916595ba123690513f02

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/static.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:18 GMT
vary: Accept-Encoding
etag: W/"66163902-26cb6"
expires: Sun, 19 May 2024 10:26:18 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

170 kB

URL GET HTTP/2
videzz.net/css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
ASCII text, with very long lines (50421)
Size
170 kB (169541 bytes)
Hash
bf9af199b5ef61988f82fa239ebf61da
d3b9c5ef294f2ef0942a8bf1e62085b72b2e07cc
e8e86d55656a068d5bb43e7b65e474162b6dff2c57f314cfc90d25f16708048d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/videojs.5.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: text/css
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-29645"
expires: Sun, 19 May 2024 10:33:43 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_02.mp4

64.210.135.118

206 Partial Content

1.6 MB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_02.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type

Size
1.6 MB (1585128 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R1_02.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 1747722
last-modified: Fri, 05 May 2023 17:32:03 GMT
etag: "34858f338-1aab0a-5faf5aacc4ac0"
expires: Wed, 17 Apr 2024 21:42:36 GMT
cache-control: max-age=10506332
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-1747721/1747722
x-cdn-diag: ams5-6249-2-3433-h-0-0---;7846-25-7351----0-0-1
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/telegram.js

172.67.39.148

200 OK

360 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/telegram.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (370), with no line terminators
Size
360 B (360 bytes)
Hash
d455b7099e753a3680d5e481a7b56a9d
146fdec3f2e51dabdd15fc8acda6d73823b0d44d
4eb7a6d1a684e68473de0e8854499206b2f512a3815a8114068636dd38aa197a

HTTP Headers

GET /menu/svg/icons/telegram.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"fb47b4f6548b6499923a1beed7472419"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rS6p7wFnFl7fkJw7fLG2A4znYwIH3MQ0wRM8iq4hiAUKTt95h0HUv0gE1X%2BxhNFe5NpA65SxgDVKQH2MWG8Tn0P%2BjYr297yGtzRJc%2FzpKzNH1%2BOg75hSsVnjZj9iezTg3kCEOC9X8UOzN6i49HViMtne"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df91bd91c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

videzz.net/images-newtheme/social/reddit_button.png

78.142.18.54

200 OK

5.6 kB

URL GET HTTP/2
videzz.net/images-newtheme/social/reddit_button.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 250 x 95, 8-bit colormap, non-interlaced
Size
5.6 kB (5639 bytes)
Hash
e81d26d1620449624337a4d43f931daa
f03bec039b900b6668f56c295b6152f206614347
a571a6100b5176154b8cab0289f1e1f3a1888a4d2670a0309a7206e914e53196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/social/reddit_button.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 5639
last-modified: Wed, 10 Apr 2024 07:00:17 GMT
etag: "66163901-1607"
expires: Sun, 19 May 2024 10:28:56 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.addtoany.com/menu/svg/icons/reddit.js

172.67.39.148

200 OK

893 B

URL GET HTTP/3
static.addtoany.com/menu/svg/icons/reddit.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (903), with no line terminators
Size
893 B (893 bytes)
Hash
1f5dd30051ff637ea1d19ce73aced89c
bfdd1d1c07492ba397bdcf13e262edcfd8692a5e
c1bf0dd12b2f71de1e7e154b309caa18d2f1c2a8dc077beba23b89432ad72a81

HTTP Headers

GET /menu/svg/icons/reddit.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://static.addtoany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-bgj: minify
etag: W/"1fe5b5008de689ce6464d7bcb07e742c"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKI8JfGHLgDLQMxgjIu6uq9y5sFahBx8LFeIv85H4LGXkFnp9HWSnK6sZVx299a1mbU%2BjomK2FHlABBJnwQDJeYe4yJMdIkipFw6Yt2WeRGl5RDOvuaLloy6P%2F%2BRZw9yvyADzctlodc7WNv6iH7eoGMR"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df91bd71c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

216.58.207.227

200 OK

22 kB

URL GET HTTP/3
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22376, version 1.0
Size
22 kB (22376 bytes)
Hash
e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216

HTTP Headers

GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 02:03:18 GMT
expires: Wed, 16 Apr 2025 02:03:18 GMT
cache-control: public, max-age=31536000
age: 289871
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48208, version 1.0
Size
48 kB (48208 bytes)
Hash
c49b7c3643f781d71645c5a40a78b5bf
e71138026b38afc443fb60da5ffc2244c4f5eb11
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808

HTTP Headers

GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:58:52 GMT
expires: Tue, 15 Apr 2025 21:58:52 GMT
cache-control: public, max-age=31536000
age: 304533
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_03.mp4

64.210.135.118

206 Partial Content

937 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_03.mp4
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
ISO Media, MP4 v2 [ISO 14496-14]
Size
937 kB (936695 bytes)
Hash
f1d8993089d98fc24e081a507323438a
63a0d9ce8304874613d6f97ba0a8d5e29bc73864
fdaa40d9919459b477a9af566cf88124e323ea9a202bf4b31db8f85870d0772c

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R3_03.mp4 HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: video/mp4
content-length: 1661415
last-modified: Fri, 05 May 2023 17:32:03 GMT
etag: "34858f339-1959e7-5faf5aacc4ac0"
expires: Wed, 29 May 2024 08:08:29 GMT
cache-control: max-age=10631147
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
content-range: bytes 0-1661414/1661415
x-cdn-diag: ams5-7619-1-10403-h-0-0---;7846-17-7351----0-0-1
X-Firefox-Spdy: h2

cdn.itskiddien.club/?rb=Kx62JcKZLGStMiWHNZ-Q9M73osrnp4kuYbxceXrKc4l-ukDfRqdeS7-1TrX0yHnJ0HiNxThcE2rJ0HglRRRpuRURLzfGXjPC9vNoZ1spE6Hwp-TReZcwqJzcm7Ix7ylBo1ZW69lH2cioh9M94sflV_YX_5CuZ9KnBH8EjfZ7jLKclxQzVDft4X7yKwymtFcaQ3Iiy29xlNJcIGuzK6iF3ZHRqmAZQP4UXkM3htuocdfX1SUUGQJz9wIizWUSDlbVADk-jbuSxA1X2gk7KBOrQlGjqR0%3D&request_ab2=150120&zoneid=5902452&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=13&pl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=918bd253-f20a-4175-bb8a-2ceb80367ff7&userId=0080430857394891e749943030e1596d&m=link

139.45.197.236

200 OK

2.6 kB

URL GET HTTP/2
cdn.itskiddien.club/?rb=Kx62JcKZLGStMiWHNZ-Q9M73osrnp4kuYbxceXrKc4l-ukDfRqdeS7-1TrX0yHnJ0HiNxThcE2rJ0HglRRRpuRURLzfGXjPC9vNoZ1spE6Hwp-TReZcwqJzcm7Ix7ylBo1ZW69lH2cioh9M94sflV_YX_5CuZ9KnBH8EjfZ7jLKclxQzVDft4X7yKwymtFcaQ3Iiy29xlNJcIGuzK6iF3ZHRqmAZQP4UXkM3htuocdfX1SUUGQJz9wIizWUSDlbVADk-jbuSxA1X2gk7KBOrQlGjqR0%3D&request_ab2=150120&zoneid=5902452&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=13&pl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=918bd253-f20a-4175-bb8a-2ceb80367ff7&userId=0080430857394891e749943030e1596d&m=link
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2571), with no line terminators
Size
2.6 kB (2550 bytes)
Hash
92bedd78b35aa935b3b38f210152b82f
9f4443e7101f5e7d57dde533d8b83cf314bc8b5f
f63230f39eb4f8acbc4c496e172d6cace6eb2ade88cdce55c2b2e6a35924932b

HTTP Headers

GET /?rb=Kx62JcKZLGStMiWHNZ-Q9M73osrnp4kuYbxceXrKc4l-ukDfRqdeS7-1TrX0yHnJ0HiNxThcE2rJ0HglRRRpuRURLzfGXjPC9vNoZ1spE6Hwp-TReZcwqJzcm7Ix7ylBo1ZW69lH2cioh9M94sflV_YX_5CuZ9KnBH8EjfZ7jLKclxQzVDft4X7yKwymtFcaQ3Iiy29xlNJcIGuzK6iF3ZHRqmAZQP4UXkM3htuocdfX1SUUGQJz9wIizWUSDlbVADk-jbuSxA1X2gk7KBOrQlGjqR0%3D&request_ab2=150120&zoneid=5902452&js_build=iclick-v1.775.0&jsp=1&fs=0&cf=0&sw=1280&sh=1024&wih=1024&wiw=1280&ww=1280&wh=1024&sah=1024&wx=0&wy=0&cw=1280&wfc=13&pl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&drf=&np=1&pt=0&nb=1&ng=0&ix=0&nw=1&tb=false&btz=UTC&bto=0&wgl=&js_build=iclick-v1.775.0&navlng=en-US&pnt=0&pnrc=0&wasm=-1&bs=918bd253-f20a-4175-bb8a-2ceb80367ff7&userId=0080430857394891e749943030e1596d&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Cookie: OAID=008043e774df4efbffdb41357dd89d4f; oaidts=1713522868
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/json
x-trace-id: 89aaf5382ec2d6772d714d35e7ad890a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=0080430857394891e749943030e1596d; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
oaidts=1713522868; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 26 Apr 2024 10:34:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

videzz.net/images-newtheme/logo_60.png

78.142.18.54

200 OK

14 kB

URL GET HTTP/2
videzz.net/images-newtheme/logo_60.png
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type
PNG image data, 275 x 182, 8-bit/color RGBA, non-interlaced
Size
14 kB (14101 bytes)
Hash
650a7f14495bcd9ed2140ed51d8b9fef
47cb64b0bc23739e4e25e7c1bea6d63e438ebee0
aeea7989ff49c647ef4e5f3215fa0bd7480fe3976adc5050de6dcfcd46653c71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images-newtheme/logo_60.png HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/css/main.min.css?v=b8dc06aa6195ca0716d0a0c4e3a76e42
Cookie: lang=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: image/png
content-length: 14101
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
etag: "66163910-3715"
expires: Sun, 19 May 2024 10:26:30 GMT
cache-control: max-age=2592000
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.addtoany.com/menu/modules/core.BRQnzO8v.js

172.67.39.148

200 OK

72 kB

URL GET HTTP/3
static.addtoany.com/menu/modules/core.BRQnzO8v.js
IP
172.67.39.148:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectstatic.addtoany.com
Fingerprint25:DC:52:06:E9:84:6F:BC:CB:DD:82:F7:D3:4C:8F:F5:9F:49:7E:DD
ValiditySat, 24 Feb 2024 06:33:02 GMT - Fri, 24 May 2024 06:33:01 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (71454 bytes)
Hash
629401c31553d2f42a6ca46e58c2a97b
0ab6084caa72f90913c7e4119f491838726ec5c2
91b9b24f0aa59668e4d0a770ee7a294b9baa361a76a20ade8128cd0482a5d805

HTTP Headers

GET /menu/modules/core.BRQnzO8v.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:25 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-bgj: minify
etag: W/"25da5432b1057724b8210f17e9b9db05"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FN7klxF7wXP63HcRl%2BjCdei7MZiQdLbHTqz87Q9U8JynkbiNBMS1rbdVtmUknMMTPAEW9DWd2%2FJRR1gRNn7DGNrqap17XCipxcat6ZwNX7wMVLUN3VPJR8WgR5HpxT%2BapjjIqHt"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27405
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 876c3df7cb031c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319

174.137.133.17

200 OK

0 B

URL GET HTTP/1.1
xml.zeusadx.com/redirect?feed=552612&auth=OEhoVk&pubid=162319
IP
174.137.133.17:443
ASN
#27257 WEBAIR-INTERNET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerSectigo Limited
Subject*.zeusadx.com
FingerprintAA:67:88:35:5F:BC:20:3C:44:9B:00:BD:4F:E1:C0:5F:62:D0:69:C0
ValidityMon, 23 Oct 2023 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirect?feed=552612&auth=OEhoVk&pubid=162319 HTTP/1.1
Host: xml.zeusadx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bid.bidclickmedia.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store

cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150120

139.45.197.236

200 OK

84 kB

URL GET HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5902452&var=5708419&branchId=150120
IP
139.45.197.236:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectitskiddien.club
FingerprintF8:F5:E1:2A:73:41:2E:21:C2:B1:A0:A3:DE:9D:2D:B2:87:3F:8E:5D
ValidityFri, 29 Mar 2024 21:36:27 GMT - Thu, 27 Jun 2024 21:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84360 bytes)
Hash
e13561037b0a4307ff2f5c69154b89dc
14f8d3b256baacce05ff1cf812b9b12ba7b18be4
eda34b5626af40a812ca141d5d8158b9d44bc6b8ef2c01e8aac1bd38ef41f504

HTTP Headers

GET /apu.php?zoneid=5902452&var=5708419&branchId=150120 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/javascript
x-trace-id: 98a9d050a7ab91e43b5196fa6b13b523
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=008043e774df4efbffdb41357dd89d4f; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
oaidts=1713522868; expires=Sat, 19 Apr 2025 10:34:28 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/p1/Integration/Corp_Address/Default/PC/corp_pc.png

64.210.135.118

200 OK

12 kB

URL GET HTTP/2
static-landing-assets.project1content.com/p1/Integration/Corp_Address/Default/PC/corp_pc.png
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
PNG image data, 1120 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (12017 bytes)
Hash
5cbda9703656566001fc4a34a314371e
52cdd8b1bfa196763731ad13fd4860497d041265
7959f5b954ae8b21dadc7b1c0ab61d3bd973f3e1fc516967a18134e13ed76d35

HTTP Headers

GET /p1/Integration/Corp_Address/Default/PC/corp_pc.png HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: image/png
content-length: 12017
last-modified: Thu, 31 Aug 2023 19:22:50 GMT
etag: "385cc9a28-2ef1-6043cf843b680"
expires: Sat, 27 Jan 2024 14:33:35 GMT
cache-control: max-age=10602479
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-6140-1-19572-h-0-0---;7846-25-7351----0-0-1
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: de904cc3298cc3864627143b91220d96
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 19 Apr 2024 10:34:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwL%2BIKzK08Vq0KSqyCtuir5e50KFPA4qcapKLvESJ7AWRhNnyAWpMm0gyTPpZJdWKABAoZRQ50epMHyHBSp7Vgfw2dEVXksA3BXJU9XlW%2Fr2ls7mQ9KSn1LUrvO0D3MPu5VLGGSdj7fZp3IEAarKqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3dfbef2a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_02.jpg

64.210.135.118

200 OK

154 kB

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JPEG image data, progressive, precision 8, 430x430, components 3
Size
154 kB (153736 bytes)
Hash
27723306cd4af331dc5a0b826af49089
cf19a64f4cab931463d01b7593964b39eb23e940
a26c905812e0b6292d3bd2c8b9e287052b4efebeda1aba1f0bc85d62c3095ca0

HTTP Headers

GET /P1TGP/Brazzers/Media/Fallback/FreePromo/PC/TGP1/R7_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:31 GMT
content-type: image/jpeg
content-length: 153736
last-modified: Thu, 16 Nov 2023 04:41:02 GMT
etag: "372543fe8-25888-60a3da07b9380"
expires: Sun, 24 Mar 2024 11:38:51 GMT
cache-control: max-age=10417681
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-6848-h-0-0---;7846-28-7351----0-0-0
X-Firefox-Spdy: h2

specialsaucer.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHoMXRVD3JsKgCCoy6Z5fmXEPYozRsHGz7irqSepXT8pUVzVV3dOTOQUXZI9DLl473yQbXBd%2FHfTkIpMFhQUh4ykH8yd4EfYsMwbHfVD13ve%2BV%2FC99%2BqLg%2Fyc1JHTs7X37FBpTZdbtbD68sdRdLm6qUw%2BqA467U%2FbzctV13%2B9266Fr1TfkXzHLtfDKAyjMKquKydjO1iekVDp3W5U64a1Zr0WtZoYuEexzwN4GkD0z8kzUGK6dD%2B4BMUnMMl3a9LvZDZ97e0k1zSzDn1x%2FKHZMbYwSBZh7ALE5viiGtafrt%2BDNUdzubD9%2FwqZmpLg13tg5vhCJFj%2FcK6TaUgDJp5A0Z9A6gkUnYDbm1DilABc4OoWTHL7qnUF3f2XpTN2SpYe%2Fg1VTMnSn5dgkm9WtRpUb1idZ8oaj0FcQg0mUL0J0vwE2bACVZyAZ59Did%2FJ8sNNmORwy2sLJcp570pNoOIJtByB%2BgD57KgAeRwgTwMk4qzKoyhaCQWnYafLeUOsSNYWYURX4ohGYbuDnM%2FkjZClI3A9And7SN0edtQILv8FfruEFwF8NiXB%2B3voixKFJCg8QUEJCkVQZARFvzwS2td9eVton7PowtcvfKMc26x3QI9s1pOGgLoRnCgP0nPy9Gw%2BwYuVOnbkWTUWzZC1O3UatmST0rjZ6Yp6tx1GjVZIabsNr0ooX5m3PFRT8lL8E1I1JU%2F%2BRsDoCbw%2BAVfPgubPgxYl6HaJofk2ocrU%2BkrYIa0ZmUHYEmm2hGw3ONDn5Ln5kq58eQeSPyAXBu5KpK7EZ%2Bo%2BQU%2FfGl%2B3BTm8bgtPvt9KM5WoIZ0t8EZGM%2Fn4nStyt7BObKz50Vdv8hkxC%2B9%2BIH22SY1QpufJ16tKCOnWreOS%2FLzhP5LsWu63V3Nn8nTz2lvrG0nqpPfKmgmoOv1kH1xNyVM%2Fbs5%2F5qvVv6DcBC4vkeQLpcpOwNM9%2BHSR85bA6QVmaYAiL8euzhZJrQi0XGDKSvj%2FYbaIx47OXlNVHvhb6LkKaHYTJinRdyX6ugTVI%2Fj8sXGWugdv%2FNGYG5iujJl2lUOmnd6fD3l27cOrs2ojFCtMxnKFyWarGUsuWKvFQh5z1hCdDkfmp%2FEL7%2F7wDwAAAP%2F%2FAQAA%2F%2F%2FvWRH3cwQAAA%3D%3D

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
specialsaucer.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHoMXRVD3JsKgCCoy6Z5fmXEPYozRsHGz7irqSepXT8pUVzVV3dOTOQUXZI9DLl473yQbXBd%2FHfTkIpMFhQUh4ykH8yd4EfYsMwbHfVD13ve%2BV%2FC99%2BqLg%2Fyc1JHTs7X37FBpTZdbtbD68sdRdLm6qUw%2BqA467U%2FbzctV13%2B9266Fr1TfkXzHLtfDKAyjMKquKydjO1iekVDp3W5U64a1Zr0WtZoYuEexzwN4GkD0z8kzUGK6dD%2B4BMUnMMl3a9LvZDZ97e0k1zSzDn1x%2FKHZMbYwSBZh7ALE5viiGtafrt%2BDNUdzubD9%2FwqZmpLg13tg5vhCJFj%2FcK6TaUgDJp5A0Z9A6gkUnYDbm1DilABc4OoWTHL7qnUF3f2XpTN2SpYe%2Fg1VTMnSn5dgkm9WtRpUb1idZ8oaj0FcQg0mUL0J0vwE2bACVZyAZ59Did%2FJ8sNNmORwy2sLJcp570pNoOIJtByB%2BgD57KgAeRwgTwMk4qzKoyhaCQWnYafLeUOsSNYWYURX4ohGYbuDnM%2FkjZClI3A9And7SN0edtQILv8FfruEFwF8NiXB%2B3voixKFJCg8QUEJCkVQZARFvzwS2td9eVton7PowtcvfKMc26x3QI9s1pOGgLoRnCgP0nPy9Gw%2BwYuVOnbkWTUWzZC1O3UatmST0rjZ6Yp6tx1GjVZIabsNr0ooX5m3PFRT8lL8E1I1JU%2F%2BRsDoCbw%2BAVfPgubPgxYl6HaJofk2ocrU%2BkrYIa0ZmUHYEmm2hGw3ONDn5Ln5kq58eQeSPyAXBu5KpK7EZ%2Bo%2BQU%2FfGl%2B3BTm8bgtPvt9KM5WoIZ0t8EZGM%2Fn4nStyt7BObKz50Vdv8hkxC%2B9%2BIH22SY1QpufJ16tKCOnWreOS%2FLzhP5LsWu63V3Nn8nTz2lvrG0nqpPfKmgmoOv1kH1xNyVM%2Fbs5%2F5qvVv6DcBC4vkeQLpcpOwNM9%2BHSR85bA6QVmaYAiL8euzhZJrQi0XGDKSvj%2FYbaIx47OXlNVHvhb6LkKaHYTJinRdyX6ugTVI%2Fj8sXGWugdv%2FNGYG5iujJl2lUOmnd6fD3l27cOrs2ojFCtMxnKFyWarGUsuWKvFQh5z1hCdDkfmp%2FEL7%2F7wDwAAAP%2F%2FAQAA%2F%2F%2FvWRH3cwQAAA%3D%3D
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuHoMXRVD3JsKgCCoy6Z5fmXEPYozRsHGz7irqSepXT8pUVzVV3dOTOQUXZI9DLl473yQbXBd%2FHfTkIpMFhQUh4ykH8yd4EfYsMwbHfVD13ve%2BV%2FC99%2BqLg%2Fyc1JHTs7X37FBpTZdbtbD68sdRdLm6qUw%2BqA467U%2FbzctV13%2B9266Fr1TfkXzHLtfDKAyjMKquKydjO1iekVDp3W5U64a1Zr0WtZoYuEexzwN4GkD0z8kzUGK6dD%2B4BMUnMMl3a9LvZDZ97e0k1zSzDn1x%2FKHZMbYwSBZh7ALE5viiGtafrt%2BDNUdzubD9%2FwqZmpLg13tg5vhCJFj%2FcK6TaUgDJp5A0Z9A6gkUnYDbm1DilABc4OoWTHL7qnUF3f2XpTN2SpYe%2Fg1VTMnSn5dgkm9WtRpUb1idZ8oaj0FcQg0mUL0J0vwE2bACVZyAZ59Did%2FJ8sNNmORwy2sLJcp570pNoOIJtByB%2BgD57KgAeRwgTwMk4qzKoyhaCQWnYafLeUOsSNYWYURX4ohGYbuDnM%2FkjZClI3A9And7SN0edtQILv8FfruEFwF8NiXB%2B3voixKFJCg8QUEJCkVQZARFvzwS2td9eVton7PowtcvfKMc26x3QI9s1pOGgLoRnCgP0nPy9Gw%2BwYuVOnbkWTUWzZC1O3UatmST0rjZ6Yp6tx1GjVZIabsNr0ooX5m3PFRT8lL8E1I1JU%2F%2BRsDoCbw%2BAVfPgubPgxYl6HaJofk2ocrU%2BkrYIa0ZmUHYEmm2hGw3ONDn5Ln5kq58eQeSPyAXBu5KpK7EZ%2Bo%2BQU%2FfGl%2B3BTm8bgtPvt9KM5WoIZ0t8EZGM%2Fn4nStyt7BObKz50Vdv8hkxC%2B9%2BIH22SY1QpufJ16tKCOnWreOS%2FLzhP5LsWu63V3Nn8nTz2lvrG0nqpPfKmgmoOv1kH1xNyVM%2Fbs5%2F5qvVv6DcBC4vkeQLpcpOwNM9%2BHSR85bA6QVmaYAiL8euzhZJrQi0XGDKSvj%2FYbaIx47OXlNVHvhb6LkKaHYTJinRdyX6ugTVI%2Fj8sXGWugdv%2FNGYG5iujJl2lUOmnd6fD3l27cOrs2ojFCtMxnKFyWarGUsuWKvFQh5z1hCdDkfmp%2FEL7%2F7wDwAAAP%2F%2FAQAA%2F%2F%2FvWRH3cwQAAA%3D%3D HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9eaa79107e0c1f8c1389b771a0c1e7e0
Strict-Transport-Security: max-age=0; includeSubdomains

clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19

0.0.0.0

0 B

URL GET
clientstream.launchdarkly.com/eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19
IP
0.0.0.0:0
ASN
#0

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerAmazon
Subjectclientstream.launchdarkly.com
FingerprintF2:89:08:7D:7F:36:9E:23:89:08:EA:54:96:96:6A:28:5F:54:7A:8D
ValidityWed, 09 Aug 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /eval/63bdba6ee6d64c12826b8bff/eyJrZXkiOiJ1c2VyLWtleS10b3VyIiwibmFtZSI6IlRvdXIgTGF1bmNoRGFya2x5IiwiZW1haWwiOiJtaW5kZ2Vla0BleGFtcGxlLmNvbSIsImN1c3RvbSI6eyJicmFuZElkIjozLCJpbnN0YW5jZUlkIjoyMTQ0MTEsImlzRGV2IjpmYWxzZSwiaXNJbnRlcm5hbFVzZXIiOmZhbHNlLCJyb290RW52IjoicHJvZCIsInNpdGVJZCI6MTMwMX19 HTTP/1.1
Host: clientstream.launchdarkly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/event-stream
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tgp1.brazzersnetwork.com
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: text/event-stream; charset=utf-8
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
access-control-max-age: 300
cache-control: no-cache, no-store, must-revalidate
ld-region: eu-west-1
strict-transport-security: max-age=31536000
x-content-length: 877
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

104.21.35.227

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
104.21.35.227:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:26 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 25e4c40b9ea437913e227061bfe1287f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 19 Apr 2024 10:34:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9hCQfTjo6L7meExQfD9IsZvo1phfGQy7yr%2Ft3zz6UJdrKtS3QdZ%2BnNGu5jBzoABNgcwbVTWE9yv2RowooCVaRC6p9OSwHMrgX6KH5KCkoBATJSp1Z36s%2F9KiqYEhrnTnzfXnZUIivqbAuAe7o5VcaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3df84f2856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg

172.67.141.24

200 OK

22 kB

URL GET HTTP/3
cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg
IP
172.67.141.24:443
ASN
#13335 CLOUDFLARENET

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3
Size
22 kB (21597 bytes)
Hash
7bcc800a4957dac955e91ce1ee3b73cd
b1fae2cacecc790a22f91e2320077f89707473b1
760783cbcd04b3b7ef5f6b10a24878869d061709e4511ccada113b532833243d

HTTP Headers

GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:34:27 GMT
content-type: image/jpeg
content-length: 21597
last-modified: Thu, 01 Feb 2024 14:55:47 GMT
etag: "65bbb0f3-545d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2541106
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=la1kNFN%2FqBgOt3hRGinasatz0iyrVcAV1AIXD7aRTjqRav6QDNAA4HpaihacQ7uxi%2FRva%2BlY6nLPvlWjAAlyt%2Fzp6HgHMLNFTcLJ9btV%2B4k6heMBAZi2ycO2lO6Y9TcBHiMowsnDAIzo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c3e02ffec5697-OSL
alt-svc: h3=":443"; ma=86400

172.240.108.76

200 OK

0 B

URL GET HTTP/1.1
specialsaucer.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=169
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectspecialsaucer.com
Fingerprint85:D9:E1:3C:9F:65:7E:1A:F1:22:53:95:EC:C1:AF:84:9F:0E:5C:10
ValidityTue, 16 Apr 2024 10:30:11 GMT - Mon, 15 Jul 2024 10:30:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=169 HTTP/1.1
Host: specialsaucer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Cookie: u_pl=19071538; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 19 Apr 2024 10:34:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.8a9c57b6.js

64.210.135.118

200 OK

5.2 kB

URL GET HTTP/2
static2-ma-ht.project1content.com/tour/@one/blocks/async/ImageBlock.8a9c57b6.js
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5353), with no line terminators
Size
5.2 kB (5221 bytes)
Hash
f822f90a856d315be01822e40ba547f1
ee3567d7b993d80de1859b5915ce3944dcb0d29a
c7b96770dba601260cdc7d3addacb44636ec039039321b917fca6c5836ca62dc

HTTP Headers

GET /tour/@one/blocks/async/ImageBlock.8a9c57b6.js HTTP/1.1
Host: static2-ma-ht.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 08 Apr 2024 19:20:37 GMT
etag: W/"3ac3be718-1465-6159ab3442b40"
expires: Sat, 10 Aug 2024 16:49:48 GMT
cache-control: max-age=10636342
content-encoding: gzip
access-control-max-age: 600
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Origin, Accept, Range, Cache-Control
access-control-allow-methods: HEAD, POST, GET, OPTIONS
access-control-expose-headers: Content-Range, Date, Etag, Cache-Control, Last-Modified
x-cdn-diag: ams5-7846-2-6915-h-0-0---;7846-28-7351----0-0-1
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-56DK3TH

142.250.74.40

200 OK

204 kB

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-56DK3TH
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type
JavaScript source, ASCII text, with very long lines (3287)
Size
204 kB (203731 bytes)
Hash
02e59485d16dcdcb9688bfac890504cc
0b47d1baeec14bd2fb97d18f11134a7c9c9bb589
46acfeb78ea6ff582031d16b7ba69976ca5bab14b94d9abebef1802d78d14867

HTTP Headers

GET /gtm.js?id=GTM-56DK3TH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 19 Apr 2024 10:34:25 GMT
expires: Fri, 19 Apr 2024 10:34:25 GMT
cache-control: private, max-age=900
last-modified: Fri, 19 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.affectionwave.com/

178.62.22.16

302 Found

0 B

URL GET HTTP/2
www.affectionwave.com/
IP
178.62.22.16:443
ASN
#14061 DIGITALOCEAN-ASN

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectwww.affectionwave.com
Fingerprint0C:71:66:22:A4:A4:48:99:84:6D:AE:89:0A:E8:4C:C2:B7:9C:D9:66
ValidityTue, 26 Mar 2024 03:11:36 GMT - Mon, 24 Jun 2024 03:11:35 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: www.affectionwave.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://r.mylot.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Fri, 19 Apr 2024 10:34:29 GMT
content-type: text/html; charset=UTF-8
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
set-cookie: userReferrerUrl=r.mylot.com; expires=Sun, 21-Apr-2024 10:34:28 GMT; Max-Age=172800; path=/; secure; HttpOnly; SameSite=Lax
cache-control: no-cache, private
location: /join
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42

78.142.18.54

200 OK

416 kB

URL GET HTTP/2
videzz.net/js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42
IP
78.142.18.54:443
ASN
#208046 ColocationX Ltd.

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectvidezz.net
Fingerprint13:3A:F4:CA:71:F0:8F:F1:2E:3A:7E:2B:6D:8E:E4:7A:E9:9D:A6:B5
ValidityMon, 04 Mar 2024 08:24:34 GMT - Sun, 02 Jun 2024 08:24:33 GMT

File type

Size
416 kB (416358 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/videojs.5.min.js?v=b8dc06aa6195ca0716d0a0c4e3a76e42 HTTP/1.1
Host: videzz.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/jnkrqh6gmlbn.html
Cookie: lang=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Fri, 19 Apr 2024 10:34:24 GMT
content-type: application/javascript
last-modified: Wed, 10 Apr 2024 07:00:32 GMT
vary: Accept-Encoding
etag: W/"66163910-65a66"
expires: Sun, 19 May 2024 10:31:17 GMT
cache-control: max-age=2592000
content-encoding: gzip
x-cache-status: HIT
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44h0v9104348843za200&_p=1713522865531&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1814164684.1713522866&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713522866&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&dt=Watch%20Kono%20Suba%20Gods%20Blessing%20This%20Wonderful%20World%20S03E01%20VOSTFR%201080p%20WEB%20x264%20Tsundere%20Raws%20Wawacity%20city%20mkv&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1857

216.239.34.36

204 No Content

0 B

URL POST HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44h0v9104348843za200&_p=1713522865531&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1814164684.1713522866&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713522866&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&dt=Watch%20Kono%20Suba%20Gods%20Blessing%20This%20Wonderful%20World%20S03E01%20VOSTFR%201080p%20WEB%20x264%20Tsundere%20Raws%20Wawacity%20city%20mkv&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1857
IP
216.239.34.36:443
ASN
#15169 GOOGLE

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D
ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-HEX1BG8H46&gtm=45je44h0v9104348843za200&_p=1713522865531&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1814164684.1713522866&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AAAI&_s=1&sid=1713522866&sct=1&seg=0&dl=https%3A%2F%2Fvidezz.net%2Fjnkrqh6gmlbn.html&dt=Watch%20Kono%20Suba%20Gods%20Blessing%20This%20Wonderful%20World%20S03E01%20VOSTFR%201080p%20WEB%20x264%20Tsundere%20Raws%20Wawacity%20city%20mkv&en=page_view&_fv=1&_nsi=1&_ss=2&tfd=1857 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Referer: https://videzz.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://videzz.net
date: Fri, 19 Apr 2024 10:34:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

veepteero.com/88/104

139.45.197.242

200 OK

2.9 kB

URL GET HTTP/2
veepteero.com/88/104
IP
139.45.197.242:443
ASN
#9002 RETN Limited

Requested by
https://videzz.net/jnkrqh6gmlbn.html
Certificate
IssuerLet's Encrypt
Subjectveepteero.com
Fingerprint13:68:56:48:EC:67:A6:93:BE:E0:36:BC:FA:04:75:6D:6E:D2:C1:91
ValiditySat, 23 Mar 2024 05:18:36 GMT - Fri, 21 Jun 2024 05:18:35 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3203), with no line terminators
Size
2.9 kB (2947 bytes)
Hash
905b24342cd44db59528f8177d40bb3f
53f141bd235f649dd26491a4d29cf526dff13629
20dc22c6feb27d4b7dfea214a7241ac89c18908d5b159063991a9fd2f88307bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /88/104 HTTP/1.1
Host: veepteero.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://videzz.net/
Origin: https://videzz.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:34:28 GMT
content-type: application/json
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://videzz.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_02.jpg

64.210.135.118

404 Not Found

0 B

URL GET HTTP/2
static-landing-assets.project1content.com/P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_02.jpg
IP
64.210.135.118:443
ASN
#30361 SWIFTWILL2

Requested by
https://tgp1.brazzersnetwork.com/tgp1?ad_id=816178_FREE&ats=eyJhIjoxNDksImMiOjQzMDksIm4iOjE0LCJzIjo5MCwiZSI6OTA2NywicCI6MzM5fQ&atc=EXO&atc=FREE_6529744&apb=opc4ASOqlplustddVbbZPPO6eWiyadzqpbXUzOodNU6V0rpXT1UU0uomponpndRNTRPTS6V0zpXSuldK6Z0rpXTOrrnnpt0o3p1z3pjpmtnstqlnstorrsrrldrbRpPXLdtrvLrTdttvpTVNrxZTtxTxRm6V2ne0ene2v3evv..3eceof3TT2yqmlnpc6V0rpXSuldK6V0rpXTWTUVTz212uc6V0rpXSuldK6V0rpXSul4nru33qmrzmt0n3pzu2znpsn32nosmqcH2A
Certificate
IssuerDigiCert Inc
Subject*.project1content.com
Fingerprint78:F5:B7:12:15:24:D8:58:F2:7B:C5:E7:2C:73:55:9C:B1:14:59:62
ValidityFri, 19 Jan 2024 00:00:00 GMT - Sun, 19 Jan 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /P1TGP/Brazzers/Media/Images/816178_FREE/PC/TGP1/R6_02.jpg HTTP/1.1
Host: static-landing-assets.project1content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tgp1.brazzersnetwork.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 19 Apr 2024 10:34:30 GMT
content-type: text/html
content-length: 213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
x-cdn-diag: ams5-7619-3-10480-h-0-0---;7846-24-7351----0-1-1
access-control-expose-headers: x-cdn-diag
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (88)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML