Report - vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false

Report Overview

Visited public
2025-04-06 23:39:25
Tags
URL
vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Finishing URL
vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
IP / ASN
104.21.45.240
#13335 CLOUDFLARENET
Title
vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-04-02	432 B	374 kB	142.250.74.168
vidfast.pro	unknown	unknown	No data	No data	6.6 kB	2.8 MB	172.67.220.189
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-04-02	500 B	20 kB	104.16.79.73
www.cdn4ads.com	105393	2020-04-18	2020-04-19	2025-04-01	444 B	38 kB	95.173.205.14
image.tmdb.org	17757	2009-09-15	2021-01-09	2025-04-01	464 B	265 kB	169.150.247.33
wsrv.nl	unknown	2011-01-20	2021-12-09	2025-04-04	508 B	8.9 kB	172.67.219.84

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed
2025-04-06	medium	vidfast.pro	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js	ScriptElement	507 B	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash e06f301d355f493514eea80cc6726d3d cb1755858456b4c9d6370ec94e9df8fb8dd0ad73 f0455d401f499dac227a2d5e148a1fa830d71033add85218f1cedb3761dbe57a Loading...

	vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-06 23:55 Times Seen2 Hash 3f94bb6b712d62bacc6f644f2b829de7 28fe14059f300c3f8610134447165cf142fc17e1 a07b1f56a1f121a9ce1e979dcbe0f1c07971149bd91ca9d44046bdefe7aafbd1 Loading...

	vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js	ScriptElement	3.5 kB	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash 9ca1ebe798464be9dd3573095fb02576 1c69ab091d8ef7ee451df69ff8b1e19b481852fb 88620bcbfc5c2957cc8783dd39c235090bfd45196d0f375e16cf91442da29109 Loading...

	vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js	ScriptElement	1.7 kB	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash 0018380946d8bb809307ece63031a672 0265c6d6897f2535ed09ca6a3c87eb167d29f4db f0deec7b7666325e0019b044f3e605f544cd75d7195212914d5060173c0abb7a Loading...

	vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-06 23:55 Times Seen2 Hash baea0c45908c0483145acd320be025a5 64d54db2b55d56b3d4c382b2f934616919414747 c5f9109587f8201074dc866d4dfabcbe5adeb2e022cdeaf34d0f6193b29d047a Loading...

	vidfast.pro/_next/static/chunks/493-15ee833434071b60.js	ScriptElement	1.0 kB	2025-04-06	2025-04-06
Pretty URL vidfast.pro/_next/static/chunks/493-15ee833434071b60.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-06 23:55 Times Seen2 Hash 4a1004c7e19c36b54fc67f9c99e87819 ee7ab137be5054f119770dadfe384f50579d1ddf 1f937c1c8a7bf2fa1d46920e60c34a9589fd934765caf07b1bd36f037fe8eccf Loading...

	vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js	ScriptElement	154 B	2025-04-06	2025-04-07
Pretty URL vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js IP 172.67.220.189 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-06 23:39 Last Seen2025-04-07 02:30 Times Seen4 Hash c9d89442bba6a352dc4eb50b54ba8e1e 70df7967df738b0769e59ede04983613af49fb2f e8f7d13ccfcbe708430536285ad8284badb1a7fa3100ef91e8e73f9c8bead06b Loading...

HTTP Transactions (18)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=G-JMWN78FZNK

142.250.74.168

200 OK

373 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-JMWN78FZNK
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint88:85:26:A3:0A:0B:44:C6:92:DD:7B:0B:D1:14:38:BA:26:B9:EF:D9
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JavaScript source, ASCII text, with very long lines (6129)
Size
373 kB (372908 bytes)
Hash
51fac0ac52f7f9cbf9ec22b8d9f64559
c8de28ce55f4fdf1041c36420130dd50cfb5123b
46a8f0bfd12df645cc5777ab0947d1534e7000894c01ca58bb931d345b1c49ce

HTTP Headers

GET /gtag/js?id=G-JMWN78FZNK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Apr 2025 23:39:02 GMT
expires: Sun, 06 Apr 2025 23:39:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 124398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

vidfast.pro/favicon.ico

172.67.220.189

200 OK

294 kB

URL GET
vidfast.pro/favicon.ico
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
294 kB (293990 bytes)
Hash
b8b4f7270b3e911edbf763c600a8f4ff
5e11e25003de1d88b0f8674264fedfb9c45d22cb
09d205701120ba861e0d4d377134e9813cfe0b65976bea436d66c491f286b8ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:03 GMT
content-type: image/x-icon
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84X%2B04httabwEkBKFx%2FnPvyy5I4Yrg%2BBJPe6CC%2Ble4pYwpsCknPE9DtyWmaXQMPFnIxDreqt86mhDeW6qwpOT%2BCZXo4ANbpzztcEnvRAwDQ0FUd0khOMhSsp4rEiDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
last-modified: Mon, 31 Mar 2025 15:16:52 GMT
etag: W/"47c66-195ecc6e649"
cf-cache-status: EXPIRED
content-encoding: br
cf-ray: 92c51f517e5a5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=1318&x=16"

vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js

172.67.220.189

200 OK

507 B

URL GET
vidfast.pro/_next/static/chunks/main-app-286098e153a46d48.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
ASCII text, with very long lines (507), with no line terminators
Size
507 B (507 bytes)
Hash
e06f301d355f493514eea80cc6726d3d
cb1755858456b4c9d6370ec94e9df8fb8dd0ad73
f0455d401f499dac227a2d5e148a1fa830d71033add85218f1cedb3761dbe57a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-app-286098e153a46d48.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sQkEe2KQpGrzbTvtiCjQlZxYVhEpY7Upl%2BLpAKJZCwfcpTvZ%2F1%2BbxDJm8nds8MlzS7sMODS0wTZ%2B9scrbX2Az2YJ5yN4Zhl43SQvCA90fhXO%2B%2BDcbYvnp4Ivwtwh%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"1fb-1960c87774e"
vary: Accept-Encoding
age: 11111
cf-cache-status: HIT
content-encoding: br
cf-ray: 92c51f4d2e3c5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=532&x=16"

vidfast.pro/_next/static/chunks/aaea2bcf-20557530bb6d62be.js

172.67.220.189

200 OK

326 kB

URL GET
vidfast.pro/_next/static/chunks/aaea2bcf-20557530bb6d62be.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
326 kB (325557 bytes)
Hash
07b2d3b6aacd9ed1864e3c4e11a677fe
3e6bb5a6c2b827ab62ba6e83acbb8dc3af5e9498
f3a9fb141323e73b2cb98d21fc3e55c129d451cccbe3c0dc4d1e51e29e817045

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/aaea2bcf-20557530bb6d62be.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HxBlZpqHRgwUOq2GhJnPJbhW%2F1giNwJyppvkYF4%2BdndX2qHgDADY0bfcKFqZHfZXd1C8awpnp1HmqXnjwlzn%2FSRYzbTce5luqV2mg2g9JDFh2%2F3o2wjhvww4VQnCeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"4f7b5-1960c877751"
vary: Accept-Encoding
content-encoding: gzip
age: 11111
cf-cache-status: HIT
cf-ray: 92c51f4d2e3f5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=540&x=16"

vidfast.pro/_next/static/chunks/633-d9bb244a396562f8.js

172.67.220.189

200 OK

289 kB

URL GET
vidfast.pro/_next/static/chunks/633-d9bb244a396562f8.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65520), with no line terminators
Size
289 kB (289339 bytes)
Hash
04d8ed448d0f59e5a2c73ee321b5d234
3bdf9f3fb45e8f9083d629c9796a15a435ee729f
f0b973eeafcfebec3bf96b71aae791619e52d52a0e42f204bd47b07ae600e613

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/633-d9bb244a396562f8.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ueesevF%2B7pLMaimiVQKS4Vi0eLEE1hy0q195rd28wnLk1vNsIhAr33Fbt87tuD3AzamWED%2FEJOL1D7Eq39a0D68S237paSqqBSTzah%2BT1mroBMQzqsbPVja82rheEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"46a3b-1960c877752"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 11112
cf-ray: 92c51f4d3e415694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=537&x=16"

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintAD:90:D1:30:C9:77:BF:DE:1F:AB:8C:0D:6E:67:CB:6A:E8:42:DB:18
ValidityThu, 27 Feb 2025 14:42:34 GMT - Wed, 28 May 2025 15:42:17 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidfast.pro
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 92c51f4dbf0a712e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

www.cdn4ads.com/paphrodite.min.css

95.173.205.14

200 OK

37 kB

URL GET
www.cdn4ads.com/paphrodite.min.css
IP
95.173.205.14:443
ASN
#60068 Datacamp Limited

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerLet's Encrypt
Subject1037973644.rsc.cdn77.org
Fingerprint5C:85:F4:84:08:0D:0B:B6:1F:1F:E1:40:3C:BC:41:40:DF:A2:DB:2B
ValidityTue, 04 Feb 2025 22:53:04 GMT - Mon, 05 May 2025 22:53:03 GMT

File type
JavaScript source, ASCII text, with very long lines (1568)
Size
37 kB (37166 bytes)
Hash
b1c96d1c28997b39bb6bec846ee681d1
a550609d020cead11991424108320ce85884153f
c6b64395fd112438ae9e163fd4ef4f69710ef6fcb945ead86b279000f778832f

HTTP Headers

GET /paphrodite.min.css HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vidfast.pro
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/x-javascript
popads-node: wb8
expires: Wed, 09 Apr 2025 18:25:28 GMT
access-control-allow-origin: https://vidfast.pro
link: <https://cdn4ads.com/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBX63NDQH3DY8FAAwBuUwKCQH3VQAAAAwBnJIhJwG3HAAAAA
x-77-nzt-ray: 2a494a1515314ef6bb10f367d741e339
x-77-cache: HIT
x-77-age: 364301
vary: Accept-Encoding, Origin
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2

image.tmdb.org/t/p/original/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg

169.150.247.33

200 OK

264 kB

URL GET
image.tmdb.org/t/p/original/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg
IP
169.150.247.33:443
ASN
#60068 Datacamp Limited

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
Fingerprint10:6F:2B:AC:40:A0:C6:7E:52:63:8A:A2:D9:53:8B:14:CC:B5:C4:87
ValidityMon, 31 Mar 2025 16:12:43 GMT - Sun, 29 Jun 2025 16:12:42 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 2880x1620, Scaling: [none]x[none], YUV color, decoders should clamp
Size
264 kB (264076 bytes)
Hash
3d56127952342a91d23cc2b2f11dc1fa
103df1836f4852c652c13347686128a0502569cb
94aa796a7c94e425e957d2ee3b5be37d573b017cf8d34d5a514a27a56ee62be8

HTTP Headers

GET /t/p/original/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: image/webp
content-length: 264076
server: BunnyCDN-DE1-1076
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 02 Apr 2025 01:06:10 GMT
perma-cache: MISS
x-bo-server: LA-294
x-downloadsize: 362043
x-bo-origindownloadtime: 768
x-bo-compressionratio: 27.06%
x-bo-processingtime: 194
x-bo-version: 1.0.26
cdn-proxyver: 1.22
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 04/02/2025 01:06:11
cdn-edgestorageid: 1047
cdn-requestid: 599bbfd8dd1f684c0c46022a9aaa76d5
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
X-Firefox-Spdy: h2

vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js

172.67.220.189

200 OK

169 kB

URL GET
vidfast.pro/_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
169 kB (169106 bytes)
Hash
b80ddd0362968b14568a2702930b161a
b56834651a027d08193fa847c078a3192d8eb157
15fb06f22e693b0d2541756094728c138e90cc82c64a3bfc33c7d23c536cc55a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4bd1b696-2ff081e3b6ea2c01.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvJoLVGGWPY9kgrgnvO4MLUiP1MBOxCjXdCfhAAji0dBqibG3hmZ61H6x4JRy6cCuv3NXMasyQWYTVPzSz48yxG2gZqTzRbSkesRbpXPQyLxcwbC8lpk3H1NbD7xXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"29492-1960c8f88fb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 11112
cf-ray: 92c51f4d2e3a5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=539&x=16"

vidfast.pro/_next/static/chunks/493-15ee833434071b60.js

172.67.220.189

200 OK

173 kB

URL GET
vidfast.pro/_next/static/chunks/493-15ee833434071b60.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
173 kB (172561 bytes)
Hash
7bae7e6fbd7c3f89856b862830c9736e
461251d062186fbda834eba22c587c121cb58e5a
6005dcb2f3b76afe98083f47f5ad59c0bf31c222bfee25916d4c0b0dcebe31ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/493-15ee833434071b60.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7VOYb3PZr4dhJsduNdhxS8Mut8NorrDSXlFvFlIIxT4QjUU22Sw454ZGj0T3aRP637pJXSYo8yM2576FqUhlr81Kf5NXOE2eCIJ8jmqcnTCsJiGF3TUK2BM86EamcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"2a211-1960c8f88fc"
vary: Accept-Encoding
content-encoding: gzip
age: 11111
cf-cache-status: HIT
cf-ray: 92c51f4d2e3d5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=546&x=16"

vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js

172.67.220.189

200 OK

15 kB

URL GET
vidfast.pro/_next/static/chunks/687-171a5bc7e13c045f.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (14626), with no line terminators
Size
15 kB (14626 bytes)
Hash
cace43b02db9130b96e656ed449640a8
614cb446d78f8718babcc361311dc54ee37daf0a
678e185eb49b68774b4ee30cb44eb2399584a54f11005683ac436607af65753a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/687-171a5bc7e13c045f.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sf2fSbrKHq25QgILUo2RCepbqLTtd82iKbwp%2B7BKYsrLvaGyfMLubi38eFVfP9Btr3Lwqp6nhWUkcFP%2FC3HVrdgjjAPE17azHGz581NrvbUQ%2FtEgzm23gubJ9Icayw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"3922-1960c877752"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 11112
cf-ray: 92c51f4d2e3b5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=536&x=16"

vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js

172.67.220.189

200 OK

1.7 kB

URL GET
vidfast.pro/_next/static/chunks/app/layout-d744ef52078dcaf8.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (1701), with no line terminators
Size
1.7 kB (1701 bytes)
Hash
0018380946d8bb809307ece63031a672
0265c6d6897f2535ed09ca6a3c87eb167d29f4db
f0deec7b7666325e0019b044f3e605f544cd75d7195212914d5060173c0abb7a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/layout-d744ef52078dcaf8.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jCMKXfKanaSpTDoJ69t%2B79PpvsIqOZDcv9MGqSZ2uO%2FfMaiq5ezqXwtdhLlxGe0jriTvQq3Mu%2B9behpsgxJpLgulHiY9qK%2FAinagAZUpaNs3RA8mI6hrLtZ%2Bk0I0Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"6a5-1960c87774e"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 11112
cf-ray: 92c51f4d2e3e5694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=543&x=16"

vidfast.pro/_next/static/chunks/214-c428fea6c42f9e18.js

172.67.220.189

200 OK

1.4 MB

URL GET
vidfast.pro/_next/static/chunks/214-c428fea6c42f9e18.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
1.4 MB (1449459 bytes)
Hash
31037092fac5aa2f631ccf9a5e6df20b
ba24146432adacdf66a4300abf69825ca7d2a7c5
280b2b7777cd23f8a9383dcee19022852ef995378e68248ceabee0eb358f3055

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/214-c428fea6c42f9e18.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D%2B6xWVg%2Fz9JFs5wB5wk13duxgrn0j%2BxGrCg4vq2xmmmlCkdBkQ43YtzhgprJ%2FuYjtAd%2FXjrybIKBO4NsgZKVaSpi1GcShVCAY6e2V4PgUm1UewiIq3d5RPeUfvPXfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"161df3-1960c877752"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 11544
cf-ray: 92c51f4d3e405694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=535&x=16"

vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false

172.67.220.189

200 OK

47 kB

URL User Request GET
vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
HTML document, ASCII text, with very long lines (38065)
Size
47 kB (47132 bytes)
Hash
c6fcfad917360aa3cb3430fe1d9bcf8f
5b22a38757374628a944e4eec8efde5b69c9da1a
d788c1a3e40a6f8e63bf06d0a3dffbbb3b21f1cd7750475d46cc2bc19f884cd7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: text/html; charset=utf-8
content-encoding: br
cf-ray: 92c51f49bfea5689-OSL
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Router-Segment-Prefetch, Accept-Encoding
link: </_next/static/media/a34f9d1faa5f3315-s.p.woff2>; rel=preload; as="font"; crossorigin=""; type="font/woff2", </_next/static/css/6ddd6eb8f4a6994e.css>; rel=preload; as="style", </_next/static/css/6174c9845b5853d2.css>; rel=preload; as="style"
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgTbvf8Zs5kDsv7%2BAc%2FLMAleuV%2FIR91mfKjxgf%2BmvoxQXh42XkovZITuS9%2F0uYHRVb1l4uJynY9awKd0kHxfUIUQOES9gU22qYLeEyKYJEpwumD0ky7wAkX9nzPtmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=1284&min_rtt=440&rtt_var=1308&sent=53&recv=19&lost=0&retrans=0&sent_bytes=56010&recv_bytes=1570&delivery_rate=34799531&cwnd=255&unsent_bytes=0&cid=f48d869ad89b4312&ts=152&x=0"
X-Firefox-Spdy: h2

wsrv.nl/?url=https://image.tmdb.org/t/p/w500/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg&bg=black&blur=3&tint=black

172.67.219.84

200 OK

7.6 kB

URL GET
wsrv.nl/?url=https://image.tmdb.org/t/p/w500/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg&bg=black&blur=3&tint=black
IP
172.67.219.84:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectwsrv.nl
Fingerprint4C:A0:DD:D8:66:38:A6:6E:DB:B0:95:4B:42:41:FF:36:BB:94:40:17
ValiditySun, 09 Feb 2025 22:40:01 GMT - Sat, 10 May 2025 23:38:44 GMT

File type
JPEG image data, baseline, precision 8, 500x281, components 3
Size
7.6 kB (7577 bytes)
Hash
99063cf1c7cee18c203dadf92d6c71a5
f9da380d7aac8a371391c7d0450367e9b55ad454
78898cfc482cd5879b166f324bcb64c9c010fc1c0a6ec921f19818201d2ac595

HTTP Headers

GET /?url=https://image.tmdb.org/t/p/w500/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg&bg=black&blur=3&tint=black HTTP/1.1
Host: wsrv.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: image/jpeg
content-length: 7577
content-disposition: inline; filename=image.jpg
link: <https://image.tmdb.org/t/p/w500/aUB43BC4umdv2L4nkR7Mbg2NdJ6.jpg>; rel="canonical"
expires: Mon, 30 Mar 2026 05:30:51 GMT
cache-control: public, max-age=31536000
x-upstream-response-length: 19845
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
timing-allow-origin: *
x-images-api: 5
x-cache-status: MISS
last-modified: Sun, 30 Mar 2025 05:30:51 GMT
cf-cache-status: HIT
age: 649086
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FgcLY38b%2Biy9HvvFN87C4ViRtIckr4LqoVmMpsx7fUl8r5d1MwoHqejNl5IdYuBYLycURxb5jtrXO%2BD0jORV5opNyf5j6PRpADKBF44geccFz%2BR5eDZcebNc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 92c51f4d4a41568f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=809&min_rtt=387&rtt_var=805&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3260&recv_bytes=1259&delivery_rate=7898181&cwnd=254&unsent_bytes=0&cid=9b97e6f4e7c0282f&ts=70&x=0"
X-Firefox-Spdy: h2

vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js

172.67.220.189

200 OK

3.5 kB

URL GET
vidfast.pro/_next/static/chunks/webpack-833550a514665e2e.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
JavaScript source, ASCII text, with very long lines (3547), with no line terminators
Size
3.5 kB (3547 bytes)
Hash
9ca1ebe798464be9dd3573095fb02576
1c69ab091d8ef7ee451df69ff8b1e19b481852fb
88620bcbfc5c2957cc8783dd39c235090bfd45196d0f375e16cf91442da29109

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-833550a514665e2e.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0rTFnFu9iAk2YW5oF%2BNcIRC8no8E6tGsLNvX1drmfAvmnaJgyfPy07qp9jl%2Fpz%2F3cJ0ekUuCAcgb5b5bmMFfWUyZ4f2bUSNS1i%2BftE%2BRF7qOErWqqkudyqbc5FAWPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:15:26 GMT
etag: W/"ddb-1960c877751"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 11112
cf-ray: 92c51f4cfe395694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=508&x=16"

vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js

172.67.220.189

200 OK

154 B

URL GET
vidfast.pro/_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
ASCII text, with no line terminators
Size
154 B (154 bytes)
Hash
c9d89442bba6a352dc4eb50b54ba8e1e
70df7967df738b0769e59ede04983613af49fb2f
e8f7d13ccfcbe708430536285ad8284badb1a7fa3100ef91e8e73f9c8bead06b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/app/tv/%5Bid%5D/%5Bseason%5D/%5Bepisode%5D/page-8d2245a6592bb2a4.js HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAlkFrFTjTL8RO6pUZMTM7tZtNV1fAfPsFAwklx1nCn%2FuSrKLt3pTjVA32RucRr1qs86JapIaUg15xcnPm3mKXM7NgPxvM9ZmsgFay1AfHrO02%2FDj%2FU8iEQX%2BX2v6g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"9a-1960c8f88fe"
vary: Accept-Encoding
age: 11035
cf-cache-status: HIT
content-encoding: br
cf-ray: 92c51f4d3e425694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=540&x=16"

vidfast.pro/_next/static/media/a34f9d1faa5f3315-s.p.woff2

172.67.220.189

200 OK

49 kB

URL GET
vidfast.pro/_next/static/media/a34f9d1faa5f3315-s.p.woff2
IP
172.67.220.189:443
ASN
#13335 CLOUDFLARENET

Requested by
https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
Certificate
IssuerGoogle Trust Services
Subjectvidfast.pro
Fingerprint12:4E:71:B4:7B:55:9F:76:37:6A:80:99:A2:B8:0A:E2:D7:32:02:30
ValidityFri, 07 Feb 2025 16:40:04 GMT - Thu, 08 May 2025 17:36:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48556, version 1.0
Size
49 kB (48556 bytes)
Hash
d4fe31e6a2aebc06b8d6e558c9141119
bcdc4f0b431d4c8065a83bb736c56ff6494d0091
c88db2401bef7e1203e0933cc5525a0f81863bfd076756db12acea5596f089ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/a34f9d1faa5f3315-s.p.woff2 HTTP/1.1
Host: vidfast.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vidfast.pro/tv/247718/1/1?autoNext=false&autoPlay=true&nextButton=false
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 06 Apr 2025 23:39:02 GMT
content-type: font/woff2
content-length: 48556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aupbv4DhCYiaEFVSx7Hq7Dl18QpdQEfN39vw847bY5J02KC3mwdz6sC04INOMLPHbTUXe%2Br3grQ83Qyb5wMwRLAhGpaSGror8SM59TTzs8K9K0E3cN0iXscS%2FLiOLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
last-modified: Sun, 06 Apr 2025 19:24:15 GMT
etag: W/"bdac-1960c8f88f9"
age: 11112
cf-cache-status: HIT
cf-ray: 92c51f4f9e525694-OSL
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6725&min_rtt=2066&rtt_var=2647&sent=105&recv=121&lost=0&retrans=0&sent_bytes=8809&recv_bytes=7096&delivery_rate=2062&cwnd=12000&unsent_bytes=0&cid=e59b21b9f63889fe&ts=916&x=16"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections