diff --git a/src/providers/embeds/vidsrc.ts b/src/providers/embeds/vidsrc.ts
index d9eafb3..cd47e21 100644
--- a/src/providers/embeds/vidsrc.ts
+++ b/src/providers/embeds/vidsrc.ts
@@ -2,6 +2,7 @@ import { flags } from '@/entrypoint/utils/targets';
 import { makeEmbed } from '@/providers/base';
 
 const hlsURLRegex = /file:"(.*?)"/;
+const setPassRegex = /var pass_path = "(.*set_pass\.php.*)";/;
 
 export const vidsrcembedScraper = makeEmbed({
   id: 'vidsrcembed', // VidSrc is both a source and an embed host
@@ -23,6 +24,22 @@ export const vidsrcembedScraper = makeEmbed({
 
     if (!finalUrl.includes('.m3u8')) throw new Error('Unable to find HLS playlist');
 
+    let setPassLink = html.match(setPassRegex)?.[1];
+    if (!setPassLink) throw new Error('Unable to find set_pass.php link');
+
+    if (setPassLink.startsWith('//')) {
+      setPassLink = `https:${setPassLink}`;
+    }
+
+    // VidSrc uses a password endpoint to temporarily whitelist the user's IP. This is called in an interval by the player.
+    // It currently has no effect on the player itself, the content plays fine without it.
+    // In the future we might have to introduce hooks for the frontend to call this endpoint.
+    await ctx.proxiedFetcher(setPassLink, {
+      headers: {
+        referer: ctx.url,
+      },
+    });
+
     return {
       stream: [
         {