{"report_id":"21284087-eae9-4833-8653-763d7673a55a","version":6,"status":"done","tags":[],"date":"2025-12-30T22:11:10Z","url":{"schema":"http","addr":"tkmallalliance.com","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":0,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"tkmallalliance.com/","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"title":"TikTokMall | buy, sell and discover on TK","dom":{"size":86558,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (746)","md5":"d60ce916683ae8cbcdca6aba902284f4","sha1":"9c9865948db909e780093f3703e50f53a7c3ecdf","sha256":"982e07788930a56e14f6e7936bdedcf27d21f7e239dd284939522eb247355619","sha512":"5ddb92b1c1a36d48e301fdfbcc71b1965b8b5dbd68085bde8871b87e8376197915a56affec994516d4fabb1de2ff49ddfffc7d2be0b9bcd57a5c5871a54058d8","ssdeep":"768:+gIR1UERlvd4Kn14+2o35Uk6wqQPXta/lrL:Sr7RleT+2o3Rqp/lrL","tlshash":"0683b67285f02063508286e07a366f2b7f90e85bde669a45b6bc13c81f96c83cc7771d","dom_hash":"domhashf31189ba88d7d4c8c7962d739076fab9","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tkmallalliance.com","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":0,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-03T22:11:10Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"tkmallalliance.com","ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-05-29","domain_rank":0,"first_seen":"2025-12-30T22:11:14.995583Z","last_seen":"2025-12-30T22:11:14.995583Z","alert_count":67,"request_count":67,"received_data":12374659,"sent_data":32536,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Lodash","description":"Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm.","website":"https://www.lodash.com","common_platform_enumeration":"cpe:2.3:a:lodash:lodash:*:*:*:*:*:*:*:*","icon":"Lodash.svg","categories":["JavaScript libraries"]}]},{"fqdn":"sf16-va.tiktokcdn.com","ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"domain_registered":"2017-09-20","domain_rank":76103,"first_seen":"2020-09-03T03:29:30Z","last_seen":"2025-12-28T06:34:26.118668Z","alert_count":0,"request_count":12,"received_data":5539916,"sent_data":6500,"comment":"","tags":null,"fingerprints":null},{"fqdn":"p16-oec-sg.ibyteimg.com","ip":{"addr":"23.36.77.107","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"domain_registered":"2019-07-19","domain_rank":45551,"first_seen":"2021-12-22T12:54:34Z","last_seen":"2025-12-27T12:32:43.373026Z","alert_count":0,"request_count":3,"received_data":17918,"sent_data":1587,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-arco.afd3802c.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"66296ae08db9dce0b0ec23e84f1cfa82","sha1":"bbfb60f99fc2b9d2cd418c0ef49790688f83d47b","sha256":"4167eb82e602d4d57bf9d4c41cfd52696be67c0e53cf870b1a48ddbe76847cb5","sha512":"78f0bb30c14c0471032453920e4dce8674bad7f260839843e3892e659e9bf04528767e6eeb6d506535cee8af6595546886318bb95369f8787ad21512749cd373","ssdeep":"3072:IgXb9MtoaJJAtDW6Wu8HI83tcWJpaWJA9H2LvVbEmpNkcsQREkjFNdIw0XhJsBk:e337JpaWJA9H2LvVbn9sQREkuw8ek","tlshash":"13542dd87254b0a593fb41b6803f180ef33b361cb8398d50e2b5e8d474a5649a52bfbd","size":295368,"data":"","first_seen":"2024-09-28T07:23:58.35934Z","last_seen":"2026-04-03T20:29:52.864471Z","times_seen":569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-axios.de405cb7.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"44cbfad9b61a51d2124298a49b29c009","sha1":"7443225d2d6bbd323ba0ba811cc2de7f2230d3a3","sha256":"55a2f4274446416598c3b4cee096005842f8529f232507aea4336b04ca1d22a1","sha512":"a0c4762905258d7f6f12285601e915d4fe9214fcfe4dbc95671b50ddb438a69bd28144767351ad9fac6a5e3be171417fe8694d7769952eb37da74d25af57e997","ssdeep":"384:DzdycsDmxm7PX9OWOUtpefXrdZ5BKm4gmZtxR0Ywe7W5EjU7Fh5yk0:DRy7MIVuIpeiBZDt+50","tlshash":"4692fac9b9a0f07547a321f4806f590bf3775529a44d84a0fb50e8e62cb890e873bf6d","size":19792,"data":"","first_seen":"2024-09-28T07:23:58.465686Z","last_seen":"2026-04-03T20:29:52.875785Z","times_seen":569,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/83.97401b30.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9645b1f5ab1bf07083a13d39627de505","sha1":"74262c4077855e038042a7b30a61515811f247dd","sha256":"b442a68ba589101ee961131f60e5ff500213799774f9b510e892726a7c83ccea","sha512":"c6d68587d9ea87d2a2cb51eb0d7a1ee26c13ad30a6d35df9a05ef5ec1e33efdc088e6c4ca362f9084e099841b35d15492011a137134551fb9fe877d4960fcdc9","ssdeep":"6144:DRHbIYnZo0nf6lg9bPmEOuOcxOkuKoE+oZS:D1UY60Ci9bPpOWTYEtg","tlshash":"86b43acdb299702503e364b9903f110ab33a2a58744dc028f575e9e56cb994ea33bf7c","size":530518,"data":"","first_seen":"2025-01-28T12:57:32.280556Z","last_seen":"2026-04-03T20:29:52.925756Z","times_seen":523,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/page.b98cfe07.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"556172faab67882f868c136a19b1d1be","sha1":"68c7fa1df42814f7e785ec7952514493c826b8f4","sha256":"664e0b0fa581291f2eb5b29930da01e2524b943bc43a676a81e27a62fb32325e","sha512":"e53ddc5760d997822dddb7d35d495bbe8d20e3cc175b101345db98cfd905add2a44b9bc0f72fff1c1e8b840cc572374155e7f6b82949e9ef23cb40b419c99ed1","ssdeep":"1536:yo+ucihfhcvq3ZdrY/sw+/SAx79ZR3y7i2k9:t+KTrEswq/Z5ym2k9","tlshash":"e4630a52f461ada8f67749c4913f880ce61a3a0bd64484a8fdbc7d091649293f13bfde","size":68238,"data":"","first_seen":"2025-01-28T12:57:32.2988Z","last_seen":"2026-04-03T20:29:52.891994Z","times_seen":433,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/main.a0906336.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"34c65ea5f113504cce2d321b961ecdb9","sha1":"08452295b557781bdb2c040bfd8af380f3d0382e","sha256":"bf5826fc56e122bba36429ed692b35c5ca3502f1946adb91901a7eb86becbab4","sha512":"ce29cfa7520bd62e82f7ae4af90ecf259ecc2df46ff3a2378b1e76ad5b8061d9cb271c0cc70e0d193768aa7d914e7e5e9c533bfd83dd00b1e83a3213bd0ab781","ssdeep":"384:5Llw/fc/7T6EsqjFx7TsvirLWtY8x0r8X2iw+fq3coaQXgpJhA:5LO3c/7TsqBe68x0r8X2iwMq3cJi","tlshash":"76520cb6c04138bf2e8e0a84500e3ebaacad5ecf916d7570955c68ddb144af7bc0dac4","size":13686,"data":"","first_seen":"2024-09-28T07:23:58.371454Z","last_seen":"2026-04-03T20:29:52.888936Z","times_seen":564,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-router.706221fa.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"33e7cf1528a483f0c3d9da77a9935747","sha1":"162b9616fa767dd4ec7b64c157e859099782a87f","sha256":"7ee5d4c6a5b6b9013b91f3a7b74dfde9c03b70859bc5e64506984bc75276e990","sha512":"bc7d36a6232b763e6d808690bc07b3a4c9e87caa203a191675e996d560c355575b98b175cfdeea606c9f232c7573680bef1793e6c44c19f33b63d13710ff3103","ssdeep":"768:OK3cu7mmtBYfQoN0C3N3X6gL58s97iG3hfQKfg7g:XcuPC0CNqgL5CKoM","tlshash":"a733f9fab641b0665bfb03e6c0bb0125e3796dda206a4415b298ec4e3074d4da377f39","size":54278,"data":"","first_seen":"2024-09-28T07:23:58.450437Z","last_seen":"2026-04-03T20:29:52.900634Z","times_seen":567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-lodash.bf84b211.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6be4803af01cf9e16ddf93fb04a1db72","sha1":"0487ddef043cdb2e15e9bf5c599134f35a166ce1","sha256":"853623d58dedcd9a5e536bef349e9ff83dded42d4b1dd2fbab7fe601bb28626e","sha512":"ca190dab6ce3f636419cb5d23cb65d4948126e212756d9f05e6dd2702b09689488b5059277b32ff31d7b1497205804278f77f2f996c4608544322aa3686f71a6","ssdeep":"1536:52fmxNB/M6lzihdLUVnCsmdaKWsq5l1frkn9c/pn4QJn9pyHX:vPadIVlKWHDeCpL9pM","tlshash":"f09393c9bad3f05943a77860402f040bf23e6e54a88e9594d262e4dcbcbc55ee177f1a","size":95095,"data":"","first_seen":"2024-09-28T07:23:58.446746Z","last_seen":"2026-04-03T20:29:52.93395Z","times_seen":570,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/838.a10936a8.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bc4d89c9a2c17a8ae31eb040c70ed5a7","sha1":"6bf5da7743761a2376406e7fabb77bb11c9612f0","sha256":"c54953f443c4ea82c58f6ce421ccd7d38da866ed91ca7cf3462fe225135882cd","sha512":"812b6ccffbb6c1f3ce6fd484179cdac69e4ed7d673ac11de1fe7e14049ebbe9ce5a5bbcbdd6a9695d29513076429ce8cc8230f9ba1e2c830c9661ecedbc358f3","ssdeep":"768:mMeUGnwMod+y5Y5RtepS8DoMpl2OiBH86gJB/lp:3eUGn9TqXdptGg7Np","tlshash":"45f24ac0f155f538535a98a942af41087329710cec6cdc84f35ac8953be4ed5e263bfa","size":36427,"data":"","first_seen":"2025-01-28T12:57:32.297156Z","last_seen":"2026-04-03T20:29:52.91448Z","times_seen":448,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/463.1d0eeca0.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"57c75c145966a9b3876015314e58c6cf","sha1":"587f7c1ceb37ccf305198586d16a2f12cd37e127","sha256":"5a204106103fa388c30ee10c5b601ece0295f6d235d841e0c00b566310bd8e06","sha512":"b6877bd4a897bcff4450b0f3a045f94b451ed6f6abe3f5fb0d6cbde22205210e8283bd9bdcb4493067ebc95bdaa344addcbbdcddb1add020ddb052a9ff8a943b","ssdeep":"1536:cDk6atQ8eLahR1gDk6atQ84LahRDFRTq7/631:cDk6adeLahRGDk6ad4LahR67/631","tlshash":"d2b3a4c9f6c6b0610397b470913f550af33b2d54789e80a4e266d5d26cb968ea237f3c","size":117728,"data":"","first_seen":"2024-09-28T07:23:58.369894Z","last_seen":"2026-04-03T20:29:52.924118Z","times_seen":449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"988ffbb27ebdcf644769e6e0ec0a6229","sha1":"25a488d27dd59713e41bf61de79406d25f23c824","sha256":"965470f5e55092f33504f4a3f5887691402738cc52d437542fa8f547cc4406fe","sha512":"245bed655e5beb0b93fd0123ee180a0677d502fd18db869a492df7f41af6e6151c77cdde49cd8f2ea880ef00b6303ebe4da878bb31bb5e50ba987821be78f76a","ssdeep":"","tlshash":"91f02224087870a3a648b1a46c331a94937262dbde38706bb78c07294f1e47f89f47ac","size":482,"data":"","first_seen":"2025-01-28T12:57:32.366762Z","last_seen":"2026-04-03T20:29:52.938748Z","times_seen":427,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"52bc91b0a2ebacb9989abb0f4038d489","sha1":"886df9fec732c9f8116e57af5eb7337f1ceef81f","sha256":"796ae4250347a7daed74567b7051202b30a8793b41176b3d0061f508b09ba9c9","sha512":"feb2e7a3e94545ccf4b81fb7a72bb8cfb2738d3b75a578caafe357e6254318a44018de01b06c57a31a56eea1a4810d94122bd073386f1289578c281e55e2896b","ssdeep":"192:tk3V0jBVfZkPN9nTY8tLy7FwYQvttuJDehFi5E8mBJuHHNNJF7DnPoTDXK+2u5Us:mPXta/lLPW21hUj","tlshash":"48923fa786743881a50502602cbbaf247628e89fefa5fda77e1d41681f1d01ec9f735c","size":21223,"data":"","first_seen":"2025-06-27T03:43:52.507278Z","last_seen":"2026-02-06T12:03:45.311134Z","times_seen":16,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-polyfill.144bde91.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d409a82f1fd1ccdb4146719442dc76f","sha1":"513830bb776dc7f35be3c4259dabcac2b5c3aab8","sha256":"c5425790d0cba801d53c4e17a27acb6897f5b3908397ef6f803140dfb408b003","sha512":"806134eebc7ff56dfaf3e8d0ba7089aba86c57599e490edcb5b87221b7598aa2a35587a5b12443b2ed14acd0c66d9ba8c6e0ab1c787a984e9e8ab49a02774e78","ssdeep":"3072:la0q8CJLo4Mhy7a2O+MqOTkhMaJt+iFjvGW:m8YwhycmjjvGW","tlshash":"dd34b988b292f0e64bf264d4407f8407f1771a64a44da851ffa1d884687bd4fb07babd","size":247143,"data":"","first_seen":"2024-09-28T07:23:58.455437Z","last_seen":"2026-04-03T20:29:52.879697Z","times_seen":567,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/353.b3bb0bfa.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"40ca993782cf703c4565c62dbb358437","sha1":"9388e191ad5335b498edf6570f6e8f9ab5fe4e51","sha256":"57fbb4da17f365666d1a6f3ef530e3cad7b3d5595d89e535d2ea496b5eae4220","sha512":"c60f0565f8d3deec75fb59da88a8c7e36cd9c0ef19e31843f32c4658bd10b0520fb9c552abdb24450198e08bf6621a4adaef28f0f3ec1da5c2884cfe6eea1cea","ssdeep":"768:nMKFAF4f+zJoh6lmNARMdJoJwayF2VjcWzEQL5ah0dFabqh8:MKFcRKJ8wzF2ha2j8","tlshash":"2e633ba8b2d1706187c312a1c22f830633375499554a8424f637d8ea2db5d2f76bbfbd","size":68942,"data":"","first_seen":"2024-09-28T07:23:58.368094Z","last_seen":"2026-04-03T20:29:52.870758Z","times_seen":450,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/460.6e84f8f9.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"836efd88de242ffbc27638611da04205","sha1":"9142336339d9535b8187997cb85433bc7c8eb8fc","sha256":"04f7e43a9925ee4f07f5d8263e91868c7d03dd0cd1f67ad011a7b266f1ff6005","sha512":"610521f3a077e3dced7bff918f3a2b1ab78aaa4d5ae2be8b7469e84593b1cb46886d2957d10aa54560b7cd627690ffa7baf7bddd8eb84647d2a1cc38e7d7c787","ssdeep":"768:DEucduAqko/ShcDEo/ShcD1IhMLSrKCgucNnN:DEako/ShcDEo/ShcD1IhMLSrKCgucNN","tlshash":"d9b292e0b50aa0b5527f606a80bf160db325761cbc35ad91f253e4ea21d4fc3d116bfa","size":25238,"data":"","first_seen":"2025-01-28T12:57:32.295733Z","last_seen":"2026-04-03T20:29:52.871904Z","times_seen":449,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-react.235b4836.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c194b12793a2436efb1f3ce1c674b69","sha1":"2bc65388297613de6cc4622a771e5e001f2d95bc","sha256":"181d18351e54581117e789445bcaa5d7477257c510189767d4d3e04c56bed549","sha512":"da45dc947f923d79a04277c08f915f575fe3a573a8dd4a1c92caf693c74110db65ca697c9af4722412691ed7659732ca9d34fcf2771d378cc2391a7dfe507ca4","ssdeep":"1536:Wv4kq5k79fohxQlV0vMYbAJnfMhnia9Toy7U6SLdl8eIUZQeY:WVX0OnEboy7U6S72eY","tlshash":"79d306e83996f5516ab7126700ef1807733c1a1b280c89a0a615fd8e75f842eb17bfdd","size":140018,"data":"","first_seen":"2024-09-28T07:23:58.462117Z","last_seen":"2026-04-03T20:29:52.924927Z","times_seen":568,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/158.ed83d71c.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"1e659875b1b11ac2eb38539dbfdfe8e5","sha1":"d5424a68c8cfd432484b361f91a6586ff4bf2fbe","sha256":"c6097538c3f16b90e7f27d61bb447edbf1bc610ffd160bb9da46e45267d08ff0","sha512":"c5f226480f43b4f9252410ffe6c2dc5f32e90a9ee81cfc02decea79299fbb675ee090ce9cc8267ed48617c19b916edc74b05d6e1d24142303ebe55e995e6cb63","ssdeep":"6144:Hc7LZPfGrpsOeGndoo9m90hr7Ds2t9vMUi:87Lh+rmO3do+hw2b5i","tlshash":"52946cc9b255b03243a725b5902f150eb33a251cb45cc468f675eae52cbe94fa327f38","size":443345,"data":"","first_seen":"2025-01-28T12:57:32.294212Z","last_seen":"2026-04-03T20:29:52.890795Z","times_seen":430,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/c66126ce696f4672af7d698e0f3d61cb~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.629Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/c66126ce696f4672af7d698e0f3d61cb~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"4430-1732123159000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:19 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4430,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"6acc5ea63480977112e33d4e21c4cbef","sha1":"692bbadde81ff9b82b0343fa4c05dc82ad076cdd","sha256":"ea7e56e5af17e18a1e12e514e32a3ef40928d522aeb031f1388c2d9d7796f515","sha512":"2fc39f0266ca57bec9808ca8e074c3fe6e823422ad950d896e4b66df066ca5dc80ed991796bee82acd0388a206fc470404c4068a82776f6406872bb3e1878ea2","ssdeep":"96:17vXZylQIxi/7YSvkYjYBQi1E3z5Opfgqgz3q85dze:1LXolQIxizsYp9+fgqR8DC","tlshash":"2c919ebc27ed8f93c30cc2fa4a17a722c4a06437e20ba190c6fd9340ebb6166416538c","first_seen":"2024-08-19T16:11:10.099083Z","last_seen":"2026-04-03T20:29:52.926595Z","times_seen":575,"resource_available":false,"data":null}},"time_used":1483,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1483,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/8c632fa730e34f81bb4a908ee6807cd5~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/8c632fa730e34f81bb4a908ee6807cd5~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 406\r\netag: W/\"406-1732123153000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:13 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":406,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"b2f9cbb07b90d07586627181be3756b9","sha1":"d43dba33f975d7d95fa59a78a0a6588eb7c84dd7","sha256":"df70ec6b935ff6bd0b90d340f5426231b18f4889dd6790843f343f1b12c2f469","sha512":"ef67be28c2d660ec6f0eb6212eeb8fff6b0e5eb266ef0ac1e302ce6de7008c7fa5245c9623785c484c4ffe9f3536cac1a83ac52b1da43da71a7d0adba2b76e78","ssdeep":"","tlshash":"42e0f1805d3d38b8e150f2559122a051ced184055333500670a1c73b977031fc7f2b43","first_seen":"2025-01-28T12:57:32.335956Z","last_seen":"2026-04-03T20:29:52.880913Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1965,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1463,"receive":502,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/2.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/2.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: erv9UDZ3asmee91Z8Ocz0A==\r\netag: \"7abbfd5036776ac99e7bdd59f0e733d0\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: be5b91398f40b01568398f40-fdbdgdc61g18g177gg17\r\nx-tos-response-time: Fri, 30 May 2025 10:58:09 GMT\r\nx-request-ip: fdbd:dc61:7:149::23\r\nx-response-cinfo: fdbd:dc61:7:149::23\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01c777f8d00428c0ef263014377b7f8cc5a03e85aa560c0186e34e9b0a37725fc42e016db07016bace0f99cd3a0f53a1b49b895efb2c77c471d1bb7b652daa0ace129283222dbb42e4fac9f45d51db0c8b20ce9885edd506b763998773fb51caf112dff34f205ef4fce76fe8de6fc9c598cb4ce309af22a6d241ec5f2c90b645a3\r\nx-tt-trace-id: 00-2505310901053A5FF392F057ECB6CA17-282640AFED608DCD-00\r\nserver: TLB\r\nx-tt-logid: 202505310901053A5FF392F057ECB6CA17\r\nx-parent-response-time: 4,23.61.206.68\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-127233/127234\r\ncontent-length: 127234\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, inner; dur=2\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d33123b\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":127234,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"7abbfd5036776ac99e7bdd59f0e733d0","sha1":"a7d1d7fd53c0c4b915629b030457df1bc95b2089","sha256":"2967fb76be6f7294c8e8f2967b389baa6778ba2cb7f6141dadcf996c92c6edff","sha512":"44ace5efe320457849c3551a7673218747545029462f06137417c9fa4100107f4d72f29413b8a264b24cd8547478fc85e1409a69a6efecfac14aa9c61460d3f7","ssdeep":"3072:SSV3L96dIRQMlSBNNMuuM6OGDK0dAzenBZwafQ:SSV3BlcVuM6rKcAzeYafQ","tlshash":"12c3f172a6c02937ec74733320ea62436745a064a0796bd77c9e8135cfb92eb5f92c94","first_seen":"2025-01-28T12:57:32.249392Z","last_seen":"2026-04-03T20:29:52.878249Z","times_seen":566,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/right.c4267fe0.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/right.c4267fe0.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/page.ba41593c.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"16726-1732123201000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:01 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16726,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 525 x 1851, 8-bit/color RGBA, non-interlaced","md5":"579d1cfd16a2644dc9c0846ce09c25ca","sha1":"9c9e12092eb01008bc57862c4714cbd95a82d101","sha256":"af2dbbeb782e256776d7dff5dd49436eac94abba300016473f1576cffc06c187","sha512":"2a0a75504407a2e58c1f17cec91a2236d8478a35d5eece6ee9686454e8b2c518c7b0060f8a82c2ee03201f605bfa818509ea755a6d5681022d123090956976af","ssdeep":"384:SQRVffcyQ1N8SCph8m9dk5dYahDecJs2Eed9diaOTQy:TBnphBk5dYED7NXty","tlshash":"5c72afe9dd56970e0d318c349a8cb6f0c9a8bb8941078dd7d6cf0a89a704f4ef66b711","first_seen":"2024-09-28T07:23:58.468601Z","last_seen":"2026-04-03T20:29:52.895645Z","times_seen":416,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/8ea836f9a8c44e2693e28007382e504a~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.631Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/8ea836f9a8c44e2693e28007382e504a~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"4687-1732123153000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:13 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"3cfe19ee2948dc3d801afc4b6c25339f","sha1":"1e908d24b3bb21908191a504c74ee0be3e3a4d2c","sha256":"e71399ca790a567d6f46af5c957a8a4fbd3631a19f9d7c527cc82e57a4048cfe","sha512":"5632e7dff15dfc0b4f46526316d8ae3c432186f1d93c09ca3705c119eee3403fff465bd928c4858de2c8df0ab25588ba8072ca07f91b54b7d5c373292676d2b3","ssdeep":"96:BGTOMOPApcEyL+sCKjU1gjfe/2dYwZveG9evGEHK1:wT2YpcVdbc2dYwZveKetq1","tlshash":"aba18ef8b661c7fdb42d39b13a922c4bf51914c709e88f0eda4e4d5c908bd08d537682","first_seen":"2024-08-19T16:11:10.100895Z","last_seen":"2026-04-03T20:29:52.88963Z","times_seen":577,"resource_available":false,"data":null}},"time_used":1482,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1482,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/visit-01.32224451.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.670Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/visit-01.32224451.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"324379-1732123174000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:34 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":324379,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 610 x 320, 8-bit/color RGBA, non-interlaced","md5":"98b6cd8b9eadc53c791fa64788c006d2","sha1":"bb6540a644702a1fc998ca5d2a464c5283f2a3c5","sha256":"dd4426eb22228e901ffda60361ee621617f03591bc3f7b039ab34b916de79c63","sha512":"72c84adc30f16becc4d2cc5b2a0d35412afa3c8c1f5188e94e321816d2440eaf8404ca58f13543fb000f3ecf5179437ed14cd6109b0dbb07a8534b0823d1868c","ssdeep":"6144:4zAfIbI0LB9yXvNedALFd88o7axQSZ//4XrPpFU33fbyDb/Kqp5nv:4zAfet2vkwVHqSZ//EFo3DyDuCnv","tlshash":"336423c12756d126bf65ec4685ae02e4dbc07f5e8c973a243b6eed451862bc6313c3b8","first_seen":"2025-01-28T12:57:32.345347Z","last_seen":"2026-04-03T20:29:52.936064Z","times_seen":405,"resource_available":false,"data":null}},"time_used":1432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/158.ed83d71c.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.673Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/158.ed83d71c.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"443345-1732123179000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:39 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":443345,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65466)","md5":"1e659875b1b11ac2eb38539dbfdfe8e5","sha1":"d5424a68c8cfd432484b361f91a6586ff4bf2fbe","sha256":"c6097538c3f16b90e7f27d61bb447edbf1bc610ffd160bb9da46e45267d08ff0","sha512":"c5f226480f43b4f9252410ffe6c2dc5f32e90a9ee81cfc02decea79299fbb675ee090ce9cc8267ed48617c19b916edc74b05d6e1d24142303ebe55e995e6cb63","ssdeep":"6144:Hc7LZPfGrpsOeGndoo9m90hr7Ds2t9vMUi:87Lh+rmO3do+hw2b5i","tlshash":"52946cc9b255b03243a725b5902f150eb33a251cb45cc468f675eae52cbe94fa327f38","first_seen":"2025-01-28T12:57:32.294212Z","last_seen":"2026-04-03T20:29:52.890795Z","times_seen":430,"resource_available":true,"data":null}},"time_used":1428,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/460.6e84f8f9.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/460.6e84f8f9.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"25238-1732123182000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:42 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25238,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (25238), with no line terminators","md5":"836efd88de242ffbc27638611da04205","sha1":"9142336339d9535b8187997cb85433bc7c8eb8fc","sha256":"04f7e43a9925ee4f07f5d8263e91868c7d03dd0cd1f67ad011a7b266f1ff6005","sha512":"610521f3a077e3dced7bff918f3a2b1ab78aaa4d5ae2be8b7469e84593b1cb46886d2957d10aa54560b7cd627690ffa7baf7bddd8eb84647d2a1cc38e7d7c787","ssdeep":"768:DEucduAqko/ShcDEo/ShcD1IhMLSrKCgucNnN:DEako/ShcDEo/ShcD1IhMLSrKCgucNN","tlshash":"d9b292e0b50aa0b5527f606a80bf160db325761cbc35ad91f253e4ea21d4fc3d116bfa","first_seen":"2025-01-28T12:57:32.295733Z","last_seen":"2026-04-03T20:29:52.871904Z","times_seen":449,"resource_available":true,"data":null}},"time_used":1428,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/left.bc194b75.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/left.bc194b75.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/page.ba41593c.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"16650-1732123200000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:00 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16650,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 525 x 1917, 8-bit/color RGBA, non-interlaced","md5":"fac8a0b06e1d83854e096bc4444a7760","sha1":"62ca959aeff46d3a794302735680e5e97158a57a","sha256":"f54c7e25582877b67d0c8d56d6b570f0f4cac13189658ee794f350a9d42ee6f5","sha512":"f6d06524f7d7e0619a92c9d714f24fc6d9069cdd57e83f048b0ddb78939c664705b9f868190eb4195897dfc65f9029f134f8a4da00b9971d8d9243e8622bd41e","ssdeep":"384:OrCqcDGElkDMubY8KIoqLT3s4opTCeP2xQFZf:aCdKvTKW30p+AFN","tlshash":"2a729f51cdcfba9e481759e04a030041f49e07ccda8b49f578bf95ed929cf3592aaa23","first_seen":"2024-09-28T07:23:58.471372Z","last_seen":"2026-04-03T20:29:52.856958Z","times_seen":416,"resource_available":false,"data":null}},"time_used":337,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":337,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/liveHolder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.637Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/liveHolder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 219736\r\naccept-ranges: bytes\r\ncontent-md5: aFOxPncKLdEWqCLCJ6fDuw==\r\netag: \"6853b13e770a2dd116a822c227a7c3bb\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: a1187f3a1f2cef02683a1f2c-abf38c5\r\nx-tos-response-time: Fri, 30 May 2025 21:12:12 GMT\r\nx-request-ip: fdbd:dc61:10:253::21\r\nx-response-cinfo: fdbd:dc61:10:253::21\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01dff37b3e340e71996c157643bb6bf7a179ed39413394888ed760d098bfb84bbeef1e2ab64c2a644de0602f40e01902720854da5c330a43b05c57adee85304abc52e888c9ff77080aab75d20e9dd14c73a9be76a91174dd413ac4d880b9738f76dfe3202ee6c85da21162d662c81094be\r\nx-tt-trace-id: 00-250531023441CE2AE30A67E4FDA58594-523D34AA9794281B-00\r\nserver: TLB\r\nx-tt-logid: 20250531023441CE2AE30A67E4FDA58594\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=2\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331122\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":219736,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 565 x 999, 8-bit colormap, non-interlaced","md5":"6853b13e770a2dd116a822c227a7c3bb","sha1":"a9d56bb607687e8649f3b35cea83420f191bf809","sha256":"97a8f62035393e92e48c8a2fb0c5e2891cdef960c530f07521c7f9ba2692d328","sha512":"09fe5a048dc9b3bc7c51af2cd30b62a3227871cc93d5e80352b6a6241ca3c89ecc975c0875aa7c5e5db299092d828b54c0acd22799c1cdb0676520e122870b56","ssdeep":"3072:2Z6Q9AkPO76gJiKAmgPaTsWfoAOQNkDel6BP4i1sqKMwcwYJAoBgBnWN3vVCAxEi:fQPGbPgPaTtxN8OesqaYeBWNN/Ocf","tlshash":"e924226688cb9ef9e57356f3944eb63de53f0f2710a5d170a6820091ced3b19ba6074c","first_seen":"2025-01-28T12:57:32.246085Z","last_seen":"2026-04-03T20:29:52.908916Z","times_seen":561,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":0,"dns":22,"connect":0,"send":0,"wait":27,"receive":6,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/a5541bc32521444297734d1941980fb1~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.644Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/a5541bc32521444297734d1941980fb1~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 692\r\netag: W/\"692-1732123154000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:14 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":692,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"ff07113820ad52c6e5c0f75c21428f3b","sha1":"271ed7252f4d39d46d2ef4e48edf2b04c27b67ec","sha256":"976c68a350447bfd3796db2baae82188c022cf70d5c409e0879a2e6008e5fc7f","sha512":"6fef03bb55bf09f188ac672f38143bfc9c3dd605c09b2a9ca96f638b944ff76ad64c1efe46b6c635b456fbc8521a645253e15287a5570ac8a9108ee558e19851","ssdeep":"","tlshash":"210144c7c9913476f9d2fc7142bda801cc18df3a4e228113491884f66165b43b95e7bf","first_seen":"2025-01-28T12:57:32.307069Z","last_seen":"2026-04-03T20:29:52.910303Z","times_seen":546,"resource_available":false,"data":null}},"time_used":1968,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1470,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/0c5502edac234b618ed6e62b05b5f10f~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.656Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/0c5502edac234b618ed6e62b05b5f10f~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 612\r\netag: W/\"612-1732123150000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:10 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":612,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 73, 8-bit colormap, non-interlaced","md5":"787cdadce91e400d58d06fdf40160cd1","sha1":"e18711ca5c640f76b4fe795c7834cad949c97807","sha256":"c9416ab2a8148313996a4f260967f3fbf4dbd1a9a014f34800e12dbf20fcc15f","sha512":"d19d1c89f5c00d54804582d2a3f46ef4bebee0d4b6055cad736badc61cb2e26ee0784c1296856d69c5160a6b44a36fdaafe97f2f236043afe5f94573421d003c","ssdeep":"","tlshash":"8df062a0539d4c94ead6ff63993ed842db202ed8473291d9897803274933198ea44080","first_seen":"2025-01-28T12:57:32.344055Z","last_seen":"2026-04-03T20:29:52.927401Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1958,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1455,"receive":503,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/visit-02.d211abb5.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/visit-02.d211abb5.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"321543-1732123174000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:34 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":321543,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 610 x 321, 8-bit/color RGBA, non-interlaced","md5":"202f946af20d883eaaffe1c7f47e2ac2","sha1":"d23a5455b76352a335107aaecc9ec5559641134a","sha256":"fde027f551a7f7687afc3d1df0dafb1d5b9e3bb9d2666668c6f1ba86dc547044","sha512":"4a361afd46128d5e5e60836365178e7dce05e52bb21a2a4c2f50e7572c281beb65b11b60998a28b54313ccec93748d36ba5ac4dcae5078155e620674282d2693","ssdeep":"6144:ACmuWIEF1dpTiIYW6d0cGi4EW+rc9AjSZl6IKEi96IxcZNFGHglQh/4sy:NmKxIf6d0WQF9A2ZcFEw6BYglmy","tlshash":"3c6423f86bebcf825d91c52ac9c5bea86d4f477c8c36256c7d616d60cde1980288cdd0","first_seen":"2025-01-28T12:57:32.346892Z","last_seen":"2026-04-03T20:29:52.868935Z","times_seen":408,"resource_available":false,"data":null}},"time_used":1431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/463.1d0eeca0.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/463.1d0eeca0.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"117728-1732123182000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:42 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117728,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65466)","md5":"57c75c145966a9b3876015314e58c6cf","sha1":"587f7c1ceb37ccf305198586d16a2f12cd37e127","sha256":"5a204106103fa388c30ee10c5b601ece0295f6d235d841e0c00b566310bd8e06","sha512":"b6877bd4a897bcff4450b0f3a045f94b451ed6f6abe3f5fb0d6cbde22205210e8283bd9bdcb4493067ebc95bdaa344addcbbdcddb1add020ddb052a9ff8a943b","ssdeep":"1536:cDk6atQ8eLahR1gDk6atQ84LahRDFRTq7/631:cDk6adeLahRGDk6ad4LahR67/631","tlshash":"d2b3a4c9f6c6b0610397b470913f550af33b2d54789e80a4e266d5d26cb968ea237f3c","first_seen":"2024-09-28T07:23:58.369894Z","last_seen":"2026-04-03T20:29:52.924118Z","times_seen":449,"resource_available":true,"data":null}},"time_used":1428,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1428,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/mp4/TikTokShop_ZIP.mp4","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.789Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/mp4/TikTokShop_ZIP.mp4 HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 16748855\r\netag: W/\"16748855-1732123178000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:38 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-16748854/16748855\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48769,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"b771d59c1072ce81a05930aa96528193","sha1":"11f63f3f3c16b3ad3c3c1d5fd3f73eec515dd31c","sha256":"0727dc1e18e396e780dcacfd55c4acc9ed7276beb068cc2cc2934125283eff6b","sha512":"727c765638620d0b8694cc2e488524a915de76e563cf127bbefecfef78453cf928fa3d04f6a074db2f9999b16ec5a2bc6dd31e51b1eed9a99505f3bcbb6829d4","ssdeep":"768:ssSCOH6/HQlWSYV9ETcGcZj7/bfqLH8ax1cmCj9xrCMCKS73Fs0xGefi0a7uaQiD:OCOHSH2WSYnocTj7/Mjncm06MCKa1s0g","tlshash":"d0230256dfc8274cfd3003b4674268bae0c9e10f95fa0fdf27394e9c852da615968e21","first_seen":"2025-12-30T22:11:25.947731Z","last_seen":"2025-12-30T22:11:25.947731Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1715,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1367,"receive":348,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/left.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.628Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/left.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"145246-1732123168000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:28 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":145246,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 857, 8-bit colormap, non-interlaced","md5":"5c66fb7a1859ee23fda3294f6b14b618","sha1":"2cb5600288ddaaaa457d90b3ad103361ce0b7ba0","sha256":"4874b02eaf38eca66078cad985de493f7f14872d42317c46a50145ec74ebc897","sha512":"13891e91d4447fcd7dc1c06c8578c7df1c993b8483b8d4ab3e408e9c009af5e3a3ce7d7c2a92acda2fbc975f6b92ae8fb41eed1bba49ea80e1a5b9bd402ba834","ssdeep":"3072:ziEtf/vcSa6jREJVDqdk2OUPAZtZafGsIz6P47Ed8LSO0t9p:mEtPXFWjqXOftZMUmSE+Sdt9p","tlshash":"b9e313c0e112151ec29efde11eed4c77986a350ef6198ac6dc054b278df3f4289d1a7a","first_seen":"2024-11-19T07:54:21.395524Z","last_seen":"2026-04-03T20:29:52.857636Z","times_seen":479,"resource_available":false,"data":null}},"time_used":1484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/7ee7c29f6d524e03ac48cc32eed4b912~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.645Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/7ee7c29f6d524e03ac48cc32eed4b912~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 371\r\netag: W/\"371-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":371,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"1ab6d013a3f43915b8ea2fbd0b74dbe7","sha1":"df52c03c337bbd74a2b976575a693eed41b0e117","sha256":"851cf8b809ff8f67253ac16dc1eb9c74d07055716963188f26a66a6af385d370","sha512":"105ff7044b320e6d00bf9a3fc83342a7bd22ec025939807de8671d1acad7a94f850a8d4f3bb8a484a62b982b978628fbb090570c33e0e61033aa9b215d9ff456","ssdeep":"","tlshash":"b5e0c0e3afa35dacda676abb412cdd9881931828511a1d07c44b22727b3214d73a5f47","first_seen":"2025-01-28T12:57:32.304252Z","last_seen":"2026-04-03T20:29:52.918821Z","times_seen":546,"resource_available":false,"data":null}},"time_used":1967,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1469,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p16-oec-sg.ibyteimg.com/tos-alisg-i-aphluv4xwc-sg/876feebbbebd4e1290264d966eac158e~tplv-aphluv4xwc-origin-image.image","fqdn":"p16-oec-sg.ibyteimg.com","domain":"ibyteimg.com","tld":"com"},"ip":{"addr":"23.36.77.107","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.657Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ibyteimg.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:68:99:F7:11:99:E1:26:F3:58:F7:0B:38:2A:AB:E3:3F:B4:0D:35","sha256":"D3:AF:19:C8:00:FA:B8:E5:1E:07:1A:6F:74:F5:09:8A:4E:E6:B2:B7:A7:F8:D8:4F:93:13:86:CC:93:89:0F:AF"}}},"request":{"raw":"GET /tos-alisg-i-aphluv4xwc-sg/876feebbbebd4e1290264d966eac158e~tplv-aphluv4xwc-origin-image.image HTTP/1.1\r\nHost: p16-oec-sg.ibyteimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 4171\r\nimagex-fmt: png2png\r\nlast-modified: Wed, 26 Feb 2025 12:56:34 GMT\r\nnw-session-id: 20250226125632EF066CC299E3131103E0dw6m713df\r\nnw-session-trace: 2025-02-26T12:56:34.043817638Z 95\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-length: 4171\r\nx-powered-by: ImageX\r\nx-response-date: Wed, 26 Feb 2025 12:56:34 GMT\r\nx-tt-logid: 20250226125632EF066CC299E3131103E0\r\nx-request-ip: fdbd:dc53:3:771::15\r\nx-response-cinfo: fdbd:dc53:3:771::15\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01ac25ae6d475fbf6414a8751bb8e73313a01127db7ab67dda32d60e2b9e9e0a8fe5dd2e1fa112e38555c07e8de7f672ec76ac40e07bdebf8a36c4f89e4d34cc00869b60e4ae98d62090a721128bc8a1a75356734e000863fd7050c376afc6ddccf994211c40b5da33819ce6ad55bd6524\r\nx-tt-trace-id: 00-2502261326123E15EE17E010DF04FD53-2340F90046B8D5DD-00\r\nserver: TLB\r\nx-origin-response-time: 75,23.205.82.22\r\ncache-control: max-age=30317834\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a23-36-77-103.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=1\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 5a05dd63\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4171,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 440, 8-bit colormap, non-interlaced","md5":"abe0088d07fc512411dba1d0bf7e2ee5","sha1":"5872102d04cc79112f0675bd5408fc617c5a69df","sha256":"a357c0909db08ce5e90199620704c113ec5d2ad2907d9dafe54753736694558f","sha512":"b7e753c422c99cfe765e2cac85976539e94d52cff60239be3c2eeb33dafafd7ca547a63bd6e3fc3b1b58ae72d96a083498e6af285e04b39fed944b39c8ba5178","ssdeep":"96:a5TZxwxQ+AY1DDKnLVbyqyUHAM54CusQsen+ce/8w9YLTyie2ZePS6ZB:a5dxw3ObIUBKSenjeEw9UyTxL","tlshash":"c781a0b3414a9711fe31bb7d2276089ea1e0d774e8067a47b0a0d51f39efc146800911","first_seen":"2025-01-28T12:57:32.261729Z","last_seen":"2026-04-03T20:29:52.89786Z","times_seen":560,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":71,"dns":63,"connect":2,"send":0,"wait":8,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/4d5d4b724db84f0cb906c728ab7ea3c0~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/4d5d4b724db84f0cb906c728ab7ea3c0~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"478429-1732123198000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:58 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":478429,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1196, 8-bit colormap, non-interlaced","md5":"30aa97c1e36015f017016ff4a8c7989f","sha1":"7cbbdba28cefc8133a3c347415ce34da09518603","sha256":"4bd5eae5a0c343511df6ad86d927aee4b897560d5a9cbcd89e57391dfeaab90a","sha512":"e98994d3afe11679f9e0a64a533cb81551cf126a6757613f33d555ebf7f15f28a7a9d9ee8afa983c243654e62a7b863fbef77f1266d328ca3a00226f6fe558d1","ssdeep":"6144:nzK9Xy0nuh3I6UTx2xp5AW2jD1Kj550Nl2pVQDgxUtycl9myAoN0ZN7abt+BzZxb:nWR3uXUYGDM95KlQQDGKyw9mugV0GF","tlshash":"82a4237887346fcd111591ebeaa85d862d5a8f15ba0d9ae300e7fdda530814b31eec33","first_seen":"2025-01-28T12:57:32.35738Z","last_seen":"2026-04-03T20:29:52.874434Z","times_seen":521,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":303,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/370cd42a67c3424c85fc5395158eec06~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.632Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/370cd42a67c3424c85fc5395158eec06~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"4211-1732123151000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:11 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4211,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"d4f8979b3d4018df19969be9034516f9","sha1":"cd6ed110c7796e771450e27e820b11f7940d9db6","sha256":"636491d3bb271b7114c8cc3a8b05577949318e025acbd978f644fa1dd449cc76","sha512":"5eb075dab8c90cf6592176262d7e57350575022e4a30301766231aa51bc316b768d7a8dce2098b3012f75e27196978d849ab72eca032641e8a5eda5432b778be","ssdeep":"96:ZEHnswxASzLSucX8QAu1V3H80aqpuT3ktzXPFmEtvaXyHcSxBEchT:ZQn3WSMyu1Vs0bUIXtpIdSxBEQT","tlshash":"bf915dd3d557f081e311e27e0d3410e85519a6edc731a448eee7ec1e7a2ba99426d170","first_seen":"2024-08-19T16:11:10.099878Z","last_seen":"2026-04-03T20:29:52.918014Z","times_seen":575,"resource_available":false,"data":null}},"time_used":1480,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1480,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/5015a0b7ebfc42ce87eb2f189e4d9ca9~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/5015a0b7ebfc42ce87eb2f189e4d9ca9~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 680\r\netag: W/\"680-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":680,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"07619c70d1cc395c9308efaf97131cc4","sha1":"0bc95ec9f7be60fcb8878a7fd138c9fe688329c7","sha256":"02ddeec521c5522f7afc3ead8d544dda9a5aa9245b99602cca97019e46ba1f57","sha512":"c01a78edbac9f3d2d648cf04374645bef0a392dfa72402de5575616b2d74b122d46cf98f4587ddff358c5f509ad46f527620bb0b55ee4427ab46b5b208576c20","ssdeep":"","tlshash":"c20183d13e703ef1ab7a598b973a01239b328e0c770e768c0664a8296526c249660082","first_seen":"2025-01-28T12:57:32.334763Z","last_seen":"2026-04-03T20:29:52.920101Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1966,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1464,"receive":502,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/join-today-04-new.a81810fd.jpg","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.669Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/join-today-04-new.a81810fd.jpg HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"102986-1732123168000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:28 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":102986,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 292x215, components 3","md5":"89d8e3348837e3a985f355f8f8cca357","sha1":"84da9dde012559ace13080de3d09bcd7a97c5b2b","sha256":"10832fcd66b07c3ffc81980cda95520eb11f485eb17fa9f077397735d20342f2","sha512":"b4f30d8a5c1d123dfb7f982f78f41f2964b36e76b7bea6f54d9686c3b2a9653753d5c0065c2214ebe332821fdd675a7e1d845f8bd6d40323fca0ef61949e28d4","ssdeep":"3072:I9UZTc/3FzwL9+XZ7gttFQzG8YDWCqcXSjgNoRv2Xh:Iy9cvFzTZ7iDwXYDfSOol2x","tlshash":"67a322ac3fe454fecf0d15cc764e906cc0f3a3633a4862e5b5d2058bd2d560b2aa169b","first_seen":"2025-01-28T12:57:32.330541Z","last_seen":"2026-04-03T20:29:52.869604Z","times_seen":421,"resource_available":false,"data":null}},"time_used":1431,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1431,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/Banner/placeholder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.626Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/Banner/placeholder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 542833\r\naccept-ranges: bytes\r\ncontent-md5: VHW+LO0S7pyvGVDRJKpEUQ==\r\netag: \"5475be2ced12ee9caf1950d124aa4451\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: b0155f49ca791ed76849ca79-a364697\r\nx-tos-response-time: Wed, 11 Jun 2025 18:27:05 GMT\r\nx-request-ip: fdbd:dc61:a:53::42\r\nx-response-cinfo: fdbd:dc61:a:53::42\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01c4ec7fbc0b9f41cfb847c95fc8dbbe67052435415a0f09013cf9da976a030a3199d2f2ef77675e4ce2a1789670c6833eabbb347f0bfeb367c83614b921dc3d2bfad27951d00de97cafea264648743100a2d0700cbd317866fa48537b2b72017b20bf6fc93d369a40c5e2edc5978fe51ea1efa36c4d11af9dd40e7b174d4bf7f4\r\nx-tt-trace-id: 00-25061204181008B839C717AFFBDF4EA0-53770562F0A11731-00\r\nserver: TLB\r\nx-tt-logid: 2025061204181008B839C717AFFBDF4EA0\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, inner; dur=2\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331100\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":542833,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1125 x 2004, 8-bit colormap, non-interlaced","md5":"5475be2ced12ee9caf1950d124aa4451","sha1":"ff32f262c7234de0cc215b39524b3def7dcec9bb","sha256":"5e751a93469021b2873cadfc59404378bae57a81fddc4ecb1234939292fd12ed","sha512":"3989a2a6d0e67674ea802d4fd5600831cfa7714bbdb0117a3dbc343101104daaa4a3c97972951827f27a21b8add741af11e6f35d08314072b497c993a9653878","ssdeep":"12288:Y456Edfo2e3kKm/LV5pueHXD/9GKNhHVGaS+yl6M:Y4kYfTe3kKcV5cAXDZOhrx","tlshash":"c1b423621980ceb0a863f57cf69ec8e2f8ac790f241fdb0971b27606bcc45d67697641","first_seen":"2025-01-28T12:57:32.244558Z","last_seen":"2026-04-03T20:29:52.917265Z","times_seen":488,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":4,"dns":36,"connect":1,"send":0,"wait":7,"receive":20,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/6faccd0453f640bb869575f3d7ed4aec~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.634Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/6faccd0453f640bb869575f3d7ed4aec~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"3348-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"e5618045243b8fbb796589911deeb9dc","sha1":"751680b6488cb9b804721fee0e2492d1af3b05ab","sha256":"a8fef6e8fcbddd163928d82c0e34691964176f185da2dbf303f55d4d04d7a553","sha512":"a045f53472f124741386d773530810e4a6b0f408e87162ecb3b4a0ddb9114d8d234329e914a072968d7f5b74bbb9b0249cdb74fc035612b2015ea464f1a2eba8","ssdeep":"","tlshash":"11615ce30c23c152e9940db61d303988b5fd1ca95015352629152da66e7fe447eeea0f","first_seen":"2024-11-19T07:54:21.363854Z","last_seen":"2026-04-03T20:29:52.904933Z","times_seen":569,"resource_available":false,"data":null}},"time_used":1477,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1477,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/17b8bf40be3c44b0bcd3380b199e00ad~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/17b8bf40be3c44b0bcd3380b199e00ad~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 559\r\netag: W/\"559-1732123150000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:10 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":559,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"ad413d184d2d837f3de3f231eb738a17","sha1":"2ce2bb20c12b80be65eb4a929a957b1804bdf683","sha256":"ef5aff34c4eb288eba1456bd8e63a602575cdab9852624f6589e51c04cc47152","sha512":"1393f700c04e16e365193fe11d72f8ac8049ef38714a30c6436465977d28aec10b171a8bff2ee1a799a32a00c7fe863712723d6e46a98bb4f7dea4e591c97450","ssdeep":"","tlshash":"87f0e1c399a45db1ce86d42e62536c42ad057d192229fa4da98451be0d00b507941612","first_seen":"2025-01-28T12:57:32.333175Z","last_seen":"2026-04-03T20:29:52.880249Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1967,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1464,"receive":503,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/7ced44be5b1c47bbb2915d59a1adaf09~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.654Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/7ced44be5b1c47bbb2915d59a1adaf09~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 723\r\netag: W/\"723-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":723,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 73, 8-bit colormap, non-interlaced","md5":"00144f9312cbefa8e8b7026be590cb01","sha1":"82464921e9178a96faba9d9f7f252e6cdb10bb90","sha256":"f48677e8a5b95b771b8f7190d54e02eaa63f76a7172698b4bed5338fb84480cb","sha512":"5a566f3feb134df285e729c6f6a9ce2fb5720b3aa19423e34a240c58e88f071798fbaae2e57ca9f9205da8fc347cb26bc7b63b27fa0e03e162d9206d2b6cc567","ssdeep":"","tlshash":"d70199ca62c31cbea2d67d7ec16705938020ca158b02d443749175b22c52067e3d0f7e","first_seen":"2025-01-28T12:57:32.341121Z","last_seen":"2026-04-03T20:29:52.855409Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1962,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1460,"receive":502,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Shoppable_video.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Shoppable_video.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: /HGrKb5Yc5aqaisvFTjb4g==\r\netag: \"fc71ab29be587396aa6a2b2f1538dbe2\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-tos-request-id: 9a56fd3be79496a9683be794-abf3845\r\nx-tos-response-time: Sun, 01 Jun 2025 05:39:32 GMT\r\nx-request-ip: fdbd:dc61:10:287::142\r\nx-response-cinfo: fdbd:dc61:10:287::142\r\nx-response-cache: miss\r\nx-tt-trace-host: 019f4d56ef8772b527ff2e740eaf2429fd311f3b6b905bf43de616f45ce190e8e336fb8eb813e8b57e110836ea7ff8434f7f9161efdc0cbbba1812c713af4351da07c1157a65d432a3fdc3c966d4e4b3b492f7b5c6ffa4f527e63ee9909714ac03eb95e95cfe4ff77b3f6ec02b642f4e461d06379b219ddea0434864d294bc9e91\r\nx-tt-trace-id: 00-250601053931AD7E83F871D25BD3AC6E-6E570EA19DA2D1A1-00\r\nserver: TLB\r\nx-tt-logid: 20250601053931AD7E83F871D25BD3AC6E\r\nx-parent-response-time: 9,184.27.176.38\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-821478/821479\r\ncontent-length: 821479\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, inner; dur=108\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d3311da\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":821479,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"fc71ab29be587396aa6a2b2f1538dbe2","sha1":"d30907106a682672b511fff75e36844ca2bc8a0d","sha256":"d94a55d407f073a7b80e7e6d8218964d116bd45588d056da5576ec0090c6c96d","sha512":"0a5599a7d0caee04a24abf74a460bd0ee2b3d22b7d4282046176db83a2143a024aebbe34305c2e7930100228090e4a126152eff6d096c5e18534b968a1e65741","ssdeep":"12288:saLsdllXzVGJIgxwBoF2Cy5B3Y3BfU8q6+kIBhFJ1dgkgX2XtxSgPK5QNvlRmUB5:xsdvVGJ3wyFALhy+vxJ1n8aNK5imi","tlshash":"4c0523a693c10a6fc2636533e91307297e94eded6ace87d3422792cb5daf0893d153c4","first_seen":"2025-01-28T12:57:32.270595Z","last_seen":"2026-04-03T20:29:52.861324Z","times_seen":555,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":17,"receive":187,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/css/page.ba41593c.css","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/css/page.ba41593c.css HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"57433-1732123239000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:39 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":57433,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (57433), with no line terminators","md5":"489c884f50c9d4b117510ff07c16e64e","sha1":"7be46ae246221e44865e61671f48625dde32b3e1","sha256":"e3a3c7849b47be876be1b719454f61bbc1badc58c7c3aac034cd475bcfafa384","sha512":"4b5f2cbe37905e0ac4bc5ad97580405d597033e1256d3bbc69f7b97482dd4d98ef744c7f14db4e580526f3fb4eb04c0eaa7aa64b01f50dccb23a08dd8dd166f0","ssdeep":"384:dWbBhAGvF1npV/3A9moLo/7ny7yPGRplfUVORCZmscE/B0iedMRtcwgCz9LYOdsv:mXYVsyliedMRtcw/zVPXFYE+v50jN05","tlshash":"ad43b4231b205038fe7b98bfa5916e5c7204e883f317dbfdd510956ec9ca29316b2b49","first_seen":"2025-01-28T12:59:16.223513Z","last_seen":"2026-04-03T20:29:52.865125Z","times_seen":437,"resource_available":false,"data":null}},"time_used":1486,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1486,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p16-oec-sg.ibyteimg.com/tos-alisg-i-aphluv4xwc-sg/12e0b5c375bd4824a5b6cd6dbaf76735~tplv-aphluv4xwc-origin-image.image","fqdn":"p16-oec-sg.ibyteimg.com","domain":"ibyteimg.com","tld":"com"},"ip":{"addr":"23.36.77.107","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.658Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ibyteimg.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:68:99:F7:11:99:E1:26:F3:58:F7:0B:38:2A:AB:E3:3F:B4:0D:35","sha256":"D3:AF:19:C8:00:FA:B8:E5:1E:07:1A:6F:74:F5:09:8A:4E:E6:B2:B7:A7:F8:D8:4F:93:13:86:CC:93:89:0F:AF"}}},"request":{"raw":"GET /tos-alisg-i-aphluv4xwc-sg/12e0b5c375bd4824a5b6cd6dbaf76735~tplv-aphluv4xwc-origin-image.image HTTP/1.1\r\nHost: p16-oec-sg.ibyteimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 3433\r\nimagex-fmt: png2png\r\nlast-modified: Mon, 10 Nov 2025 17:52:47 GMT\r\nnw-session-id: 20251111015247E8A74A06A02B0F56852Frvtg713df\r\nnw-session-trace: 2025-11-10T17:52:47.23198662Z 64\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-length: 3433\r\nx-powered-by: ImageX\r\nx-response-date: Mon, 10 Nov 2025 17:52:47 GMT\r\nx-tt-logid: 20251111015247E8A74A06A02B0F56852F\r\nx-request-ip: fdbd:dc51:ff:a001:1:251:67:149\r\nx-response-cinfo: fdbd:dc51:ff:a001:1:251:67:149\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01248fa487a94c4d568884d601e7569569d065b18f0865acb5ba740c509ad38d1fcbfeb11a9ef32e717c0d1d0b72fb325389662f6e2577f9d7c30e755c80f85a2fde8f7bd9efd46c5cd2e15d8d2cdb28367759c89dad8c259fc4e911d168e1128f\r\nx-tt-trace-id: 00-251111145902468E23D7FCDB21C62271-5905FC7C7FED96F8-00\r\nserver: TLB\r\ncache-control: max-age=30578879\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a23-36-77-103.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 5a05dd75\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3433,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 440, 8-bit colormap, non-interlaced","md5":"698f72a21509608268eff77c2a950582","sha1":"bc5cd1ef9da74522d6db5cdd7ae0df1dba166ba8","sha256":"5110f20c2f5ec6003f7d1073e529e5a2d3fee741f29368e396a945cd5486614e","sha512":"7f07e92f9d02f1a89857c1da0b6a3c7c6ad71645150152b84090e66cabc15574a65bf744d0fde5b99a828736bf75930a24557590211866a2196a429c55c0956c","ssdeep":"","tlshash":"1b6119a348d1de6cc90da334c8daa84f951e4f0cdb66a60ce951d70025a0b5816f615e","first_seen":"2025-01-28T12:57:32.254402Z","last_seen":"2026-04-03T20:29:52.921545Z","times_seen":568,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":79,"dns":56,"connect":2,"send":0,"wait":13,"receive":0,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Store_page_new.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/Store_page_new.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: y+8FYN5lA1fzC27aNOnFxQ==\r\netag: \"cbef0560de650357f30b6eda34e9c5c5\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 73477947fffceaa16847fffc-abf498a\r\nx-tos-response-time: Tue, 10 Jun 2025 09:50:52 GMT\r\nx-request-ip: fdbd:dc61:5:272::81\r\nx-response-cinfo: fdbd:dc61:5:272::81\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 017c782908b8f33971491656a434ebaf46684a0041636072f4018a61794b73df11edf2447ac9ce17f9ac934b191b13075f20beec28144381159833f64c52f0a65de431b58b1b91b14dd21026f32bb91572163c04c45a907942573787a9f30e72e1\r\nx-tt-trace-id: 00-250610131248661CC71F9035B42573A0-7BB75D56165A37A8-00\r\nserver: TLB\r\nx-tt-logid: 20250610131248661CC71F9035B42573A0\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-831553/831554\r\ncontent-length: 831554\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=2\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331228\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":831554,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"cbef0560de650357f30b6eda34e9c5c5","sha1":"b5dc34a50e3dc3ef09f9afa17ba4a66228d0d95b","sha256":"1b9b48ce8bab227e7242cc829fe535f64ced5f9e876786c498e3c32692c5ed1b","sha512":"f8cf6586b04b8dec7d7ffd4c7616969495fb1a52688ee4805b4e5aeba060307a7acdc566e019b79b7b57a074af1d37b0c2bfba366c32076751bb03ff3513722b","ssdeep":"12288:3+zHu5RNG6tShn3XHMhl+aUvg8Lz9GcctZI4bsak/WmkPpRCs/FxnSkTcxLhv:gO5WISBHI4vJ9Gcc9prFxnSD1","tlshash":"3a0523dbb2df6d9dcebd3732ac720643967bf945019483e7a66040f4a9f50692e180f8","first_seen":"2025-01-28T12:57:32.27221Z","last_seen":"2026-04-03T20:29:52.873154Z","times_seen":561,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":5,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/font/TikTokDisplayFont-Bold.woff2","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/font/TikTokDisplayFont-Bold.woff2 HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/main.27b52715.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 58828\r\netag: W/\"58828-1732123229000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:29 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58828,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 58828, version 1.0","md5":"26a1891f272dc17f5ac69a8cfde2991d","sha1":"097239d7cb11b964bd6a745f24e5f82267fcaf0f","sha256":"e4dd3bb15ae6492d5ddff59e08075a6023463b82cfe6c284470fec0d86fe52ae","sha512":"2b78bc3b2e57aeaacdbce5315b117c8900f9cfb99e331704c80f871882b1f0ad88ef7d6808fea6a8e93e1e65a239beaff9c3d61a07191b96bc21c0fac759d783","ssdeep":"768:eEWSWa7VSQrI9kNTF9HFrfpjBooNuDFjy3zW5/7lo6Ks2zQ5oF+mK8UMrrbFHpLY:ElQ8UTJrhjKC6jyT6/8Q2dVxJphFSy2","tlshash":"4d430167125e0eeb16a860ea197b4fee86dbc57c733c75a700e39630f6354540e178a3","first_seen":"2023-06-27T16:48:29Z","last_seen":"2026-04-03T21:00:00.717973Z","times_seen":5262,"resource_available":false,"data":null}},"time_used":331,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":323,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/font/TikTokDisplayFont-Regular.woff2","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/font/TikTokDisplayFont-Regular.woff2 HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/main.27b52715.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 57228\r\netag: W/\"57228-1732123229000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:29 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57228,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 57228, version 1.0","md5":"96665baf16cd7bc94117325ec3e2296d","sha1":"2c3aa9af686c8ad70d51d934fce7bc4a76014c3d","sha256":"57d0e5e2c1e641a6100ae61fbd956e311acc35dd4d524b1a8ed89362b6966b5d","sha512":"ce3342f6b76005ced293f32d67c2869df2a2e1a941bf3a6e3e538c4718e2c5987b89925e1f274235c42ae9bacc0400d6fe43ac81a285bb2d0b2d23dfe2a2439a","ssdeep":"1536:SAv1dBXdnQXT2eEsJsZAzJfqA/oYDdMjcKwWHlD:SUzdAfJlX/Kjc5WHlD","tlshash":"cb43022ffc64cb78bbf6b8a06baef2401e352b70dad7c16f2ab688ad54751345443414","first_seen":"2023-11-11T22:36:02Z","last_seen":"2026-04-03T20:29:52.904233Z","times_seen":486,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":423,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-axios.de405cb7.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/lib-axios.de405cb7.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"19792-1732123188000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:48 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19792,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19792), with no line terminators","md5":"44cbfad9b61a51d2124298a49b29c009","sha1":"7443225d2d6bbd323ba0ba811cc2de7f2230d3a3","sha256":"55a2f4274446416598c3b4cee096005842f8529f232507aea4336b04ca1d22a1","sha512":"a0c4762905258d7f6f12285601e915d4fe9214fcfe4dbc95671b50ddb438a69bd28144767351ad9fac6a5e3be171417fe8694d7769952eb37da74d25af57e997","ssdeep":"384:DzdycsDmxm7PX9OWOUtpefXrdZ5BKm4gmZtxR0Ywe7W5EjU7Fh5yk0:DRy7MIVuIpeiBZDt+50","tlshash":"4692fac9b9a0f07547a321f4806f590bf3775529a44d84a0fb50e8e62cb890e873bf6d","first_seen":"2024-09-28T07:23:58.465686Z","last_seen":"2026-04-03T20:29:52.875785Z","times_seen":569,"resource_available":true,"data":null}},"time_used":996,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":996,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/83.97401b30.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/83.97401b30.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"530518-1732123184000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:44 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":530518,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65467)","md5":"9645b1f5ab1bf07083a13d39627de505","sha1":"74262c4077855e038042a7b30a61515811f247dd","sha256":"b442a68ba589101ee961131f60e5ff500213799774f9b510e892726a7c83ccea","sha512":"c6d68587d9ea87d2a2cb51eb0d7a1ee26c13ad30a6d35df9a05ef5ec1e33efdc088e6c4ca362f9084e099841b35d15492011a137134551fb9fe877d4960fcdc9","ssdeep":"6144:DRHbIYnZo0nf6lg9bPmEOuOcxOkuKoE+oZS:D1UY60Ci9bPpOWTYEtg","tlshash":"86b43acdb299702503e364b9903f110ab33a2a58744dc028f575e9e56cb994ea33bf7c","first_seen":"2025-01-28T12:57:32.280556Z","last_seen":"2026-04-03T20:29:52.925756Z","times_seen":523,"resource_available":true,"data":null}},"time_used":1084,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1084,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shoptab.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.643Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shoptab.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 171745\r\naccept-ranges: bytes\r\ncontent-md5: NSGUpPbKJ+LOAt0oOQE7zg==\r\netag: \"352194a4f6ca27e2ce02dd2839013bce\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 475ac837b4cf7cbd6837b4cf-ad5541c\r\nx-tos-response-time: Thu, 29 May 2025 01:13:51 GMT\r\nx-request-ip: fdbd:dc61:a:283::134\r\nx-response-cinfo: fdbd:dc61:a:283::134\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01bc9d40b47ea29531834c078ad603382aad9c7c688de19e4d736fdd0b7b87230082eb5afc2dc3bba6793bf64d6eb47e4f5f000834fba21c59e4bc05215ada603a2015ce16f95672569932169c466391e6d155bc7952188caa5f232d3e0b00cdc947e501df06dd5d21e07512b8bb405d3c\r\nx-tt-trace-id: 00-2505290948199D16A13AAE3DCC3BDDB4-209BC95BF7AA3D31-00\r\nserver: TLB\r\nx-tt-logid: 202505290948199D16A13AAE3DCC3BDDB4\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=1\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331195\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":171745,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 542 x 962, 8-bit colormap, non-interlaced","md5":"352194a4f6ca27e2ce02dd2839013bce","sha1":"d0eba6e3b449d805b79022de363dd0fc9c0f4bcd","sha256":"ecf350ce1e8df5d2827513c7969c3939af605da252e20179af6d3a9549700ea1","sha512":"46cc8929bf766ce1f320fbe5bac76830c1aefaed05e12a1296f1b3dfd1b050a5a5adf2fe5193b246a582047dea5ea947bcbd7b1241dae1b8164f09264c4147a1","ssdeep":"3072:vQ4SRDBViICeRHScdN4ufv1cc/bJJhOU3iqo+7kcU808upjQYG56mcNSAMRF9aa:vzSRD7/Cex9z4yOobPY8iqockn8lu9QF","tlshash":"0cf313a0e6c3b58675933eda4ece1e0b294674d1ad33ac61253b7a11054ce39b93ff02","first_seen":"2025-01-28T12:57:32.24007Z","last_seen":"2026-04-03T20:29:52.909616Z","times_seen":561,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":30,"dns":22,"connect":10,"send":0,"wait":12,"receive":5,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/9d3d3c5a288247cf900aac88d12baf2c~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/9d3d3c5a288247cf900aac88d12baf2c~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 594\r\netag: W/\"594-1732123153000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:13 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":594,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"84a334e88a8beb0ded80a27b89bfc7af","sha1":"22319e9f4c9dc4c46a58368f3f0bc8154b8bcba4","sha256":"50aa1db69c11e45c55dfb2af7121195dbb1e0b6d9fa17bb554a196926964ade9","sha512":"909dace141521b9ec91aceb893809c48b53465107c203df3fc53a45ef349bba5c5a56114cb04217c09811487197dc9980876a56ad7a97a2ba1021991fd849e6f","ssdeep":"","tlshash":"8df04786c30879bbd94b4cd6641f7452481d792d1b07bb071066c03ad6535244afc85b","first_seen":"2025-01-28T12:57:32.338301Z","last_seen":"2026-04-03T20:29:52.91288Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1962,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1460,"receive":502,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/00d8a2c4d1184e4eb8ec84d0a48002d4~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.662Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/00d8a2c4d1184e4eb8ec84d0a48002d4~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"699627-1732123149000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:09 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":699627,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1884 x 669, 8-bit/color RGBA, non-interlaced","md5":"8fe0196baa410746184c815006ff3209","sha1":"fe76276aea1b239a8fc25b6d2c84e53bb188f8f7","sha256":"bcb6470dc2547ca2f687a63d7b4a031309860803faa8d9d08988b5ea0e34faf1","sha512":"01020cd816242d689a0e63d04f2fa3e547bf1890068620200f9f83bf32eb4a41ee4b2049f289b88bbe86b3ba1331a34e56e9cc41f5e42566b8b2570cf23142e9","ssdeep":"12288:YZSFNPxl8fo0xbHLRIGCLUNpDF0t61XtJAa2M1WLAV3VOSABA6IRo5aYwvoPz0:IVdHLRIGv3Fj1rPKLkOSABMUaYwv00","tlshash":"15e4238cda1fdd0b39e0a6e408f304eb159958265c2e4ce43705b29a3473fa727ee59d","first_seen":"2025-01-28T12:57:32.354136Z","last_seen":"2026-04-03T20:29:52.903445Z","times_seen":387,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/4a1ca5fc91544ce097a2dfa3a7e11a86~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/4a1ca5fc91544ce097a2dfa3a7e11a86~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"349879-1732123198000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:58 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":349879,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1196, 8-bit colormap, non-interlaced","md5":"ca79c3432017dff3b7795f31d41d4b9f","sha1":"7a86357defd9b4f732c7e1f75fabf6d78d41b856","sha256":"60f05f78f0c91da1906ac43d74473c4ae41b1b3397323a730c1f8a1dc89a6452","sha512":"9cea4cfe5fe61d8edeeeb966ba81d68b41fd19649321fd56a2c5e71d893ea9a7bef665e89795ad213f30bab8950b4ebf105d035564fc097b0b6cc98960ed0f7c","ssdeep":"6144:3aQkWh2sqd2LCzXTbvde8NJvynSYwKEJPDhtWjd3pkgn7u1m5stGoJLBBapt4n:KQnh2ACDfvdWSYWJPDhtWl7u1m5sGotX","tlshash":"f374232de5ebeabcacd1ca4a80c760efebd59316d053ef6dd73317812969116103c886","first_seen":"2025-01-28T12:59:16.209095Z","last_seen":"2026-04-03T20:29:52.933137Z","times_seen":408,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/join-today-01.68be19e6.jpg","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.667Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/join-today-01.68be19e6.jpg HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"66895-1732123167000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:27 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":66895,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 438x321, components 3","md5":"8e8ec4f270c8812c24cbbd2dde8cd200","sha1":"52d98dbf4e3b89af65c26c8785fe4d0783d7d6d8","sha256":"d6f9464e1df31547f233635b429b5e16b082da50175447c3a17f69aff5a57831","sha512":"09a6b936f7bf936eae91d3a28fa85a4175fc337a0b3c05fa8bddcfd0c2a16b807d567fa3490fa873ea118d36479f9ade36af0a25c326a0123bd73222302cebf9","ssdeep":"1536:mCUc1Iy/Jb+uHxgyX76gl2/Ai4wGQ9oTJxnWjE4JKcJ1QUyv8:mdc1h+uRggo/Adw0POE4/aU","tlshash":"92631240cb04a7e40d91ed79c01ecfd426e4d80b27fa5aa95b227aee0f612f495b07f5","first_seen":"2024-09-28T07:23:58.415942Z","last_seen":"2026-04-03T20:29:52.92326Z","times_seen":422,"resource_available":false,"data":null}},"time_used":1434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/f9de5c284df74f4e82273530670802fd~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.633Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/f9de5c284df74f4e82273530670802fd~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"3695-1732123163000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:23 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3695,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 193 x 192, 8-bit/color RGBA, non-interlaced","md5":"33e2a0f08c8953e1b848c1cce59a97cd","sha1":"d74aee59026b7f8fa4da441ca2ddcf9cb478f4d2","sha256":"e2cb4cd6376a8df609b1ef54e0305548bac38b0b432c2bf6da1177024bffa906","sha512":"ba09dadcb25209aabcbc67b07e3a742b287e335d475eefd63a4972a132941ab108109b31a2edebb9b2a64fa0141ace99ad5f204b3befcc4d7bbce48df9d794e3","ssdeep":"","tlshash":"c7716cc4b26bb2cfe8009b3bd1db8420444776b519251d88f4a4873b58fcfd99a65297","first_seen":"2024-11-19T07:54:21.356719Z","last_seen":"2026-04-03T20:29:52.866327Z","times_seen":540,"resource_available":false,"data":null}},"time_used":1478,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1478,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"p16-oec-sg.ibyteimg.com/tos-alisg-i-aphluv4xwc-sg/e89eefbaf7c0405197425abe8202fdd1~tplv-aphluv4xwc-origin-image.image","fqdn":"p16-oec-sg.ibyteimg.com","domain":"ibyteimg.com","tld":"com"},"ip":{"addr":"23.36.77.107","port":443,"asn":20940,"as":"Akamai International B.V.","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.659Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.ibyteimg.com","organization":""},"issuer":{"commonName":"RapidSSL TLS ECC CA G1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 16 Jun 2025 00:00:00 GMT","end":"Mon, 15 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:68:99:F7:11:99:E1:26:F3:58:F7:0B:38:2A:AB:E3:3F:B4:0D:35","sha256":"D3:AF:19:C8:00:FA:B8:E5:1E:07:1A:6F:74:F5:09:8A:4E:E6:B2:B7:A7:F8:D8:4F:93:13:86:CC:93:89:0F:AF"}}},"request":{"raw":"GET /tos-alisg-i-aphluv4xwc-sg/e89eefbaf7c0405197425abe8202fdd1~tplv-aphluv4xwc-origin-image.image HTTP/1.1\r\nHost: p16-oec-sg.ibyteimg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 6245\r\nimagex-fmt: png2png\r\nlast-modified: Thu, 27 Feb 2025 17:32:57 GMT\r\nnw-session-id: 20250227173256BCAF3DD6C46A5452895F28p9n13df\r\nnw-session-trace: 2025-02-27T17:32:57.700121746Z 99\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-length: 6245\r\nx-powered-by: ImageX\r\nx-response-date: Thu, 27 Feb 2025 17:32:57 GMT\r\nx-tt-logid: 20250227173256BCAF3DD6C46A5452895F\r\nx-request-ip: fdbd:dc51:ff:a001:1:251:69:95\r\nx-response-cinfo: fdbd:dc51:ff:a001:1:251:69:95\r\nx-response-cache: miss\r\nx-tt-trace-host: 01317db02541a52b4cd25fac1b822af8ebff5a5659d2b112e9288538b341554c4c5d0b0a5edb69788fe753c86b957a660dead3690c82b8b1db82e21b75b3afa508608cc8c8f10aa80d25d8631a3838a75927d8b9e51228171ddf696b1891e603096530ce62ff41380beda2e96b6482b68b\r\nx-tt-trace-id: 00-250227173256BCAF3DD6C46A5452895F-17E0B2CB3EA9443F-00\r\nserver: TLB\r\ncache-control: max-age=30578879\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a23-36-77-103.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=104\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 5a05dd62\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6245,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 440 x 440, 8-bit colormap, non-interlaced","md5":"166e5dbcf4fd1b0973a11e2dd55658d8","sha1":"322e4c155a803cbb3e3d5edfef36d9624f120ef8","sha256":"d80e8ca6a1419dc51e12e27cf58bbdec04aa6a687c773f50d1c4d0f9c8d6c71f","sha512":"bfd15afad02dd3fc5fbce14d90f486fec074518423d829cc1b07ceaa134e617262ef46bf3e1bc85c064d6b85be0a521228e6fea9ef431a52e5adc3195a9c99ff","ssdeep":"192:m1L8ISdQ/0UxBShe/e7VOIoJdW0+PCwKvmjMPCZ:m1HDV/eBO7JIPCwKqx","tlshash":"f4d19eefc7730af8d352997fc75e72a8551f692416ca231a60c6dd543e0ae1d8204e29","first_seen":"2025-01-28T12:57:32.267502Z","last_seen":"2026-04-03T20:29:52.860008Z","times_seen":568,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":69,"dns":66,"connect":3,"send":0,"wait":8,"receive":1,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/15f9faceaf49471f8ec2a0cf3c94f6e2~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/15f9faceaf49471f8ec2a0cf3c94f6e2~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"903864-1732123150000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:10 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":903864,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1884 x 669, 8-bit/color RGBA, non-interlaced","md5":"20117c5d34fcdfaee758f4db4b60b043","sha1":"173ccd681698c33ec21cc8cef964c333f4bc5dc5","sha256":"5ceef6d4ad5dde790541cb0472665dc936b16c413a03d843f7956ee9af1abb58","sha512":"eb8d55a069d0181680cc50bc15eb85052490644c9aab1c23605905f8e704f3889b41cedfcd53de70d3fcc2b2e50c0942c80b7e3f5715c6fe1b89a4c1c7de3426","ssdeep":"24576:vN7WPERD3b5B53v50o45lilu79CyQalGqbW+aCj:v4PERD3FB53Rt+liA9ZQyWtw","tlshash":"9f15234c44606c7b727e6dc7213b85a2a78830736e65469009c7e4f6b84c3ef1e67bb9","first_seen":"2025-01-28T12:57:32.355724Z","last_seen":"2026-04-03T20:29:52.86763Z","times_seen":389,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/353.b3bb0bfa.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/353.b3bb0bfa.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"68942-1732123180000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:40 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68942,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65466)","md5":"40ca993782cf703c4565c62dbb358437","sha1":"9388e191ad5335b498edf6570f6e8f9ab5fe4e51","sha256":"57fbb4da17f365666d1a6f3ef530e3cad7b3d5595d89e535d2ea496b5eae4220","sha512":"c60f0565f8d3deec75fb59da88a8c7e36cd9c0ef19e31843f32c4658bd10b0520fb9c552abdb24450198e08bf6621a4adaef28f0f3ec1da5c2884cfe6eea1cea","ssdeep":"768:nMKFAF4f+zJoh6lmNARMdJoJwayF2VjcWzEQL5ah0dFabqh8:MKFcRKJ8wzF2ha2j8","tlshash":"2e633ba8b2d1706187c312a1c22f830633375499554a8424f637d8ea2db5d2f76bbfbd","first_seen":"2024-09-28T07:23:58.368094Z","last_seen":"2026-04-03T20:29:52.870758Z","times_seen":450,"resource_available":true,"data":null}},"time_used":1426,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1426,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/LIVE_Shopping.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/LIVE_Shopping.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: V3Gmdrs/dOcI4l6hFKwuUw==\r\netag: \"5771a676bb3f74e708e25ea114ac2e53\"\r\nlast-modified: Tue, 27 May 2025 06:41:37 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: aedd4a36593a36736836593a-abf41d0\r\nx-tos-response-time: Wed, 28 May 2025 00:30:50 GMT\r\nx-request-ip: fdbd:dc61:c:45::19\r\nx-response-cinfo: fdbd:dc61:c:45::19\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 018dda52d84c0db7edfa2dc2e7c7cc9dd5b62d0d88a668820b531f485800c8f85a75079bea18d5752659afe2f03fcbdcd83fc76b054c79c96f23b61c80385912df06f4f7d08d05f7555c7aa5d0afea797bca758ee3520895532afdd62b685123e86bc0bcb967d27991c6b153b53f6f227f\r\nx-tt-trace-id: 00-250528075912F9C164F83FEE251D9F62-3FE19226B1CD04B7-00\r\nserver: TLB\r\nx-tt-logid: 20250528075912F9C164F83FEE251D9F62\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-873047/873048\r\ncontent-length: 873048\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, inner; dur=1\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d3311d9\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":873048,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"5771a676bb3f74e708e25ea114ac2e53","sha1":"e702e99eb079a4376b2919bad8a2351fb2bdb7bf","sha256":"2a7d7561479f5bcf35eb657be79e20464c1852ec40fa411edc280e4e71cbd2be","sha512":"137f05a0f5331cfc955a543b76965e025746f29976ff23eeec3825538cacdeab4af746acccc9ed4bcd353ba51a6c60ac8269bacf80c38a0d258245ad900e1329","ssdeep":"12288:qChmB2caCHktyXVAmChWJcbx/+RpEjotDgmpjbSQngpFyiDtCFN6Pfvq8mq/aDMW:K2clHkOVAxfx/+Runmp9ngpFygYFWaYw","tlshash":"bc05336721c73356c808913f3347016bfe71ee9ba12f83fb1a566ac88d631ec6895476","first_seen":"2025-01-28T12:57:32.263448Z","last_seen":"2026-04-03T20:29:52.931798Z","times_seen":553,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":18,"receive":169,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/right.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.627Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/right.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"159809-1732123172000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:32 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159809,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 480 x 856, 8-bit colormap, non-interlaced","md5":"8d20adbac9e57d69b5176d6f1f2712a0","sha1":"fad8823cc30c7992af981a8ff8a989da3c3a9582","sha256":"da2acc95916ee3c297a16e39bbd72cc593d1da394c57cbe19450034867ca25e8","sha512":"4501e258f3fa38a7d05845572e2b8a426b3e8c2e984dd78eb01b5ab72176cad30ba5f74751e53a450f017fad90605b14a7bc986e4a9c092110409925a916469f","ssdeep":"3072:glI3NvkqTnGnaqlv7PyMkAQBlZEzzCiDAIzXCEL5FtMqc14:B3NsqTnGnJvIlZEzzC0rN5FtDR","tlshash":"75f313665d1d1ed36c55bbc7ce43a562062c7c45f4c8d25a84b3508bba2b2bbf4f48c4","first_seen":"2024-11-19T07:54:21.378091Z","last_seen":"2026-04-03T20:29:52.854647Z","times_seen":485,"resource_available":false,"data":null}},"time_used":1484,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1484,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/bebdcec3159f43b7ab2f4d3f309ec517~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.647Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/bebdcec3159f43b7ab2f4d3f309ec517~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 946\r\netag: W/\"946-1732123159000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:19 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":946,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"9b5a17c67cbc1549d6bdf73e2bdaa365","sha1":"ffa95311b78f38654ad36c9e8a3f9a4509b8a9f8","sha256":"f59595016494e5ae8575a4cb710acb88f000355de381a1d7b0df5a3449c041bb","sha512":"42b55b8293c33a9c4126f470ada83ec6fc4a61e8d8bba8e633559e82513f6b893c0da7cfb492745ca204b74325a97cfa8016fa49a116c4a4b7b643ed1a652573","ssdeep":"","tlshash":"c31194b77c002e645f5e6abac049907cd41871a97ec652168227d42276b4b809542b2a","first_seen":"2025-01-28T12:57:32.302913Z","last_seen":"2026-04-03T20:29:52.911007Z","times_seen":546,"resource_available":false,"data":null}},"time_used":1963,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1465,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/56d69359ef89467b8be62549da916564~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.655Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/56d69359ef89467b8be62549da916564~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 569\r\netag: W/\"569-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":569,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 73, 4-bit colormap, non-interlaced","md5":"ae1bb7c7eb0b2982d7dedea83c110ec9","sha1":"9f87b2550f1fc205d9a845b0d64ac86aa2fc1c16","sha256":"e2555dc887ee8df98c0aaef6c32c70a9bd2a16837bf88fd0386c35ce9429d3ef","sha512":"80e0bee64bf6d5ad902f4eee408658ebf86a5782b99519ce0cbe4dc19b66418c4bcd8f9021298dbd37336a38c2a2413fbe54a390bbd6606780e2028a78a25397","ssdeep":"","tlshash":"44f020cbad5c3924ccae269802cf4d2adcaf6d48560c106e24575a3d5951302f1f79f7","first_seen":"2025-01-28T12:57:32.342766Z","last_seen":"2026-04-03T20:29:52.88762Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1958,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1455,"receive":503,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/page.b98cfe07.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.679Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/page.b98cfe07.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"68238-1732123195000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:55 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68238,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"556172faab67882f868c136a19b1d1be","sha1":"68c7fa1df42814f7e785ec7952514493c826b8f4","sha256":"664e0b0fa581291f2eb5b29930da01e2524b943bc43a676a81e27a62fb32325e","sha512":"e53ddc5760d997822dddb7d35d495bbe8d20e3cc175b101345db98cfd905add2a44b9bc0f72fff1c1e8b840cc572374155e7f6b82949e9ef23cb40b419c99ed1","ssdeep":"1536:yo+ucihfhcvq3ZdrY/sw+/SAx79ZR3y7i2k9:t+KTrEswq/Z5ym2k9","tlshash":"e4630a52f461ada8f67749c4913f880ce61a3a0bd64484a8fdbc7d091649293f13bfde","first_seen":"2025-01-28T12:57:32.2988Z","last_seen":"2026-04-03T20:29:52.891994Z","times_seen":433,"resource_available":true,"data":null}},"time_used":1421,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1421,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/mp4/TikTokShop_ZIP.mp4","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:49.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/mp4/TikTokShop_ZIP.mp4 HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=16678912-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:49 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 69943\r\netag: W/\"16748855-1732123178000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:38 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 16678912-16748854/16748855\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":69943,"size_decoded":0,"mime_type":"video/mp4","magic":"data","md5":"4c21ad4bc599e3158818429abaf502de","sha1":"7f3e01f591b10cfb2b777cf4fccb80b7fc5b37dd","sha256":"6dcfb4038fc88528d285a286c9433ede75e30f51cad3788bb09ba560eec330f7","sha512":"5b695d6d3afffaf6ab8dc7f9c6f14f9fbea9759f96123ee8ed9a29e2c64c12787baa961f737ff02862aa67a2d2c26da8af57689bb7acce6ae18f910f32117705","ssdeep":"1536:3KuntZPiYJAqdCTDIq7VMSVGBwYuA17sNYJ9bc3:3NtEeaUyV+BTWNYJK3","tlshash":"6e63566c73af664be9262b34b9d243483b31d89ecb8b078f025643d7ad453d528cd6d8","first_seen":"2025-01-28T12:57:32.328008Z","last_seen":"2026-04-02T18:10:29.344232Z","times_seen":495,"resource_available":false,"data":null}},"time_used":714,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":688,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/new_us_uk.98539e94.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/new_us_uk.98539e94.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/page.ba41593c.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"14965-1732123200000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:00 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14965,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2880 x 1440, 8-bit colormap, non-interlaced","md5":"09c951a9a3ee0b02ca1bf96e5c30a42b","sha1":"6366185edd5e1333e5317e35af33210ebb86d44c","sha256":"448aa3ce157df2a60586592f519776c981234ca87459d7b5f0a5ad8e4cc850f8","sha512":"06532941b8ece80a40a33b53488191f2cadbc8d4bee39fee0df6a2be092395ed25bd82e5f22e3d4e48bd73634dd3b7204aac5da98cb0131881174e51be780c70","ssdeep":"384:Pt6ssDaxp1yn+kVKcDR0zFiSayM98iRJnMJ/aFrHkuMe9MG:c5Gp1jyVoiSaydibglG","tlshash":"55628d3e045529378ce86f8f29f872f47cbc46bba495910588861b7768fbcd93235807","first_seen":"2025-01-28T12:57:32.308851Z","last_seen":"2026-04-03T20:29:52.937554Z","times_seen":428,"resource_available":false,"data":null}},"time_used":304,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":304,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/matashop2.svg","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.738Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /matashop2.svg HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: text/html;charset=utf-8\r\ncontent-length: 764\r\ncontent-language: en\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":764,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (760), with no line terminators","md5":"69f9eeff8ff8c26a8602efe25136b391","sha1":"0e1a331738a6ce2fcbbe986377e29b4683f4a5c1","sha256":"51e65909d5d59a35b8e5d260ac636f7f405fdf4b146193057fc11aea164adf39","sha512":"e0ce38446201ee40cdf9f0cae8c07a682c42c071b7658a09ef75dee06df6b5ed5bdfd065bf649f3211ce0fd98510eb1c273325ce273de8db650b1e3b3e82a7f0","ssdeep":"","tlshash":"8901203ec20a1117fcb6487b36913ea8395d8c8392720734e8548af4d2865f8a76178d","first_seen":"2024-05-04T04:46:04Z","last_seen":"2026-04-03T17:35:17.033172Z","times_seen":2206,"resource_available":false,"data":null}},"time_used":307,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":303,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-react.235b4836.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/lib-react.235b4836.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"140018-1732123191000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:51 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":140018,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65460)","md5":"6c194b12793a2436efb1f3ce1c674b69","sha1":"2bc65388297613de6cc4622a771e5e001f2d95bc","sha256":"181d18351e54581117e789445bcaa5d7477257c510189767d4d3e04c56bed549","sha512":"da45dc947f923d79a04277c08f915f575fe3a573a8dd4a1c92caf693c74110db65ca697c9af4722412691ed7659732ca9d34fcf2771d378cc2391a7dfe507ca4","ssdeep":"1536:Wv4kq5k79fohxQlV0vMYbAJnfMhnia9Toy7U6SLdl8eIUZQeY:WVX0OnEboy7U6S72eY","tlshash":"79d306e83996f5516ab7126700ef1807733c1a1b280c89a0a615fd8e75f842eb17bfdd","first_seen":"2024-09-28T07:23:58.462117Z","last_seen":"2026-04-03T20:29:52.924927Z","times_seen":568,"resource_available":true,"data":null}},"time_used":1041,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1041,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/419284e9cb3b4a49a0a8282c9f8a1653~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.653Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/419284e9cb3b4a49a0a8282c9f8a1653~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 705\r\netag: W/\"705-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"380844e00913d50eabeb7fd934f9d04c","sha1":"b9c2ebdcc308d53f86c3d1e029c1efa3c34f6719","sha256":"8c744b1a722552f953214e1568234c53c795aee80ef5f906778b238cb1eea1eb","sha512":"09a2a9c36bf58fe63cd2c09be2595a3a73b1079bba3ce10a9f83c75c17c5f5354418cd2f1c9307367baf465d2e3113ca63c87db6f93a07442b6a37d601309037","ssdeep":"","tlshash":"d701949ad67290b5eaf2b02e404480b18622f70e20606163c02bc77b327918781c0d0c","first_seen":"2025-01-28T12:57:32.339976Z","last_seen":"2026-04-03T20:29:52.859289Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1963,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1461,"receive":502,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/890aca3a505f4e5c9ec9ad0c0a0baf41~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.666Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/890aca3a505f4e5c9ec9ad0c0a0baf41~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"651817-1732123153000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:13 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":651817,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1884 x 669, 8-bit/color RGBA, non-interlaced","md5":"4b4bf83180b429e8a0374d7013e72bb9","sha1":"721684394b5b4af55bbf0fb340c44d26cbab16a9","sha256":"e7ab796134bb9696ff46e6d1fe125bb3edcdff11ba77796ec36494c4b91bde5a","sha512":"03c28373d906b13e4a7ff4d7ee1f8fc1e25ef4f75702c9f7d9b47245fc4f0e12f8b2e0af658ec23f7612f72fa039d2877df111816bfe3482f1528041015031b4","ssdeep":"12288:DzG11R0OBam3zUltuP7IOVW1qU61Vqs/R6in6rfleHGhFk:fG1ZasWg7rEUUIVZ/efPhC","tlshash":"40d4234c2092ae3c08f4bc9b595bc86cb65540b571334de482bfdbe5aeb23e5853a7d0","first_seen":"2023-10-13T14:12:36Z","last_seen":"2026-04-03T20:29:52.882895Z","times_seen":395,"resource_available":false,"data":null}},"time_used":1434,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1434,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/722b4f46c714450d82e448284e9d69ba~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/722b4f46c714450d82e448284e9d69ba~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"439457-1732123198000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:58 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":439457,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1196, 8-bit colormap, non-interlaced","md5":"1cb7dd76c6dfc09109b9e00f76cc3a03","sha1":"d9b0c28bfff070106318974c63fdc1ee0313e904","sha256":"a116611841af34cbb4daf8bb4111a43856ac09a3fcbd5c38402b0478d3d686cb","sha512":"d6c8de4e46162847edd03879827248de84302bb8963a61425a8045a67a1e80bbcd59f50e9bab99b8282c0101aced755df350e167e03f1af9f8d6a48e6e8b3505","ssdeep":"12288:RKWk1FCn0K6zzgBUID5S42iStRuCkMoKc5/ua0z77:RKH1e0K6zz/Z42iS7u750aa7","tlshash":"dd94232de656ad5709bd6a01cbf83d3562c0b9cc79f377d07867143a8630286889ef1e","first_seen":"2025-01-28T12:59:16.214175Z","last_seen":"2026-04-03T20:29:52.906352Z","times_seen":404,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":343,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/css/460.c5f45fd5.css","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/css/460.c5f45fd5.css HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"23078-1732123234000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:34 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23078,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (23078), with no line terminators","md5":"665f97ccf3eae288c641d5f28496e67c","sha1":"207e6018d29bbb6f1d0f933f8962d0cc8c4d4959","sha256":"52155d7d6383239464eb3677e5dc3c995c39e5604eaa03fe11e7f0171a72d944","sha512":"4f5339cd35a310a8a7c44e3c58a509998cfcd9acf25b422c91ce40c5603f8255cf646c66736ab3b0c75e3344b35c5ecfc962ad52e0c11c207ce05f6d1c3919e0","ssdeep":"192:UT4czxWAeTJ/R2GEsiHYsf9GfvOvXHHVXJ/apgZf3SiA2lSUqQx5DoOcdVhbbDMH:UsrSrqyhN","tlshash":"54a29ba57571312b19be4b27b147e5cd2f8a7042ef93377ef84ac1c44a8a811d726f22","first_seen":"2024-09-28T07:23:58.361748Z","last_seen":"2026-04-03T20:29:52.901396Z","times_seen":457,"resource_available":false,"data":null}},"time_used":1488,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1488,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/9c79b779702f4e96af8f1d2bbb1c47c6~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.652Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/9c79b779702f4e96af8f1d2bbb1c47c6~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 598\r\netag: W/\"598-1732123153000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:13 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":598,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 8-bit colormap, non-interlaced","md5":"2f0d684c1acfea1c6e380765cab8bb9b","sha1":"27e0a5b5fbefcaf7064d4f8996eb997febdbec1f","sha256":"3c0d5ea156d6af6153a61ed19dd4c915517f564ecae39f0f3cfb53c3d6390cc0","sha512":"bc730f289fe15835772da55528cd537ff64ec967a1805d4589585a3b5329c955b857a9467ee824c45b51b78a0ad8a9f4151d7a81cd6616a18ce27993a3ceb670","ssdeep":"","tlshash":"f4f002e702ea3739ecd1c66291026e05d9914015418abc52e9528e348b4b6015cc8a17","first_seen":"2025-01-28T12:57:32.337223Z","last_seen":"2026-04-03T20:29:52.911677Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1958,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1460,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/2810c667aa7a4361ba319623e0c4e6ee~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/2810c667aa7a4361ba319623e0c4e6ee~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"394186-1732123151000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:11 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":394186,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1884 x 669, 8-bit/color RGBA, non-interlaced","md5":"c25df39eca5068a7ac3702dc0edc9025","sha1":"960719ec5b46702a3b8607b7ef9c95199b3cafc1","sha256":"6a6eb90c39497f5df7022b1fcd26ef8794f6793d15e1f9b06846c3c2106a1610","sha512":"43f082e14246b5c7bfbb803420a3747e0da26992143c607a0c273dbb86a6878791d7eb4cf07b484c61cf3bf3707446dfd7f4c5381651bbd7bcdb1d5dacd206d7","ssdeep":"12288:JoWJvmUrWVHzJkHA0PRDzYnYx+i6H/ngNqa:SgeUrW8HAiJz8YxrC/n/a","tlshash":"cd84120a21d74f26de2ef4fe2dc2286b0111ced59c7f6a2dff254d81850dd299a0689f","first_seen":"2023-10-13T14:12:36Z","last_seen":"2026-04-03T20:29:52.928731Z","times_seen":399,"resource_available":false,"data":null}},"time_used":1435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1435,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/join-today-03.334e8315.jpg","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/join-today-03.334e8315.jpg HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"55534-1732123167000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:27 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55534,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 438x321, components 3","md5":"3dab329dea1f447eb9283915b98bc92a","sha1":"8998bbd576daec4698ca77339d39c45fe33680e0","sha256":"de166303d02c05e2c48972d3eb02c50b28de72261ac545ccb4404af8526fb299","sha512":"83c4cb2cda6ee8a274c201c06966b65b986076ea76c8c4903f1d64dd3444ecae560f353431411c1e11f33557080ecc8515b208400b32a52da0c33b14bd649b58","ssdeep":"1536:3nmzulcjs2BSUDDOrMKBD8hsKs/H6uO9OUDUEkB3dfAx3:XmYc0UDDW8c/an9OUAEkBNf43","tlshash":"5f430112cb923a1483fc4273b2ec17863ac65a23d095c7f65638f05adf74a52ebcd50a","first_seen":"2024-09-28T07:23:58.443631Z","last_seen":"2026-04-03T20:29:52.868309Z","times_seen":429,"resource_available":false,"data":null}},"time_used":1432,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/mp4/middle1.mp4","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/mp4/middle1.mp4 HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: video/mp4\r\ncontent-length: 874835\r\netag: W/\"874835-1732123175000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:35 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-range: bytes 0-874834/874835\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":874835,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"63f2aebfc6f4517ad435265dd79b4b96","sha1":"3b73daf67ed25d09906751b89ee1ccd7e82c2fac","sha256":"097ad3de9287bd12b9784bf853e8a5dd3044131a0787963e25a5708680764bf6","sha512":"e35d2ab4068a2c16a2350dd8aad9e36c205e971b67438bdb232f4018669311bb8369ea23b8f0c56f720d6df672ccf3a72481de068a80597386222a81a79c227b","ssdeep":"12288:dFpmeRihpggIu+zcw1BlBVEB+uwxLDs2GReQAyVxyx4ICKzJtfg63jvCAEGlcY5g:pxR2pggmzcIGB+LLDK09Oxyx4K7ZzaGi","tlshash":"1e15335113cd2fdef71f11ba5a1af6a3e562832c9e7ac398cb17548bec14a709c048e4","first_seen":"2025-01-28T12:57:32.326427Z","last_seen":"2026-04-03T20:29:52.877002Z","times_seen":448,"resource_available":false,"data":null}},"time_used":2398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1368,"receive":1030,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/font/TikTokDisplayFont-Semibold.woff2","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.308Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/font/TikTokDisplayFont-Semibold.woff2 HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/main.27b52715.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 58168\r\netag: W/\"58168-1732123230000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:30 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":58168,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), CFF, length 58168, version 1.0","md5":"55f2c9805182923c1a5edae252e5cae8","sha1":"120cda3dcad468684c73d66542cb8ba3468d00c7","sha256":"7bb86babddfad0c41562c6776e3f695b0dc8590e27e28429a9b895d1383bf82a","sha512":"c7e99000959b5021413ed1935d78ce2da51f7df02f6e86c1950e7463a71e9d2f01fde9df208fc60ca5598c1e41c1b928ce8ee5e429c7983030e84e9aa308d09b","ssdeep":"1536:dW84J4LNbBr/XXp+ORHoMXAIuSw7MNl2WjUcE/P2d8:pY4LN1pNRH9XdWMCiUcEX3","tlshash":"28430245a794400875ebd47f2fd3af877fd5322b4a821d1fe682c60f494ad5248ba4e2","first_seen":"2023-06-28T16:11:31Z","last_seen":"2026-04-03T20:29:52.907637Z","times_seen":2953,"resource_available":false,"data":null}},"time_used":428,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":424,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shopHolder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.640Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/shopHolder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 197265\r\naccept-ranges: bytes\r\ncontent-md5: wlhsASDBfawYQKzg1MOXpQ==\r\netag: \"c2586c0120c17dac1840ace0d4c397a5\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: b594af50cfeedd026850cfee-ade5a9a\r\nx-tos-response-time: Tue, 17 Jun 2025 02:16:14 GMT\r\nx-request-ip: fdbd:dc61:10:369::40\r\nx-response-cinfo: fdbd:dc61:10:369::40\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01c1b60bfde50276e8b7d0830f627646fef06008d5f9cd28b3f031f4a918f3183e9626b59891be19668b3d24f24bb8a303ba3646bc3280969006c7c171edb45db228ae87bf95a076662e5a19ddb6cd8ab03f7052dfb1f432decc1c67e341544562133e75d3431c3daa778cdb3a62cc013a422ad8f534b07a51464b4c9aa2960197\r\nx-tt-trace-id: 00-2506171425350B4639321B0BE26C5B7B-7A033C2550B81D7E-00\r\nserver: TLB\r\nx-tt-logid: 202506171425350B4639321B0BE26C5B7B\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, inner; dur=1\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331113\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":197265,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 564 x 999, 8-bit colormap, non-interlaced","md5":"c2586c0120c17dac1840ace0d4c397a5","sha1":"bd0383f9f1176b9d005b22d0cb793d5b76b096d8","sha256":"4cf9c584174b0ee786aad0e4dd112f3c1c9cbea6415255fa65646bf343d12ed6","sha512":"f8e64f99775f9091f6ca35adb5c8eff42e0bb53b8afdf05dc31ceae5c68492cea6a74d1fc4b367c4e0d903ea6c3db8d29df29fa2fbeed8280d416550a21a8ca3","ssdeep":"3072:/0i7Ob1hznckX4bgdA9qKF/I511lPbc/nDGiBGyTcXCEBm+pd9B5dEynoW5y:X7ORP/dA1Fg51LPbc/nJUrBl9B5W","tlshash":"e1141211f632e558db2226cbedc6d84430676a0343577ea0d790d8fe259847e14caf6e","first_seen":"2025-01-28T12:57:32.242925Z","last_seen":"2026-04-03T20:29:52.905645Z","times_seen":561,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":24,"connect":1,"send":0,"wait":12,"receive":18,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/4202b536750c4d449cce93685d24f50d~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.649Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/4202b536750c4d449cce93685d24f50d~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\netag: W/\"591-1732123152000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:12 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 72 x 72, 4-bit colormap, non-interlaced","md5":"f29ec15e3d82a755e8bde79c5e6d1b43","sha1":"634f499e156acf22a7615fe4267bc6a5fb9d128c","sha256":"3db1a67ad8b7d0fd12aa7c089be930cb96d2fd23cb37a253f0364dd4bbd0b811","sha512":"d798d4e9a1376c91f6897bea78fbe0fe872c1c3b84589b7e99d390d21124112bb4c7994814d812b7de7e3d4e9786987dfccbdce16739abce9d7c043b66acb7e8","ssdeep":"","tlshash":"24f0b1c782203c3a0b82d5638d92460397323e381baa603284d1a6713a033e88e180bf","first_seen":"2025-01-28T12:57:32.331714Z","last_seen":"2026-04-03T20:29:52.867004Z","times_seen":545,"resource_available":false,"data":null}},"time_used":1962,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1464,"receive":498,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/4148bf8dfe814b0d88cf4cb24db9c2b9~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/4148bf8dfe814b0d88cf4cb24db9c2b9~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"657029-1732123151000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:11 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":657029,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1884 x 669, 8-bit/color RGBA, non-interlaced","md5":"05ec86713138a60c819b2e276ee9a775","sha1":"0300aca3c738e8c863b92f00fb898dcc9d675411","sha256":"c5d53db5a9ee1078e847c85ecc88f8c9b769a055e80cb248cbc3a1e7d9623b73","sha512":"75bbbeded1368ecc37e5ff1444e535a2352fde1d8ef564d5cd0c9c68de9cc028dde6a45f7b8d709c8eb71904e6b00c57f36fd210919846708f763142a55ebbf1","ssdeep":"12288:cC0xbcPb8AmmOAloSGy3QuMi78ixS9jugH+YEC+q8uJN1O1E1:3pP1FOAoSGy3JVnU9jugVx8gQ0","tlshash":"6ed4230213fe49f8761974b58e793ccf57aac2d16f67c935e326ea342818ad1181ccad","first_seen":"2023-10-13T14:12:36Z","last_seen":"2026-04-03T20:29:52.922412Z","times_seen":406,"resource_available":false,"data":null}},"time_used":1442,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1442,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/join-today-02.d89159f9.jpg","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.668Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/join-today-02.d89159f9.jpg HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/jpeg\r\nvary: Accept-Encoding\r\netag: W/\"53204-1732123167000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:27 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":53204,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 438x321, components 3","md5":"44d0a833e839bf8a04e7e9ca60e644d8","sha1":"f9c2ec623bc2924434bccaffe676afbc73522efd","sha256":"9ed33b3ef60ab652478e565c2c735c969c73c24b04b0b2da353c5c63d658d8d4","sha512":"9259088f1d5fae0cf0e5132c2753e5afd39b0cccf0ceab3dfd53fc65abe111dbebee3943e8384a16f91a3342302a0715b32a05c89218ced70b3ccc829244b833","ssdeep":"768:hAt60Szo76Fayur1sBD7YcnBxqsPFTClceYj9CKlEFHhyWa7jr2zm0z0U+HNFj6:+Mdzo2Er1svqUFTC9Y8iwKPrYm80XV6","tlshash":"7d33020c97d2b5435fc26f3a0289200e4e294736e0799abfc6d4563773eb9ca5b601a1","first_seen":"2024-09-28T07:23:58.421889Z","last_seen":"2026-04-03T20:29:52.89896Z","times_seen":432,"resource_available":false,"data":null}},"time_used":1435,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1435,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-lodash.bf84b211.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.585Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/lib-lodash.bf84b211.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"95095-1732123189000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:49 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":95095,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65459)","md5":"6be4803af01cf9e16ddf93fb04a1db72","sha1":"0487ddef043cdb2e15e9bf5c599134f35a166ce1","sha256":"853623d58dedcd9a5e536bef349e9ff83dded42d4b1dd2fbab7fe601bb28626e","sha512":"ca190dab6ce3f636419cb5d23cb65d4948126e212756d9f05e6dd2702b09689488b5059277b32ff31d7b1497205804278f77f2f996c4608544322aa3686f71a6","ssdeep":"1536:52fmxNB/M6lzihdLUVnCsmdaKWsq5l1frkn9c/pn4QJn9pyHX:vPadIVlKWHDeCpL9pM","tlshash":"f09393c9bad3f05943a77860402f040bf23e6e54a88e9594d262e4dcbcbc55ee177f1a","first_seen":"2024-09-28T07:23:58.446746Z","last_seen":"2026-04-03T20:29:52.93395Z","times_seen":570,"resource_available":true,"data":null}},"time_used":924,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":924,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-polyfill.144bde91.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/lib-polyfill.144bde91.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"247143-1732123189000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:49 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":247143,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4d409a82f1fd1ccdb4146719442dc76f","sha1":"513830bb776dc7f35be3c4259dabcac2b5c3aab8","sha256":"c5425790d0cba801d53c4e17a27acb6897f5b3908397ef6f803140dfb408b003","sha512":"806134eebc7ff56dfaf3e8d0ba7089aba86c57599e490edcb5b87221b7598aa2a35587a5b12443b2ed14acd0c66d9ba8c6e0ab1c787a984e9e8ab49a02774e78","ssdeep":"3072:la0q8CJLo4Mhy7a2O+MqOTkhMaJt+iFjvGW:m8YwhycmjjvGW","tlshash":"dd34b988b292f0e64bf264d4407f8407f1771a64a44da851ffa1d884687bd4fb07babd","first_seen":"2024-09-28T07:23:58.455437Z","last_seen":"2026-04-03T20:29:52.879697Z","times_seen":567,"resource_available":true,"data":null}},"time_used":1043,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1043,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/main.a0906336.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/main.a0906336.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"13686-1732123194000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:54 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13686,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13686), with no line terminators","md5":"34c65ea5f113504cce2d321b961ecdb9","sha1":"08452295b557781bdb2c040bfd8af380f3d0382e","sha256":"bf5826fc56e122bba36429ed692b35c5ca3502f1946adb91901a7eb86becbab4","sha512":"ce29cfa7520bd62e82f7ae4af90ecf259ecc2df46ff3a2378b1e76ad5b8061d9cb271c0cc70e0d193768aa7d914e7e5e9c533bfd83dd00b1e83a3213bd0ab781","ssdeep":"384:5Llw/fc/7T6EsqjFx7TsvirLWtY8x0r8X2iw+fq3coaQXgpJhA:5LO3c/7TsqBe68x0r8X2iwMq3cJi","tlshash":"76520cb6c04138bf2e8e0a84500e3ebaacad5ecf916d7570955c68ddb144af7bc0dac4","first_seen":"2024-09-28T07:23:58.371454Z","last_seen":"2026-04-03T20:29:52.888936Z","times_seen":564,"resource_available":true,"data":null}},"time_used":1083,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1083,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/picture/c666799076d342bcbe271ae1ac94144f~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/picture/c666799076d342bcbe271ae1ac94144f~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"612358-1732123159000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:19 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":612358,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1884 x 669, 8-bit/color RGBA, non-interlaced","md5":"e7cbba359170d1303ad7224b2b3f7e30","sha1":"d45cdc9e57ed797588cf6abcb0632e099c5d13f7","sha256":"8830b3758c3a2224eb84c7648ffb5a7c29bac6660e812c0b43144fab8fa8f2c7","sha512":"5123d5e83b9c1c581520190b5c70549d6992c4a4f005518e9b951c1c97cafa3cf1cf5cbd249b42756d014a7a8720dd76d46d8253da3624e2e8dcca2a8aea1220","ssdeep":"12288:xFffi0IHHWzjBLcj+ov/P3q5RowBerk2Ax0MkRo6kShhAva6FD+m:jGHHWNg+oHPyRowBn0AqhhIhkm","tlshash":"71d4234d42765b69ba90e87400739c0c59792ee98432ce9d477f796f3a7d2e80bc842f","first_seen":"2025-01-28T12:57:32.352068Z","last_seen":"2026-04-03T20:29:52.882203Z","times_seen":388,"resource_available":false,"data":null}},"time_used":1443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/1.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/1.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: lTGR0M43RtYieryITRyRiA==\r\netag: \"953191d0ce3746d6227abc884d1c9188\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 4cd86f5aa61c3b80685aa61c-abd4d69\r\nx-tos-response-time: Tue, 24 Jun 2025 13:20:28 GMT\r\nx-request-ip: fdbd:dc61:c:149::16\r\nx-response-cinfo: fdbd:dc61:c:149::16\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 0104bcd989a6f93b61cfefbaddee76253728fac3957cd20bbb2027caaddf29ceecac748f783f24b36611d982393abd975b5cbeb71ba32ce7a550aca8afde4d1f7644fc66df564f5b923a7a3c2a39302e1c3c9b7436319e3b80dc7771ab03a9cf67a0d688b2e782b72acadb6023e317bfde\r\nx-tt-trace-id: 00-250625033821309389A8D8FDAAC9A642-29E5B5CF4D31B2D7-00\r\nserver: TLB\r\nx-tt-logid: 20250625033821309389A8D8FDAAC9A642\r\nx-origin-response-time: 22,23.60.159.151\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-344042/344043\r\ncontent-length: 344043\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=1\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d33123a\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":344043,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"953191d0ce3746d6227abc884d1c9188","sha1":"4d815bdd8ae1c8f366ea18b3712dc3f815c3c566","sha256":"8d14f425615fd88d6c58df03c6ec521ad18d3ad4c845f931ae3eecbcab4b8c4e","sha512":"fbc4b3461abee4ba3948ff432cecfa60b3894d68f1c682bde85a64cfa42a777ffd924652f2eaa6503d402136f18e662ac583abc49728e75ed1160340e8f1bed1","ssdeep":"6144:lJQid6qp2NOJTkHI4Q3FSW6za9X1hSAxFWHe96IMnZCaTuQYwFrfkDrry:lr5229jead1LxFWHtTuFw9Mvry","tlshash":"84741263e3c7593afeb4ae7640d080968d49009802fe4bcb7c8d9d164fd4ba91f64de9","first_seen":"2025-01-28T12:57:32.24802Z","last_seen":"2026-04-03T20:29:52.915695Z","times_seen":545,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/css/main.27b52715.css","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/css/main.27b52715.css HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"16928-1732123237000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:37 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16928,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (12032)","md5":"627fca2cf3aebaa58a65a05ea7bf383d","sha1":"9472604196cfb348da2b7e0d3f98ab490c368706","sha256":"aa55864ec6642cd7330cd0d3fd9133fbb9926b6aec799b676153ee06c2ade3ab","sha512":"623783e0da7d2533aec3d16bdd57472994b6e93cd427ee760eb2cd9d7c54f973b6cd8780108352c643fca884255d5d9488f5add3682c72202512748420ed28de","ssdeep":"192:176U+aXnZgrCRIlt9O27JXY+7JXYY7JXYtcJFhbpQsfK2yrL4V6RK4Up:N6Hai9vv5Fzhbpu2t6K4Up","tlshash":"6a72b714a220143aee33c9f7f6d1fa483215b2c2de3ad7f6f9055510eada9aa1593b04","first_seen":"2025-04-17T16:39:50.277901Z","last_seen":"2026-04-03T20:29:52.886714Z","times_seen":390,"resource_available":false,"data":null}},"time_used":1081,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1081,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/838.a10936a8.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/838.a10936a8.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:48 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"36427-1732123185000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:45 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36427,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (21933)","md5":"bc4d89c9a2c17a8ae31eb040c70ed5a7","sha1":"6bf5da7743761a2376406e7fabb77bb11c9612f0","sha256":"c54953f443c4ea82c58f6ce421ccd7d38da866ed91ca7cf3462fe225135882cd","sha512":"812b6ccffbb6c1f3ce6fd484179cdac69e4ed7d673ac11de1fe7e14049ebbe9ce5a5bbcbdd6a9695d29513076429ce8cc8230f9ba1e2c830c9661ecedbc358f3","ssdeep":"768:mMeUGnwMod+y5Y5RtepS8DoMpl2OiBH86gJB/lp:3eUGn9TqXdptGg7Np","tlshash":"45f24ac0f155f538535a98a942af41087329710cec6cdc84f35ac8953be4ed5e263bfa","first_seen":"2025-01-28T12:57:32.297156Z","last_seen":"2026-04-03T20:29:52.91448Z","times_seen":448,"resource_available":true,"data":null}},"time_used":1425,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1425,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/shoptab.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/shoptab.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: tZEIsBAj1beG6z5aizUw8Q==\r\netag: \"b59108b01023d5b786eb3e5a8b3530f1\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 6f15525f5516a297685f5516-a364698\r\nx-tos-response-time: Sat, 28 Jun 2025 02:36:06 GMT\r\nx-request-ip: fdbd:dc61:5:314::210\r\nx-response-cinfo: fdbd:dc61:5:314::210\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 01e21d16cfc1b32daad76cc2f7d92e5e6c8170291f0962fdd0be2b329555307ab1b95e574df352bdcbc1e43aae1d52026d523757ba33d0aecc9ab59e18da6ff116de52440c27c68a76b24aafb42961ce12a69a1a8752cd0758374a061177b781c74be10fadfcf71c65beb74e5515fef76f8647d71e43819a99351d2926be0a661c\r\nx-tt-trace-id: 00-250628234123A84FD1321ED7C675975F-0246E34A74C7E67C-00\r\nserver: TLB\r\nx-tt-logid: 20250628234123A84FD1321ED7C675975F\r\nx-parent-response-time: 37,184.27.176.31\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-1104895/1104896\r\ncontent-length: 1104896\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=2, origin; dur=0, inner; dur=2\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331239\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":1104896,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]","md5":"2acdd6b1d469e23e5633e558ab29e2d3","sha1":"352929ffe5f32eb0aa9d071032d457b40fc2b8d2","sha256":"c16175227ab495ac2272bc2472e1d470fca3935983c5908abe5dd6113a7c030f","sha512":"0466f354e4ac9656b8c0f5aa887a8cec2c0c2c434b252e722f30ca4aaa980e429a6d260ad814ddbe1e08da18eb7add194cb31ca85b16c0ae946a76581fd68a86","ssdeep":"24576:+tFerzd/+CBXQnQMwa1Qpno2PG7JarFJs1+ltwqK7:+tF+d/+NnQMwa1Q68GVoFJsIltq","tlshash":"bd25334887ce7497ffb542f0235a5fa4962bdc44249c13f3065b807e27ab62524f4abd","first_seen":"2025-07-26T16:59:32.404364Z","last_seen":"2026-04-03T20:29:52.899858Z","times_seen":351,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":364,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/3.mp4","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"media","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/StatisticNumber/3.mp4 HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.5\r\nRange: bytes=0-\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: video\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nAccept-Encoding: identity\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 206 Partial Content\r\ncontent-type: video/mp4\r\naccept-ranges: bytes\r\ncontent-md5: 4H1t79Mq04BMA1tgc3uvQw==\r\netag: \"e07d6defd32ad3804c035b60737baf43\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_HIT\r\nx-tos-request-id: 625d203908ec209a683908ec-a362d28\r\nx-tos-response-time: Fri, 30 May 2025 01:25:05 GMT\r\nx-request-ip: fdbd:dc61:5:308::66\r\nx-response-cinfo: fdbd:dc61:5:308::66\r\nx-response-cache: edge_hit\r\nx-tt-trace-host: 019c3d20f855fa773934976d96ab061657313d5acc0e2835840844ec69567424e8fea77e4dd42edc9d55013c664c912c63ac28999e3abfbebc7bc0586b403474f207e1f3759e29575636aa67a54831eaee1e77405b149afae7505423dd2b3d4a859ada79a3b20f3f411f4357c3709dcd98\r\nx-tt-trace-id: 00-250530060004E5078BEFAA71F13BEFE7-6D0765830273E575-00\r\nserver: TLB\r\nx-tt-logid: 20250530060004E5078BEFAA71F13BEFE7\r\nx-parent-response-time: 13,184.27.176.7\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-range: bytes 0-186491/186492\r\ncontent-length: 186492\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=1\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d33123c\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"206","status_text":"Partial Content","fingerprints":null,"data":{"size":186492,"size_decoded":0,"mime_type":"video/mp4","magic":"ISO Media, MP4 v2 [ISO 14496-14]","md5":"e07d6defd32ad3804c035b60737baf43","sha1":"250d3a10c49077d62f168b0ce1d7b0d3f2653205","sha256":"077f3502a396fadd98a2daf1500b6d4a0788ed88d82cd0e3f3f503c078408590","sha512":"4f974d0324951f687a5ca7998033da50b70096220e7e809934149c103685843104163173e9b7551ad405e1515c03ce5b1cdafdea54ed8b3d183a3dc26b957772","ssdeep":"3072:t6qvF+fdgX2GwFo3X9oxNrEduhECunrw2c1MjH7a8R95TMlLfoYNAnVw+:gqNrf+xNr+w2coH7Fn7","tlshash":"6604f1f663e5297efd79bfb349f050832a07daa192b80bc7bd9d24404fa16950f01d98","first_seen":"2025-01-28T12:57:32.252897Z","last_seen":"2026-04-03T20:29:52.936825Z","times_seen":566,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/css/m4b-theme-next.css","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:49.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/css/m4b-theme-next.css HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/static/css/page.ba41593c.css\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:49 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"663972-1732123237000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:37 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":663972,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"e817edf4bad066d527f51b74ded62f62","sha1":"926b56b042dc8940d5d6616d8e8838295f2acd3d","sha256":"9e84a93103073af1b3ecccb7d47e4a89b7d021d9d49f76020ff4de05af0fc43a","sha512":"1280b8bc2aebe8096c8db48e04d783ee306417c769c065c270f7108f1c46b9787f309e4bb244258b7f9f7d3beef0874f199852ceae9dd38258093072445b993b","ssdeep":"3072:+atahXmpVD0f23RDe/TO1VHYPYjZX/J0BGKS+9CAmSBjjKdN/Yfo7p/uPDmNFvIN:+aAv7RZ3+7Dt4tOJ78","tlshash":"1be41015a679103a2537812bb883facd23177601dd23bb7efa471dc54e88d9a4723f26","first_seen":"2023-10-13T14:12:35Z","last_seen":"2026-04-03T20:29:52.893548Z","times_seen":438,"resource_available":false,"data":null}},"time_used":952,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":952,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-30T22:10:45.938Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:46 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\netag: W/\"99637-1732123352000\"\r\nlast-modified: Wed, 20 Nov 2024 17:22:32 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"React","description":"React is an open-source JavaScript library for building user interfaces or UI components.","website":"https://reactjs.org","common_platform_enumeration":"cpe:2.3:a:facebook:react:*:*:*:*:*:*:*:*","icon":"React.svg","categories":["JavaScript frameworks"]},{"name":"Lodash","description":"Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm.","website":"https://www.lodash.com","common_platform_enumeration":"cpe:2.3:a:lodash:lodash:*:*:*:*:*:*:*:*","icon":"Lodash.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":99637,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (717)","md5":"19a9cd87fa2dcb485248e4ce1925cd0c","sha1":"7f6f3612d562d2c112d2f4ba42864def38d4f067","sha256":"2dbb7198a81fd491d7012eacc7f8fdf87ff68822d75ad1c0355c795e1954fd51","sha512":"4b0c206f3ac71ea32fc3a7ccad8324e62274f8fc3b13bc4ea7754672d896f22056518bc3bc5ce3a94c15a9391f675b5ea7c165d220aab51788318a1798955df0","ssdeep":"384:gPXDL7X8935u7pRmk08Ig0Aq0AVRA0jGvh0qzcFkq8Bfw0Tc7sbpPXta/lLPW21z:gPLs935+/PIgkLfk6CPXta/lrP","tlshash":"dda3b57295f120e2508a86f03e366f2a7f50e85bda669a49b6bc13d80f47c42cc7771d","first_seen":"2025-08-03T14:46:30.574768Z","last_seen":"2026-02-06T12:03:45.262521Z","times_seen":13,"resource_available":false,"data":null}},"time_used":2183,"timings":{"blocked":791,"dns":177,"connect":305,"send":0,"wait":601,"receive":0,"ssl":305},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-router.706221fa.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/lib-router.706221fa.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"54278-1732123191000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:51 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":54278,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (54201)","md5":"33e7cf1528a483f0c3d9da77a9935747","sha1":"162b9616fa767dd4ec7b64c157e859099782a87f","sha256":"7ee5d4c6a5b6b9013b91f3a7b74dfde9c03b70859bc5e64506984bc75276e990","sha512":"bc7d36a6232b763e6d808690bc07b3a4c9e87caa203a191675e996d560c355575b98b175cfdeea606c9f232c7573680bef1793e6c44c19f33b63d13710ff3103","ssdeep":"768:OK3cu7mmtBYfQoN0C3N3X6gL58s97iG3hfQKfg7g:XcuPC0CNqgL5CKoM","tlshash":"a733f9fab641b0665bfb03e6c0bb0125e3796dda206a4415b298ec4e3074d4da377f39","first_seen":"2024-09-28T07:23:58.450437Z","last_seen":"2026-04-03T20:29:52.900634Z","times_seen":567,"resource_available":true,"data":null}},"time_used":1040,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1040,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/css/158.de89f206.css","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/css/158.de89f206.css HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"27777-1732123232000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:32 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":27777,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27777), with no line terminators","md5":"028f6c971d8c330abd4d40ffca8247f0","sha1":"c945dba56dd55ce068aa7f04f23c2b2ef8c63ed8","sha256":"ba0a867534eb6437d65de4211f9a42fd4ae800d3283247ed40c403d26cf6fbe8","sha512":"f17c32e8e3bf49aa32a94b7408c836a7c6e176241e7a6aa95c9170d161f615340a3927ae58ac2d87e82f62a57192cb59c9b8ca86b5deaa811d43c3d0fc7f5ea7","ssdeep":"192:A3KnonO0E746qRET6ZO9ZRLqYPq/9GfvOvXH8pZf3SiA2lUqQx5DoOcdVhbbDMSz:eKoJRErQnuAbzs4yFwcubWRu0ey/","tlshash":"d8c25261b434222f257e4113b683958e3b4ab582bf633b7ef517d0cd8eca9125b61f12","first_seen":"2024-09-28T07:23:58.360439Z","last_seen":"2026-04-03T20:29:52.894257Z","times_seen":443,"resource_available":false,"data":null}},"time_used":1489,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1489,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sf16-va.tiktokcdn.com/obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/StoreHolder.png","fqdn":"sf16-va.tiktokcdn.com","domain":"tiktokcdn.com","tld":"com"},"ip":{"addr":"2.22.55.41","port":443,"asn":20940,"as":"Akamai International B.V.","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.641Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tiktokcdn.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R3 DV TLS CA 2020","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 07 Mar 2025 05:26:04 GMT","end":"Wed, 08 Apr 2026 05:26:03 GMT"},"fingerprint":{"sha1":"AB:A5:D2:DF:CE:6C:6D:AE:DD:36:C7:0F:CC:E1:32:1D:76:C7:35:C0","sha256":"75:76:14:5C:F5:BB:65:0D:C6:06:2B:2A:07:FA:50:AF:47:D8:3D:E9:63:80:10:B1:BA:42:B3:0B:51:AE:A7:9B"}}},"request":{"raw":"GET /obj/eden-va2/shayvW_Z[[/ljhwZthlaukjlkulzlp/CommerceSolution/StoreHolder.png HTTP/1.1\r\nHost: sf16-va.tiktokcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\ncontent-length: 102773\r\naccept-ranges: bytes\r\ncontent-md5: I4MjopdhVv/6tvrEVI3PeQ==\r\netag: \"238323a2976156fffab6fac4548dcf79\"\r\nlast-modified: Tue, 27 May 2025 06:41:38 GMT\r\nx-bdcdn-cache-status: TCP_MISS\r\nx-tos-request-id: 4610d76f382a01d8686f382a-ad91598\r\nx-tos-response-time: Thu, 10 Jul 2025 03:48:59 GMT\r\nx-request-ip: fdbd:dc61:18:421::49\r\nx-response-cinfo: fdbd:dc61:18:421::49\r\nx-response-cache: miss\r\nx-tt-trace-host: 014f9a46728ff669506b86f9f4707446375acb1c736ce21cf8291d109fa6badb5834fd81a0c7382070341fa2f29a03951bbc1b9b8878fe76d69fb5ad0c07a6086dc0c4996549016087a378377ea7d32969d865250311555b4c104b79d06a667809f27960fb03553bbc74373c7d86627efb\r\nx-tt-trace-id: 00-250710114858A45C16774C0A8BF6CF6E-1050B6567AD52405-00\r\nserver: TLB\r\nx-tt-logid: 20250710114858A45C16774C0A8BF6CF6E\r\ncache-control: max-age=2592000\r\nexpires: Thu, 29 Jan 2026 22:10:47 GMT\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\nx-cache: TCP_HIT from a2-22-55-37.deploy.akamaitechnologies.com (AkamaiGHost/22.3.3.1-d99a9e98b7d52dde86bd4d85ef9e7108) (-)\r\nx-tt-trace-tag: id=16;cdn-cache=hit;type=static\r\nserver-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, inner; dur=90\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nx-check-cacheable: YES\r\nx-akamai-request-id: 6d331193\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102773,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 565 x 999, 8-bit colormap, non-interlaced","md5":"238323a2976156fffab6fac4548dcf79","sha1":"665f5fd40ba423b018fb111f043f400854547e57","sha256":"d10436c67c7206ef5e2db1dfddeb770e74cd2a722e6be5eced08d5ad0a18627b","sha512":"133a1892e6290f6c5b8674267abdfab8a85dd450c8c789c76fc3a066b84a063945d76468afc8016605c4a34658b3c2c47787213bc0cc15fd4983cb8606fc9c1e","ssdeep":"3072:HJoNQIYvYo5CbDG+tEmgGUs9m3fx9XTjZL:HJcpeYo5CG+6mgGUvfx1N","tlshash":"8ea312add503c87284f616e5dede1df6e87487ae0ca50178ce652909cf05bafd122a0c","first_seen":"2025-01-28T12:57:32.241453Z","last_seen":"2026-04-03T20:29:52.894943Z","times_seen":561,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":30,"dns":20,"connect":10,"send":0,"wait":20,"receive":3,"ssl":50},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/image/1685248853e349b3802a3726304dbdad~tplv-aphluv4xwc-origin-image.png","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:50.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/image/1685248853e349b3802a3726304dbdad~tplv-aphluv4xwc-origin-image.png HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:50 GMT\r\ncontent-type: image/png\r\nvary: Accept-Encoding\r\netag: W/\"412545-1732123198000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:58 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":412545,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 960 x 1196, 8-bit colormap, non-interlaced","md5":"6f1760ee975c827e3eba71684bd81906","sha1":"91a2e2cdc26b7b753d697c16c72f087040398be4","sha256":"5ac414e9254420b7784fe71590ef0bb93fae29d27562997e4732ad5fa220cf70","sha512":"25cf50b164da477b2ea53a2005caeb1cbd74c9737c4beaf5c6fa32e09cd34afe79775d3ac7eadadd5eb90278ea5d02d3ed61759200c7d68ddf889889040418ae","ssdeep":"12288:z+H6regtDhBazAzFXcjm3KjEwSqiMov+NxqcSE:trei9BgAzeM6SqiMooqE","tlshash":"8894231e2a6a5b933c8338aad8f2d5b8dd675d03c1384e8a27051438fb7d5a5d078f26","first_seen":"2025-01-28T12:59:16.216655Z","last_seen":"2026-04-03T20:29:52.875139Z","times_seen":404,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":354,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/js/lib-arco.afd3802c.js","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.579Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/js/lib-arco.afd3802c.js HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: application/javascript\r\nvary: Accept-Encoding\r\netag: W/\"295368-1732123188000\"\r\nlast-modified: Wed, 20 Nov 2024 17:19:48 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":295368,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"66296ae08db9dce0b0ec23e84f1cfa82","sha1":"bbfb60f99fc2b9d2cd418c0ef49790688f83d47b","sha256":"4167eb82e602d4d57bf9d4c41cfd52696be67c0e53cf870b1a48ddbe76847cb5","sha512":"78f0bb30c14c0471032453920e4dce8674bad7f260839843e3892e659e9bf04528767e6eeb6d506535cee8af6595546886318bb95369f8787ad21512749cd373","ssdeep":"3072:IgXb9MtoaJJAtDW6Wu8HI83tcWJpaWJA9H2LvVbEmpNkcsQREkjFNdIw0XhJsBk:e337JpaWJA9H2LvVbn9sQREkuw8ek","tlshash":"13542dd87254b0a593fb41b6803f180ef33b361cb8398d50e2b5e8d474a5649a52bfbd","first_seen":"2024-09-28T07:23:58.35934Z","last_seen":"2026-04-03T20:29:52.864471Z","times_seen":569,"resource_available":true,"data":null}},"time_used":422,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":422,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tkmallalliance.com/static/css/lib-arco.a6d75600.css","fqdn":"tkmallalliance.com","domain":"tkmallalliance.com","tld":"com"},"ip":{"addr":"202.146.222.179","port":443,"asn":152194,"as":"CTG Server Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tkmallalliance.com/","date":"2025-12-30T22:10:47.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tkwholesaleiee.org","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Mon, 15 Dec 2025 15:56:53 GMT","end":"Sun, 15 Mar 2026 15:56:52 GMT"},"fingerprint":{"sha1":"23:C1:F6:90:5C:EE:5A:6D:46:2E:C8:E5:AB:A3:88:7E:E2:ED:08:6C","sha256":"43:0C:E1:9C:9A:F0:51:F2:07:92:61:0D:40:26:64:06:0E:BF:29:9D:3E:C1:4A:73:06:59:D7:E3:68:27:A5:14"}}},"request":{"raw":"GET /static/css/lib-arco.a6d75600.css HTTP/1.1\r\nHost: tkmallalliance.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tkmallalliance.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Tue, 30 Dec 2025 22:10:47 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\netag: W/\"1225769-1732123236000\"\r\nlast-modified: Wed, 20 Nov 2024 17:20:36 GMT\r\nstrict-transport-security: max-age=31536000\r\nalt-svc: quic=\":443\"; h3=\":443\"; h3-29=\":443\"; h3-27=\":443\";h3-25=\":443\"; h3-T050=\":443\"; h3-Q050=\":443\";h3-Q049=\":443\";h3-Q048=\":443\"; h3-Q046=\":443\"; h3-Q043=\":443\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1225769,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65480)","md5":"f26fe4514a67ea9dba1b2bbca58944cd","sha1":"2e9f92da2f22267cc0fcdb8ab0f479d29e8aa373","sha256":"2a2df513b8f079699862bfbecc4505ad1bb80539c7a730f1ccab06a380017059","sha512":"b76b33a1e7d2d1117b6e1a476949a9f5a1ff1833a1eaadc8cc52a208adf60ade8e43b4f88c80b9972a2b31e7df12b3b1f283f8eada88fa9ccd64e3c979189d93","ssdeep":"12288:q1NO9E/f/p4h8CuCGZNT0OPTvM6TwCOB3s:q1IE/f/p4h8CuCGZNT0OPTv7wCOa","tlshash":"8a2530156e75102a2537812bb886e9cd23027671dd23af7ef6431d848e88ff64772f26","first_seen":"2025-07-26T16:59:32.407472Z","last_seen":"2026-04-03T20:29:52.934798Z","times_seen":252,"resource_available":false,"data":null}},"time_used":1082,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1082,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-30","alert":"Sinkholed","trigger":"tkmallalliance.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}