tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
301 Moved Permanently 0 B URL HTTP/1.1 tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/27875/edda63fb65099eaeb265e00fdd114ffa/ HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 06:02:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 07:02:31 GMT
Location: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Server-Timing: cf-q-config;dur=7.9999954323284e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3cxXsCNxomqXH3olxNmbe3s7V9uFDDalPGjjpK4piyDfumluJYAjhnm2xBZR6fSK2g1YDlyj0B98%2B9ljEmX4zAOVDy%2B%2FiDQrwJnDHRRSw8dDZM886kS%2FHYC3zwh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7917ffcd8e7374e1-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4795
Expires: Mon, 30 Jan 2023 07:22:27 GMT
Date: Mon, 30 Jan 2023 06:02:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5403
Expires: Mon, 30 Jan 2023 07:32:35 GMT
Date: Mon, 30 Jan 2023 06:02:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7892
Expires: Mon, 30 Jan 2023 08:14:04 GMT
Date: Mon, 30 Jan 2023 06:02:32 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 05:35:41 GMT
content-type: application/json
age: 1611
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6Xp1JHTCoAbwsYMrh6mvuU3pkMEMEXpxVwt71Cth8vI/daVJsCAE2997f6rpua+hyJ/sOM0gd8A=
x-amz-request-id: QVNT07HY1E3QC383
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 05:50:37 GMT
age: 715
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/WnWU8E_0Z4c
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WnWU8E_0Z4c
IP
Hash bc2326841f4a888b239cf07772261405
eebea5f8ddec1fe3905ccff972f845d2b194037f
7cc8d8eb6133ff02f17a7c847fa5d8917a44a636342b36131ab75d05e1c476c9
POST /s/gts1p5/WnWU8E_0Z4c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/WnWU8E_0Z4c
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/WnWU8E_0Z4c
IP
Hash bc2326841f4a888b239cf07772261405
eebea5f8ddec1fe3905ccff972f845d2b194037f
7cc8d8eb6133ff02f17a7c847fa5d8917a44a636342b36131ab75d05e1c476c9
POST /s/gts1p5/WnWU8E_0Z4c HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tktube.com/static/images/logo.png
200 OK 2.6 kB URL HTTP/2 tktube.com/static/images/logo.png
IP
File type PNG image data, 181 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash cf316b70092d435274d8fc7eae9cad2c
77f5e0671a5ac7262422f3f879fefb7a95e93d29
c2fe6ab9f4f5b5b865356d3ce1d09f146d310932866c2a2cc123c9a665b49625
GET /static/images/logo.png HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: image/png
content-length: 2558
last-modified: Sun, 04 Aug 2019 12:59:18 GMT
etag: "5d46d6a6-9fe"
expires: Sat, 18 Feb 2023 23:13:10 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 659409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXnqK3zGkkKlLi96t1nMd%2FSCU2lmt4R32y7BmUJXltg5l81iRiCts6Ucg7K0TwcytswNnBzcZD4Qd24EiMY95XjGPAxFUgmF1EXBjAQKMLBePfH9VTSxvUb7VWMN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd13a0074b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tktube.com/contents/videos_screenshots/27000/27875/320x180/3.jpg
200 OK 9.9 kB URL HTTP/2 tktube.com/contents/videos_screenshots/27000/27875/320x180/3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 9901aaa978352600d369beefcc1f92fe
7137cc57e9b94674de9b2ce2266bcb1ee40dcc4b
585ce0405710be16a171dea0c8981c18431ba841bde7f26401abe8c7121777df
GET /contents/videos_screenshots/27000/27875/320x180/3.jpg HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: image/jpeg
content-length: 9862
last-modified: Tue, 30 Jun 2020 14:34:33 GMT
etag: "5efb4d79-2686"
expires: Wed, 01 Mar 2023 03:27:54 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4vae3U5GTjpZfvfU2Qc0AnPiymOTnE%2FDhG%2BVFMDrtocz%2BWUX5hNglTbhC0otj2QTUN04Zikip62R%2FgwqzzPolwVaKxnODzjqjLrKpVy3AsLO5XXpKE9By9SDBSZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd14a1174b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tktube.com/contents/videos_screenshots/27000/27875/320x180/4.jpg
200 OK 4.3 kB URL HTTP/2 tktube.com/contents/videos_screenshots/27000/27875/320x180/4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 0fb7d0e50e9ee90a1d0315771b8d613e
f5ee785f1736a6437efc2ce832d47059e7cbb2c3
01adf3104e5b14e9a50a7a4e49f7da73bea2494afe9e58f993801cca0c5a1d51
GET /contents/videos_screenshots/27000/27875/320x180/4.jpg HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: image/jpeg
content-length: 4342
last-modified: Tue, 30 Jun 2020 14:34:33 GMT
etag: "5efb4d79-10f6"
expires: Wed, 01 Mar 2023 03:27:54 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzhwBcqOMmV%2FYUuJLgHTw7AUQifN9t2WlTgpfsKpPoA85xL2Jghtplz%2BPDyJAjeWQ%2Bev7TQdJ%2BXAM%2FZ%2FMI%2Fkm4e1ddEkCKgpCLV10xQ1oPblDKyfxjoEgWIgAikE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd14a1374b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tktube.com/contents/videos_screenshots/27000/27875/320x180/1.jpg
200 OK 9.0 kB URL HTTP/2 tktube.com/contents/videos_screenshots/27000/27875/320x180/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 3535934da06a0d2303d77356f43285e4
57f6d34f18e213ccdd072e61310822e144d28138
f3d6ab6dd9b8360371070df3256421ba1bd684adda17c68b3ad26b617119b9ae
GET /contents/videos_screenshots/27000/27875/320x180/1.jpg HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: image/jpeg
content-length: 8960
last-modified: Tue, 30 Jun 2020 14:34:33 GMT
etag: "5efb4d79-2300"
expires: Tue, 28 Feb 2023 18:59:09 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BJTyDAEI%2FA1ajucpNhJa6h0%2FalrI3mtOVgiRJ5cj5q64%2Bg6XL0vxbAnGIXhZU98e5LHgj5irC2sWMlr4UkjgYqBsWtpLwv6Z8eQEtWl0pGzPv9vqpRZW9bQch6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd14a0e74b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tktube.com/contents/videos_screenshots/27000/27875/320x180/2.jpg
200 OK 5.9 kB URL HTTP/2 tktube.com/contents/videos_screenshots/27000/27875/320x180/2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 3386857bad2dec9befa6df135b8caba3
b4f8e44f8b6a589c4416fd283ceaf9d7ccf4b552
15cab72b9d5807933e14ca5025156b2c86741f4f8ab2398e80ba12b3d1c6a95b
GET /contents/videos_screenshots/27000/27875/320x180/2.jpg HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: image/jpeg
content-length: 5895
last-modified: Tue, 30 Jun 2020 14:34:33 GMT
etag: "5efb4d79-1707"
expires: Mon, 27 Feb 2023 09:54:58 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zB8DskOyiYm83%2FtpKKU1NRiev6L%2BlnHh74wWTJIMckxUuIzJ6Y5yTgUVCZ5BNLrMjyiwgApgWwgewCBCcjc6R9BGGWe712Om8bchKtt0JU4rFBOPQbE%2BWjphM%2FD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd14a1074b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tktube.com/contents/videos_screenshots/27000/27875/320x180/5.jpg
200 OK 5.1 kB URL HTTP/2 tktube.com/contents/videos_screenshots/27000/27875/320x180/5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 7f0feb9abd9c4617e37d40acfcf319fc
b825de21f82ce591895c65e822a92d2c4295c98d
4de5e0c4b6bfb5c09ea9bb0f3ff16ec39f622f3121292fc5573cae3c8bf1fcb3
GET /contents/videos_screenshots/27000/27875/320x180/5.jpg HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: image/jpeg
content-length: 5055
last-modified: Tue, 30 Jun 2020 14:34:34 GMT
etag: "5efb4d7a-13bf"
expires: Mon, 27 Feb 2023 09:54:59 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20CVmYi%2FjjpPm%2BXkMjRIESkde51f2%2BEiJhRzjgHzKims0pW5EXqRVBL2e7FARsxpPh%2B1tBXJZvP1KE7oZApM2ZddlkWRVseER4S7rMYclK0xkiFiYfyfQ%2BF0VaNY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd14a1574b9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash dafbce9cddefb80f89431fae84911f5d
a96636b8fb6878ebe8365d02a0f1678228094371
e69f032d1b3eefff93077f5948673d83b806d67a2827490e43d2f764eaf493fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4050
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Last-Modified: Mon, 30 Jan 2023 04:55:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/LIAv5wictZo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/LIAv5wictZo
IP
Hash 3e0bfd3e0507042994400d532c02d2af
853ed0062b26b02d4a23b07061ca4d2ecc774392
72ce57868b07f8fb57b82bc85b57051585a2b2bd32da945b51c4fb48a2140f5a
POST /s/gts1p5/LIAv5wictZo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?onload=recaptchaOnLoad&render=explicit
200 OK 578 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=recaptchaOnLoad&render=explicit
IP
File type ASCII text, with very long lines (910), with no line terminators
Hash 3b6a8a277a3252428757dd21339a1dc8
03ba9a83dfb0bc9df4f781802e0334fc6e61f08f
b35fa3c212290e627cdaf45222f4e0ca4a2cf5f30d3b24d3f89f65e0b44212ba
GET /recaptcha/api.js?onload=recaptchaOnLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 30 Jan 2023 06:02:32 GMT
date: Mon, 30 Jan 2023 06:02:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 578
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tktube.com/player/kt_player.js?v=5.4.0
200 OK 60 kB URL HTTP/2 tktube.com/player/kt_player.js?v=5.4.0
IP
File type ASCII text, with very long lines (33702)
Hash 95c29bfd761ce8a9b0bbea817f32b502
b0673945e85e6b5fb5d2323df46a87c3bf552152
7ca67035307fe96a423df6fa22d97ef25b0c85adcfe1880c97ced0fce271a1ce
GET /player/kt_player.js?v=5.4.0 HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Apr 2021 21:35:58 GMT
etag: W/"6070c8be-280f9"
expires: Sun, 29 Jan 2023 02:25:28 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 40686
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahfTuxvJmP8YDmHqLk3pELoiAFyhQrFk13Xu3oOuyOHH9EdqG5K26nsBzNjyjtTufn87T6%2FXkIoOnznxbpdDZ96bC2bgiV5lsJOa7rQ4zL5WXcgz7FeK%2FylhDRbd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7917ffd13a0b74b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-36407794-11
200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-36407794-11
IP
File type ASCII text, with very long lines (1759)
Hash 65b498cae47e717d642a70058f8f0da4
4e60c90831fd4723476785ca2d5c234e6381f08f
a7822694300ff7ca048ce8adbf477f2f8f9b59dea586e2a0b2b4f58a9d53a0cc
GET /gtag/js?id=UA-36407794-11 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 06:02:32 GMT
expires: Mon, 30 Jan 2023 06:02:32 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45007
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads.js
301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 30 Jan 2023 06:02:32 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/LIAv5wictZo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/LIAv5wictZo
IP
Hash 3e0bfd3e0507042994400d532c02d2af
853ed0062b26b02d4a23b07061ca4d2ecc774392
72ce57868b07f8fb57b82bc85b57051585a2b2bd32da945b51c4fb48a2140f5a
POST /s/gts1p5/LIAv5wictZo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:32 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 360592d795e62f131919f9367b212a72
38f030739b565d3a24d1d2160260e5eeb4097880
cbcd5439a5fa7dd11364de857c15a682abe4076de8c75e6f44ebb958912fa64e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CBCD5439A5FA7DD11364DE857C15A682ABE4076DE8C75E6F44EBB958912FA64E"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3899
Expires: Mon, 30 Jan 2023 07:07:31 GMT
Date: Mon, 30 Jan 2023 06:02:32 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3a4cb5b3e759ed4d26c5671151498e6a
4be586be681ec3971a2686d8eff4f1882e1cab21
d0b21d6b7712d67c1c4dcbcb281100dbf01745befd6bac36ff608b7c56f657f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0B21D6B7712D67C1C4DCBCB281100DBF01745BEFD6BAC36FF608B7C56F657F4"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 30 Jan 2023 12:02:32 GMT
Date: Mon, 30 Jan 2023 06:02:32 GMT
Connection: keep-alive
creative.live.tktube.com/widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup
200 OK 852 B URL HTTP/2 creative.live.tktube.com/widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d024e6d9b720f2f75247d4b8f11f9b8c
8fdc652a5c32d9207aa9d5ce74d809e6509a156d
7b48d5e9e7f7d59e8dad4f131c0b8fc9a6471d8afe0688719d05012adaff4a0d
GET /widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: text/html; charset=utf-8
content-length: 852
last-modified: Tue, 24 Jan 2023 03:07:04 GMT
etag: "63cf4b58-354"
expires: Mon, 30 Jan 2023 06:02:42 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
accept-ranges: bytes
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }, { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 05:41:41 GMT
age: 1251
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3199
Expires: Mon, 30 Jan 2023 06:55:51 GMT
Date: Mon, 30 Jan 2023 06:02:32 GMT
Connection: keep-alive
poweredby.jads.co/js/jads2.js
200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 21 Nov 2022 05:24:20 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"637b0b84-eae"
Content-Encoding: gzip
creative.live.tktube.com/widgets/Spot/lang/en.json
200 OK 28 B URL HTTP/2 creative.live.tktube.com/widgets/Spot/lang/en.json
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text
Hash 6a8f2ee13842cf57c111122134801c5b
7baf48cee5682cf834663643e41f994d6336ce00
065782e76dcfa6a9181cc36d69abefa429aafe2db2171b5d705a35b3fe234e3f
GET /widgets/Spot/lang/en.json HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Origin: https://tktube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/json
content-length: 28
last-modified: Tue, 24 Jan 2023 03:06:59 GMT
etag: "63cf4b53-1c"
expires: Mon, 30 Jan 2023 06:02:43 GMT
cache-control: max-age=10
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash d49f7aed2f183ad87462ebe20fb06c10
1b991d8e1b675f80711a2ed3197edfe609582aa3
7e9be1379810720ae61ba19e91df55f470e364ef5ab71495bc2acb7228142c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1079
Cache-Control: max-age=161559
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:33 GMT
Etag: "63d72d59-116"
Expires: Wed, 01 Feb 2023 02:55:12 GMT
Last-Modified: Mon, 30 Jan 2023 02:37:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash acae3d83844e71bd0f78e13cf3dd949e
62de089f4432610da12f8a34516d234e195673d6
53ba4ad071616d25c18b34b6d34e19931e09fdb033a2f0503a654394bb9168a4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53BA4AD071616D25C18B34B6D34E19931E09FDB033A2F0503A654394BB9168A4"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19375
Expires: Mon, 30 Jan 2023 11:25:28 GMT
Date: Mon, 30 Jan 2023 06:02:33 GMT
Connection: keep-alive
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Origin: https://tktube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: 0fkoAgXFjqe3H05x08Sids6z7+pRvHPb+/45QAJr/x1uWMHxcDrML94EkX3OBwLfpURilBggDZU=
x-amz-request-id: 5F6T1D43RPKJ0F0N
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://tktube.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
expires: Mon, 30 Jan 2023 10:02:33 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
set-cookie: __cflb=02DiuDfsBaY2bRYJiCfFHYpfgnRfzoh6LWTEkkabfMHnL; SameSite=None; Secure; path=/; expires=Tue, 31-Jan-23 05:02:33 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd4fb65b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash d49f7aed2f183ad87462ebe20fb06c10
1b991d8e1b675f80711a2ed3197edfe609582aa3
7e9be1379810720ae61ba19e91df55f470e364ef5ab71495bc2acb7228142c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1079
Cache-Control: max-age=161559
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:33 GMT
Etag: "63d72d59-116"
Expires: Wed, 01 Feb 2023 02:55:12 GMT
Last-Modified: Mon, 30 Jan 2023 02:37:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FkYgal94++KtAyWa3eZEAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BrDWSPTk/64GVhovRbuWJC4gWIw=
nimhuemark.com/solid.gif?z=1843476&abvar=0
200 OK 43 B URL HTTP/2 nimhuemark.com/solid.gif?z=1843476&abvar=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1843476&abvar=0 HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
stenchdaltonrunaway.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
200 OK 29 kB URL HTTP/1.1 stenchdaltonrunaway.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 8c9757fdc9375d6a3a11fbc9b8af1852
262c686e4b76719e7e89a994857aa51f8e226c31
964c23b980288432b0fbea01c193434ae1284b00f7e8e1b583995b2548cf2f11
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js HTTP/1.1
Host: stenchdaltonrunaway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7c41402140896e1eea1f3f3fdff981bc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
syndication.realsrv.com/v1/api.php
200 OK 3.5 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (5802), with no line terminators
Hash 00d17e4e49356676da32ff00862bfc52
69ded7a3b768737b66ffbbf6bd89f81b0485b3a3
6666841d142ffd9e589300ce1eb8a5d439a5f8c1cf58e0a39eed20a520cf962e
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 432
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://tktube.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263d75d78de3257.03125866414920374%22%3B%7D; expires=Wed, 29-Jan-2025 06:02:33 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNDA5NTAsInNpZCI6MTE3MzcyNCwid2lkIjo0MDExMTgsImQiOiJ0a3R1YmUuY29tIiwibGkiOjF9&tz=0&if=0&u=aHR0cHM6Ly90a3R1YmUuY29tL3ZpZGVvcy8yNzg3NS9lZGRhNjNmYjY1MDk5ZWFlYjI2NWUwMGZkZDExNGZmYS8=&inc=0
200 OK 0 B URL HTTP/2 prhzxq.com/wnload?a=1&e=aeyJwaWQiOjExNDA5NTAsInNpZCI6MTE3MzcyNCwid2lkIjo0MDExMTgsImQiOiJ0a3R1YmUuY29tIiwibGkiOjF9&tz=0&if=0&u=aHR0cHM6Ly90a3R1YmUuY29tL3ZpZGVvcy8yNzg3NS9lZGRhNjNmYjY1MDk5ZWFlYjI2NWUwMGZkZDExNGZmYS8=&inc=0
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wnload?a=1&e=aeyJwaWQiOjExNDA5NTAsInNpZCI6MTE3MzcyNCwid2lkIjo0MDExMTgsImQiOiJ0a3R1YmUuY29tIiwibGkiOjF9&tz=0&if=0&u=aHR0cHM6Ly90a3R1YmUuY29tL3ZpZGVvcy8yNzg3NS9lZGRhNjNmYjY1MDk5ZWFlYjI2NWUwMGZkZDExNGZmYS8=&inc=0 HTTP/1.1
Host: prhzxq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Origin: https://tktube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
access-control-allow-origin: *
access-control-allow-credentials: true
X-Firefox-Spdy: h2
creative.live.tktube.com/widgets/v4/Universal/lang/en.json
200 OK 172 B URL HTTP/2 creative.live.tktube.com/widgets/v4/Universal/lang/en.json
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text
Hash 69a54638b649d7ce4748bd42c4b6dade
a2dfe9f8791952fbc5cc44d4757b031a6cee1731
0c25fbbff92c994866041b57d519aa22aa84d55b6b31bcf681dd5b74668cb750
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.live.tktube.com/widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup
Connection: keep-alive
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/json
content-length: 172
last-modified: Tue, 24 Jan 2023 03:07:04 GMT
etag: "63cf4b58-ac"
expires: Mon, 30 Jan 2023 06:02:43 GMT
cache-control: max-age=10
pragma: public
accept-ranges: bytes
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 05:46:59 GMT
expires: Mon, 30 Jan 2023 07:46:59 GMT
cache-control: public, max-age=7200
age: 934
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
creative.live.tktube.com/widgets/v4/Universal/main.33831b792a3809ba493a.css
200 OK 4.6 kB URL HTTP/2 creative.live.tktube.com/widgets/v4/Universal/main.33831b792a3809ba493a.css
IP
ASN #39572 DataWeb Global Group B.V.
Hash 9f26a45a3c1c21fccf0af2a64bd29885
839972611b0d802c2154410169584d5605602b62
26414d2f1b0301bb05bc3e6c45a56e8f75efa01daf488ba3dd2ea9d386db531b
GET /widgets/v4/Universal/main.33831b792a3809ba493a.css HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.live.tktube.com/widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 24 Jan 2023 03:09:56 GMT
etag: W/"63cf4c04-3403"
expires: Mon, 30 Jan 2023 06:02:43 GMT
cache-control: max-age=10
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 17:09:34 GMT
expires: Tue, 23 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
age: 564779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5833ebad0acb659b1e97ca9beb8d5ca7
11c800e9843adb48b3718463e4019aca1df96f9d
2cde2e64f61c4256807f64e45d8931048a1b3bd6a3ef12bf24061a6da086fd5c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 05:56:26 GMT
Expires: Fri, 03 Feb 2023 05:56:25 GMT
Etag: "11c800e9843adb48b3718463e4019aca1df96f9d"
Cache-Control: max-age=344631,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7917ffd66fffb51b-OSL
cdn.tsyndicate.com/sdk/v1/bi.js
200 OK 3.3 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/bi.js
IP
File type C source, ASCII text, with very long lines (7738)
Hash 8451e5dafd8a46d84dfb845e40aae4e3
678a14552fe93ad4a16459eb7ce62c03b46b33b8
ca130d9f8ce433253a9bd811632314ea5d20283d7e5c9117170523d21196268d
GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/javascript
content-length: 3312
last-modified: Fri, 16 Dec 2022 12:41:56 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"639c6794-1e83"
age: 3863349
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 92408803e3a56bf9c29d241a60bc07ce
d68b404d7b51432a8fdca70a6ecfcfaea841b1b9
64edeb4de4110c283651d99e6fe1ecc057acb83af12b3788e227111bd14441ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64EDEB4DE4110C283651D99E6FE1ECC057ACB83AF12B3788E227111BD14441AC"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8140
Expires: Mon, 30 Jan 2023 08:18:13 GMT
Date: Mon, 30 Jan 2023 06:02:33 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 0e90c9d5521358d2754bbad686a2e9c1
013349b8f38535bae1e197d5d96d86d17d5a1ef0
47bb6aa901220aeab3800d1ea88eb456cfe3ea337f12c059d9549fa6bd8064ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118845
Date: Mon, 30 Jan 2023 06:02:33 GMT
Etag: "63d67516-1d7"
Expires: Tue, 31 Jan 2023 15:03:18 GMT
Last-Modified: Sun, 29 Jan 2023 13:31:02 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 52YveT01189wbi-mMn5Blc0Z-ZMm4HxOTyWeS6CZVsmXHLNoAFR2lw==
Age: 5536
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bb1e6c5692e583df480f1a84a53b7573
cda12127c0ea5b3bcb01bfc534404c0ca8e4b819
3ae36a64c1afb6a24c6678d69c2bc626bfa73466ed52b7fcb76d74a001e4220c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AE36A64C1AFB6A24C6678D69C2BC626BFA73466ED52B7FCB76D74A001E4220C"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14188
Expires: Mon, 30 Jan 2023 09:59:01 GMT
Date: Mon, 30 Jan 2023 06:02:33 GMT
Connection: keep-alive
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 87a0fb3cacf2a33a55c99fdbff6aec42
6929f787eb077e07976d32aeb7bd6efd267f9b93
491196afcca69bd8d2d7bab8b0187ff912d789dbc8cfc4936aebcfd965e5f13d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tktube.com
access-control-allow-credentials: true
set-cookie: uid_id2=195081c9-c768-42fb-b9de-b27d8655c8bb:2:1; expires=Thu, 27 Jan 2033 06:02:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
sstatic1.histats.com/0.gif?4360397&101
200 OK 43 B URL HTTP/1.1 sstatic1.histats.com/0.gif?4360397&101
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /0.gif?4360397&101 HTTP/1.1
Host: sstatic1.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=The,TKTube,team,always,updating,and,adding,more,porn,videos,every,day,all,here,and,100,free,porn,TKTube,have,more,than,100k,free,adult,videos,JAV,Uncensored,&subid=1843465-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
200 OK 2.6 kB URL HTTP/2 tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=The,TKTube,team,always,updating,and,adding,more,porn,videos,every,day,all,here,and,100,free,porn,TKTube,have,more,than,100k,free,adult,videos,JAV,Uncensored,&subid=1843465-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3964)
Hash c01c9bd9c0f66015f94cc74d18c7715a
9a5699355c641879fbcaf6189d5d1ffa5efefcac
d03a2b4af603c1e34ce6e2851276c2968072cf7f08a4682deca1654a6cb5df68
GET /iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=The,TKTube,team,always,updating,and,adding,more,porn,videos,every,day,all,here,and,100,free,porn,TKTube,have,more,than,100k,free,adult,videos,JAV,Uncensored,&subid=1843465-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: bb15282df13fcbb9
set-cookie: ts_uid=0a8e1c62-bb81-4290-8ad6-6031b6f0186c; expires=Sun, 30 Jul 2023 06:02:33 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCx5YZMWLcsFHDRhcWIsYU3BLjoYgyE2PYuFEjBg0aOWrM6NJH; expires=Tue, 31 Jan 2023 06:02:33 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
stenchdaltonrunaway.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
200 OK 29 kB URL HTTP/1.1 stenchdaltonrunaway.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 8d8e5eb19bb8504be5b391908cdcccfb
f53a777487f65a42f968d8d2996c851c6f8bd551
ac95a1db67ad16448fd9af0b309920587e788d17e33f1d7011e558202f710f7a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js HTTP/1.1
Host: stenchdaltonrunaway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 636f86d70698e6326503f153bc70bfda
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OTWoDMQxGr9ILjPn0N5az7rqFhB5g7Lib0nbRBFLQ4WtPoMQP44etTxaDZQEtgifQAXwQiUKpICknMo2X12MoxeXjcq09te/PUHU1ikys8HAXNg6Fro41bFwZ5exAZHdF5nU8hgQGbKI6LQFc2CJbvJ2e900DDgFubBg+Pw5G6HDcZhqdM5fWSyVuJm7SkUuvFUJCewiPg+JOynzvjX8W2o+xELttP79fLeKhZGJ7aAygOpsH2uZ87q2KDBPfcG5rrwBtvb4z/gABsJ/lTQEAAA==
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OTWoDMQxGr9ILjPn0N5az7rqFhB5g7Lib0nbRBFLQ4WtPoMQP44etTxaDZQEtgifQAXwQiUKpICknMo2X12MoxeXjcq09te/PUHU1ikys8HAXNg6Fro41bFwZ5exAZHdF5nU8hgQGbKI6LQFc2CJbvJ2e900DDgFubBg+Pw5G6HDcZhqdM5fWSyVuJm7SkUuvFUJCewiPg+JOynzvjX8W2o+xELttP79fLeKhZGJ7aAygOpsH2uZ87q2KDBPfcG5rrwBtvb4z/gABsJ/lTQEAAA==
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02OTWoDMQxGr9ILjPn0N5az7rqFhB5g7Lib0nbRBFLQ4WtPoMQP44etTxaDZQEtgifQAXwQiUKpICknMo2X12MoxeXjcq09te/PUHU1ikys8HAXNg6Fro41bFwZ5exAZHdF5nU8hgQGbKI6LQFc2CJbvJ2e900DDgFubBg+Pw5G6HDcZhqdM5fWSyVuJm7SkUuvFUJCewiPg+JOynzvjX8W2o+xELttP79fLeKhZGJ7aAygOpsH2uZ87q2KDBPfcG5rrwBtvb4z/gABsJ/lTQEAAA== HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263d75d78de3257.03125866414920374%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://tktube.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Wed, 29 Jan 2025 06:02:33 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
nudgeworry.com/pixel/purst?dl=0&th=0&sc=0&rs=1482&rd=1482&fd=943&bv=22.10.v.10&tmpl=136
200 OK 0 B URL HTTP/1.1 nudgeworry.com/pixel/purst?dl=0&th=0&sc=0&rs=1482&rd=1482&fd=943&bv=22.10.v.10&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1482&rd=1482&fd=943&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
creative.live.tktube.com/widgets/Spot/core.8279fceb3a9052568651.js
200 OK 2.8 kB URL HTTP/2 creative.live.tktube.com/widgets/Spot/core.8279fceb3a9052568651.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (2766), with no line terminators
Hash 359b2afbdaf130c58ef26d4b5d79af6b
3f32573c560f6d3092dfaca0b2c67e47039ffb61
5b296fcc39a5a66d7b9e1865e47cbda9b5a90bf8d4f45f30ae034a1827f1396c
GET /widgets/Spot/core.8279fceb3a9052568651.js HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1675058564.1.0.1675058564.0.0.0; _ga=GA1.2.1458310837.1675058564; _gid=GA1.2.134327084.1675058564; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 2766
last-modified: Tue, 24 Jan 2023 03:09:56 GMT
etag: "63cf4c04-ace"
expires: Mon, 30 Jan 2023 06:02:43 GMT
cache-control: max-age=10
pragma: public
accept-ranges: bytes
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
X-Firefox-Spdy: h2
go.live.tktube.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=1
200 OK 1.7 kB URL HTTP/2 go.live.tktube.com/api/models?tag=girls&forceClient=1&stripcashR=0&limit=1
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (1730), with no line terminators
Hash 0ce08667e8dc6c38b1be235e72cf054c
dfa8c755fce4e45cfa06825ea51c3c5b0b2bfcbd
18b1e15606f6301dc5ff9367a6b89f4bb8a22136d0ff5f9260c7268cfc46565f
GET /api/models?tag=girls&forceClient=1&stripcashR=0&limit=1 HTTP/1.1
Host: go.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Origin: https://tktube.com
Connection: keep-alive
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1675058564.1.0.1675058564.0.0.0; _ga=GA1.2.1458310837.1675058564; _gid=GA1.2.134327084.1675058564; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/json
content-length: 1730
strict-transport-security: max-age=15768000
access-control-allow-origin: https://tktube.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OTUpEMRCEr+IFXqj+Syezdq2geICXEDeiLpyBEfrwJm9Apj+aFElXpRksG2gTPIBO4JNIVEoVSTmRaTw9v4RSnD/OlzZS//4M1aJG4cSKEqUIG4dCc0EOm1dG7gUIL0XhXOZjSGDCJqpLJUDAFm7x9vp4NE04BLiyYer1cTBCp8Z1uTHYufZRG3E3KSYDXkdrEBI6TLhfFDeS4ZaNfzY6jlmIQ+0/v1894m5kYYdpLqC6wqN2qT03lffhtO+VgMxa0PLO3j3/AdektMxNAQAA
200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02OTUpEMRCEr+IFXqj+Syezdq2geICXEDeiLpyBEfrwJm9Apj+aFElXpRksG2gTPIBO4JNIVEoVSTmRaTw9v4RSnD/OlzZS//4M1aJG4cSKEqUIG4dCc0EOm1dG7gUIL0XhXOZjSGDCJqpLJUDAFm7x9vp4NE04BLiyYer1cTBCp8Z1uTHYufZRG3E3KSYDXkdrEBI6TLhfFDeS4ZaNfzY6jlmIQ+0/v1894m5kYYdpLqC6wqN2qT03lffhtO+VgMxa0PLO3j3/AdektMxNAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02OTUpEMRCEr+IFXqj+Syezdq2geICXEDeiLpyBEfrwJm9Apj+aFElXpRksG2gTPIBO4JNIVEoVSTmRaTw9v4RSnD/OlzZS//4M1aJG4cSKEqUIG4dCc0EOm1dG7gUIL0XhXOZjSGDCJqpLJUDAFm7x9vp4NE04BLiyYer1cTBCp8Z1uTHYufZRG3E3KSYDXkdrEBI6TLhfFDeS4ZaNfzY6jlmIQ+0/v1894m5kYYdpLqC6wqN2qT03lffhtO+VgMxa0PLO3j3/AdektMxNAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%2263d75d78de3257.03125866414920374%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://tktube.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Wed, 29 Jan 2025 06:02:33 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
urimnugocfr.com/lv/esnk/1922602/code.js
200 OK 43 kB URL HTTP/2 urimnugocfr.com/lv/esnk/1922602/code.js
IP
File type ASCII text, with very long lines (65530)
Hash ad9cd1628f68a0cb406e932f1375f9a9
cfa3be56377ec51a56f485f8838da9e252e223d3
a27fbdf4927b6c467a09a7cd113464358557c6cd7c598ac0f667879eef21d9b4
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1922602/code.js HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: UID=2301300102b2fbcbd564a242149c6b500727
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-1a2c5"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=864813
200 OK 1.5 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=864813
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (401), with CRLF, LF line terminators
Hash a37df88366545fb98c9f55ea42ea8b6c
6c0fd2f58620e627a854777f6271f577e13bb2c5
9398784bdab16c09f3460a2c3a471dc6e00a4ddcb3148e08899068377fe22f7a
GET /adshow.php?adzone=864813 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; expires=Tue, 30-Jan-2024 06:02:33 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps47386=1; expires=Tue, 31-Jan-2023 06:02:33 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEzMTk2ODM7aToxNjc1MzE3NzUzO30%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
kiynew.com/admc?a=2&pid=1140950&sid=1173724&wid=401118&fp=9e4947f35751465411fd1a4f5c358c78&tz=0
200 OK 4.4 kB URL HTTP/2 kiynew.com/admc?a=2&pid=1140950&sid=1173724&wid=401118&fp=9e4947f35751465411fd1a4f5c358c78&tz=0
IP
ASN #39572 DataWeb Global Group B.V.
Hash cb5884083ed365cdf50a7af18cc22627
8f8bfe44d7e9d96940c87e03b496576d2f9f6a54
c7eb93f2ae096d7ae66d893b506bc0c7189eef03bb7fce3fea9bbe199af8ebad
GET /admc?a=2&pid=1140950&sid=1173724&wid=401118&fp=9e4947f35751465411fd1a4f5c358c78&tz=0 HTTP/1.1
Host: kiynew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Origin: https://tktube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 30 Jan 2023 06:02:33 GMT
content-length: 0
access-control-allow-origin: https://tktube.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/0823ddfbbed3b0112ae4193bff0044adfaef5759.gif
200 OK 72 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/0823ddfbbed3b0112ae4193bff0044adfaef5759.gif
IP
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 300 x 250\012- data
Hash cf340b46c32f856a3d3682fa07bc7ad1
0823ddfbbed3b0112ae4193bff0044adfaef5759
1c2bacc7a287a9e6dee066c2bdb857cb42c2f1ea92130312c7e61e5db3950da3
GET /library/448451/0823ddfbbed3b0112ae4193bff0044adfaef5759.gif HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: image/gif
content-length: 71800
last-modified: Sat, 28 Jan 2023 20:21:35 GMT
etag: "63d583cf-11878"
expires: Sun, 28 Jan 2024 20:35:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1706474463
server: CDN77-Turbo
x-77-nzt: AblMCQ2XdOr/GtUBAA
x-77-nzt-ray: c0a4cc288d40f8d7795dd7635ef97d39
x-cache: HIT
x-age: 120090
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 87a0fb3cacf2a33a55c99fdbff6aec42
6929f787eb077e07976d32aeb7bd6efd267f9b93
491196afcca69bd8d2d7bab8b0187ff912d789dbc8cfc4936aebcfd965e5f13d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Cookie: uid_id2=195081c9-c768-42fb-b9de-b27d8655c8bb:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tktube.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/19e50e0fb4d0a3ab37cd6c417b424fa12312b487.webp
200 OK 10 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/19e50e0fb4d0a3ab37cd6c417b424fa12312b487.webp
IP
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0e06150789b63a1b3481343fc88e3cd4
19e50e0fb4d0a3ab37cd6c417b424fa12312b487
c55ca475e359fc82ba20e32e5868eb81e446bc0a41dde3aba44e1e14ef2d2b20
GET /library/448451/19e50e0fb4d0a3ab37cd6c417b424fa12312b487.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: image/webp
content-length: 10080
last-modified: Tue, 09 Aug 2022 11:10:25 GMT
etag: "62f240a1-2760"
expires: Sat, 20 Jan 2024 09:07:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1706473684
server: CDN77-Turbo
x-77-nzt: AblMCQ0p+YT/JdgBAA
x-77-nzt-ray: c0a4cc288d40f8d7795dd7635b8aa039
x-cache: HIT
x-age: 120869
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4
206 Partial Content 22 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 7aab39bd95f3b8fe10a021cef327eee8
8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5
0405eb10aa1fce693abb9d60fbfbb1f82f07b6a72692d0addf003449d11b79eb
GET /library/448451/8a1ab23f9eb4b4c8d480ee9c0b703427c91a02d5.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: video/mp4
content-length: 21956
last-modified: Fri, 29 Jul 2022 16:34:04 GMT
etag: "62e40bfc-55c4"
expires: Sat, 29 Jul 2023 16:45:10 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1690649128
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ22bx7/0U7zAA
x-77-nzt-ray: c0a4cc288d40f8d7795dd7634b9aa939
x-cache: HIT
x-age: 15945425
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-21955/21956
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/366026/43c35669aea6adb2d7b41a79dbb407a74156e5f1.mp4
206 Partial Content 10 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/366026/43c35669aea6adb2d7b41a79dbb407a74156e5f1.mp4
IP
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 7784b86108b5501c39660e5c19e3bf06
43c35669aea6adb2d7b41a79dbb407a74156e5f1
20cb3b5dc47db843f30bbe415f7f6423cda6e6a7abd839b93c89ad85260b3ecc
GET /library/366026/43c35669aea6adb2d7b41a79dbb407a74156e5f1.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: video/mp4
content-length: 10177
last-modified: Mon, 14 Sep 2020 14:01:58 GMT
etag: "5f5f77d6-27c1"
expires: Fri, 30 Jun 2023 12:55:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195488
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2YH8z/Wb8YAQ
x-77-nzt-ray: c0a4cc288d40f8d7795dd7638deec839
x-cache: HIT
x-age: 18399065
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-10176/10177
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=1006431
200 OK 1.8 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=1006431
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1628), with CRLF, LF line terminators
Hash 340468f64de103d8b2e9afee170d623b
762e872616335f7c9722237a68c46223b6feab8d
66c3b0d9e9a241ce0139761d2d9d7ccec4ede67166f8249c0954b9e72f4d8f14
GET /adshow.php?adzone=1006431 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; expires=Tue, 30-Jan-2024 06:02:33 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps9183=1; expires=Tue, 31-Jan-2023 06:02:33 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjI5MDIzNTtpOjE2NzUzMTc3NTM7fQ%3D%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
creative.live.tktube.com/widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js
200 OK 2.8 kB URL HTTP/2 creative.live.tktube.com/widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (2765), with no line terminators
Hash 04858ac9c25001f90dcba24d977ed1ae
e7f9aefbd27bcc209370c1531f48f05536cc7cc0
cec3e1b294aacb72051196b3da423f849d0c21c3a953712b59a00f3d56ac2d98
GET /widgets/v4/Universal/core.632b1f6bbf8af8a4b6ac.js HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.live.tktube.com/widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1675058564.1.0.1675058564.0.0.0; _ga=GA1.2.1458310837.1675058564; _gid=GA1.2.134327084.1675058564; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 2765
last-modified: Tue, 24 Jan 2023 03:09:56 GMT
etag: "63cf4c04-acd"
expires: Mon, 30 Jan 2023 06:02:44 GMT
cache-control: max-age=10
pragma: public
accept-ranges: bytes
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png
200 OK 27 kB URL HTTP/2 cdn.pncloudfl.com/pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0bc7572129e84749c119db04346b0f07
bf8ae67f194c2faeb6a47d419d130dde27b9ae6f
6363f6dc72449ab775a6af3103e61617ecf70ebb8140996b9384a3eaa8b3698d
GET /pn/b0a/10a/a6c/b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/webp
content-length: 26892
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=70331
content-disposition: inline; filename="b0a10aa6c9f37143f4a63e2bb1bfb8be79b3ef4b.webp"
etag: def74d9769fe75363891a2868865d99a
expires: Mon, 30 Jan 2023 21:53:32 GMT
last-modified: Tue, 22 Nov 2022 09:19:36 GMT
vary: Accept
x-openstack-request-id: txa3bf70e532dd40ea8f5b2-00637c9634
x-proxy-cache: HIT
x-timestamp: 1669108775.40440
x-trans-id: txa3bf70e532dd40ea8f5b2-00637c9634
cf-cache-status: HIT
age: 115742
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 7917ffdaa8c9b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
urimnugocfr.com/chicken.gif?z=1922602&pb=af4bc07d26d3bae3bda2e957ed26886a1675065753&psp=mI8VEgIU-2RK7VwhLKjrf0kegYb6hG9UVTQ_gLBCjBwoHTNlLBaCR3DIRU6TRxd-18M6dn37ygRc2NwcSYUuM3KwAHUQ0Y1m03gnMH95LFHEvDZTcb24kAIgGELPphc5frE9Ze7JoJ1AIbVpv3Dkz0HNNDsOw024ROIyrvu4noqlvHg8tH7zqTYHQf9tE-NSw8aVtSzoBxHyquACGWywoSTbj_JpoImcz_TRRueTKM2SQD7NcEQBZiloUVp9rTsmuSpazwVVz70BfARskSU_0zQROh8HNzwj_Jm3sHSC_h0_Pr2OH5PS-EwTp-D47ZhyZvSKKpPH1gnagxDj0w6ux3IPOhnkDZC_0cGm5E2Hmun92yMKk_dpe6BHRTxZijwIQ1s1-XA5nf0Kvn4NeXTSo5RlWYma1Hm15rM73farePCtKWEWn0HF3hopngCUSrH1KhKZHHXjUk5GtZ5d2a2nk-uQigBvLhUCh6Rp8EhnYZDUV4BLdPaTyOKM2V7RKnb8q-Vc2L4wq0EUOIt-1Eq6ZnD9plti4cfOjLFMGP3NqyMk9Bj0qn_6EXqH_zE-_hjKqNVi_kOTQ7886jpT7zLlHwp1wIRbC8B98zWbV0a4toKgixj3Up2Y2ZABoE7kJsS10OIIAQyPGodhI5puGnP1PBr66T-db3iXnmAvsPy4XecXGfAoCM4Hz7arEfZDysqklINjzwcautXLNNqIMKu2bPCzfWUodrnTUQCt8NyCUwCzjuWiQwxiDS05xCUojiYykWBtSH7BRhLBAKAi3rNq-r1KcIs2dxqsD8JnsHHfb_mZYp9O4CGFSPbT7DihWCR6ZNYS-cqkS1y5EUgt6hJz2yTJZ7IiN_rxglvHtPL2adwgXYSwZV9a-jB2PDFB-qr3kKLqbWbdnalEgQfU9kg_dzeTUhXkGW01X2NUgAKEyuzaAPFaECQZIQWQcw0ymdN-9KLKn4CBAS8YZo8=&abvar=0&os=0
200 OK 43 B URL HTTP/2 urimnugocfr.com/chicken.gif?z=1922602&pb=af4bc07d26d3bae3bda2e957ed26886a1675065753&psp=mI8VEgIU-2RK7VwhLKjrf0kegYb6hG9UVTQ_gLBCjBwoHTNlLBaCR3DIRU6TRxd-18M6dn37ygRc2NwcSYUuM3KwAHUQ0Y1m03gnMH95LFHEvDZTcb24kAIgGELPphc5frE9Ze7JoJ1AIbVpv3Dkz0HNNDsOw024ROIyrvu4noqlvHg8tH7zqTYHQf9tE-NSw8aVtSzoBxHyquACGWywoSTbj_JpoImcz_TRRueTKM2SQD7NcEQBZiloUVp9rTsmuSpazwVVz70BfARskSU_0zQROh8HNzwj_Jm3sHSC_h0_Pr2OH5PS-EwTp-D47ZhyZvSKKpPH1gnagxDj0w6ux3IPOhnkDZC_0cGm5E2Hmun92yMKk_dpe6BHRTxZijwIQ1s1-XA5nf0Kvn4NeXTSo5RlWYma1Hm15rM73farePCtKWEWn0HF3hopngCUSrH1KhKZHHXjUk5GtZ5d2a2nk-uQigBvLhUCh6Rp8EhnYZDUV4BLdPaTyOKM2V7RKnb8q-Vc2L4wq0EUOIt-1Eq6ZnD9plti4cfOjLFMGP3NqyMk9Bj0qn_6EXqH_zE-_hjKqNVi_kOTQ7886jpT7zLlHwp1wIRbC8B98zWbV0a4toKgixj3Up2Y2ZABoE7kJsS10OIIAQyPGodhI5puGnP1PBr66T-db3iXnmAvsPy4XecXGfAoCM4Hz7arEfZDysqklINjzwcautXLNNqIMKu2bPCzfWUodrnTUQCt8NyCUwCzjuWiQwxiDS05xCUojiYykWBtSH7BRhLBAKAi3rNq-r1KcIs2dxqsD8JnsHHfb_mZYp9O4CGFSPbT7DihWCR6ZNYS-cqkS1y5EUgt6hJz2yTJZ7IiN_rxglvHtPL2adwgXYSwZV9a-jB2PDFB-qr3kKLqbWbdnalEgQfU9kg_dzeTUhXkGW01X2NUgAKEyuzaAPFaECQZIQWQcw0ymdN-9KLKn4CBAS8YZo8=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1922602&pb=af4bc07d26d3bae3bda2e957ed26886a1675065753&psp=mI8VEgIU-2RK7VwhLKjrf0kegYb6hG9UVTQ_gLBCjBwoHTNlLBaCR3DIRU6TRxd-18M6dn37ygRc2NwcSYUuM3KwAHUQ0Y1m03gnMH95LFHEvDZTcb24kAIgGELPphc5frE9Ze7JoJ1AIbVpv3Dkz0HNNDsOw024ROIyrvu4noqlvHg8tH7zqTYHQf9tE-NSw8aVtSzoBxHyquACGWywoSTbj_JpoImcz_TRRueTKM2SQD7NcEQBZiloUVp9rTsmuSpazwVVz70BfARskSU_0zQROh8HNzwj_Jm3sHSC_h0_Pr2OH5PS-EwTp-D47ZhyZvSKKpPH1gnagxDj0w6ux3IPOhnkDZC_0cGm5E2Hmun92yMKk_dpe6BHRTxZijwIQ1s1-XA5nf0Kvn4NeXTSo5RlWYma1Hm15rM73farePCtKWEWn0HF3hopngCUSrH1KhKZHHXjUk5GtZ5d2a2nk-uQigBvLhUCh6Rp8EhnYZDUV4BLdPaTyOKM2V7RKnb8q-Vc2L4wq0EUOIt-1Eq6ZnD9plti4cfOjLFMGP3NqyMk9Bj0qn_6EXqH_zE-_hjKqNVi_kOTQ7886jpT7zLlHwp1wIRbC8B98zWbV0a4toKgixj3Up2Y2ZABoE7kJsS10OIIAQyPGodhI5puGnP1PBr66T-db3iXnmAvsPy4XecXGfAoCM4Hz7arEfZDysqklINjzwcautXLNNqIMKu2bPCzfWUodrnTUQCt8NyCUwCzjuWiQwxiDS05xCUojiYykWBtSH7BRhLBAKAi3rNq-r1KcIs2dxqsD8JnsHHfb_mZYp9O4CGFSPbT7DihWCR6ZNYS-cqkS1y5EUgt6hJz2yTJZ7IiN_rxglvHtPL2adwgXYSwZV9a-jB2PDFB-qr3kKLqbWbdnalEgQfU9kg_dzeTUhXkGW01X2NUgAKEyuzaAPFaECQZIQWQcw0ymdN-9KLKn4CBAS8YZo8=&abvar=0&os=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301300102b2fbcbd564a242149c6b500727
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACMMIAAAAAAAAAAB; Path=/; Expires=Wed, 01 Mar 2023 06:02:34 GMT; Secure; SameSite=None
OACIBLOCK=ACMMIAAAAABj11zg; Path=/; Expires=Wed, 01 Mar 2023 06:02:34 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Tue, 31 Jan 2023 06:02:34 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/whob.gif?z=1922602&pb=af4bc07d26d3bae3bda2e957ed26886a1675065753&psp=mI8VEgIU-2RK7VwhLKjrf0kegYb6hG9UVTQ_gLBCjBwoHTNlLBaCR3DIRU6TRxd-18M6dn37ygRc2NwcSYUuM3KwAHUQ0Y1m03gnMH95LFHEvDZTcb24kAIgGELPphc5frE9Ze7JoJ1AIbVpv3Dkz0HNNDsOw024ROIyrvu4noqlvHg8tH7zqTYHQf9tE-NSw8aVtSzoBxHyquACGWywoSTbj_JpoImcz_TRRueTKM2SQD7NcEQBZiloUVp9rTsmuSpazwVVz70BfARskSU_0zQROh8HNzwj_Jm3sHSC_h0_Pr2OH5PS-EwTp-D47ZhyZvSKKpPH1gnagxDj0w6ux3IPOhnkDZC_0cGm5E2Hmun92yMKk_dpe6BHRTxZijwIQ1s1-XA5nf0Kvn4NeXTSo5RlWYma1Hm15rM73farePCtKWEWn0HF3hopngCUSrH1KhKZHHXjUk5GtZ5d2a2nk-uQigBvLhUCh6Rp8EhnYZDUV4BLdPaTyOKM2V7RKnb8q-Vc2L4wq0EUOIt-1Eq6ZnD9plti4cfOjLFMGP3NqyMk9Bj0qn_6EXqH_zE-_hjKqNVi_kOTQ7886jpT7zLlHwp1wIRbC8B98zWbV0a4toKgixj3Up2Y2ZABoE7kJsS10OIIAQyPGodhI5puGnP1PBr66T-db3iXnmAvsPy4XecXGfAoCM4Hz7arEfZDysqklINjzwcautXLNNqIMKu2bPCzfWUodrnTUQCt8NyCUwCzjuWiQwxiDS05xCUojiYykWBtSH7BRhLBAKAi3rNq-r1KcIs2dxqsD8JnsHHfb_mZYp9O4CGFSPbT7DihWCR6ZNYS-cqkS1y5EUgt6hJz2yTJZ7IiN_rxglvHtPL2adwgXYSwZV9a-jB2PDFB-qr3kKLqbWbdnalEgQfU9kg_dzeTUhXkGW01X2NUgAKEyuzaAPFaECQZIQWQcw0ymdN-9KLKn4CBAS8YZo8=&abvar=0&os=0
200 OK 43 B URL HTTP/2 urimnugocfr.com/whob.gif?z=1922602&pb=af4bc07d26d3bae3bda2e957ed26886a1675065753&psp=mI8VEgIU-2RK7VwhLKjrf0kegYb6hG9UVTQ_gLBCjBwoHTNlLBaCR3DIRU6TRxd-18M6dn37ygRc2NwcSYUuM3KwAHUQ0Y1m03gnMH95LFHEvDZTcb24kAIgGELPphc5frE9Ze7JoJ1AIbVpv3Dkz0HNNDsOw024ROIyrvu4noqlvHg8tH7zqTYHQf9tE-NSw8aVtSzoBxHyquACGWywoSTbj_JpoImcz_TRRueTKM2SQD7NcEQBZiloUVp9rTsmuSpazwVVz70BfARskSU_0zQROh8HNzwj_Jm3sHSC_h0_Pr2OH5PS-EwTp-D47ZhyZvSKKpPH1gnagxDj0w6ux3IPOhnkDZC_0cGm5E2Hmun92yMKk_dpe6BHRTxZijwIQ1s1-XA5nf0Kvn4NeXTSo5RlWYma1Hm15rM73farePCtKWEWn0HF3hopngCUSrH1KhKZHHXjUk5GtZ5d2a2nk-uQigBvLhUCh6Rp8EhnYZDUV4BLdPaTyOKM2V7RKnb8q-Vc2L4wq0EUOIt-1Eq6ZnD9plti4cfOjLFMGP3NqyMk9Bj0qn_6EXqH_zE-_hjKqNVi_kOTQ7886jpT7zLlHwp1wIRbC8B98zWbV0a4toKgixj3Up2Y2ZABoE7kJsS10OIIAQyPGodhI5puGnP1PBr66T-db3iXnmAvsPy4XecXGfAoCM4Hz7arEfZDysqklINjzwcautXLNNqIMKu2bPCzfWUodrnTUQCt8NyCUwCzjuWiQwxiDS05xCUojiYykWBtSH7BRhLBAKAi3rNq-r1KcIs2dxqsD8JnsHHfb_mZYp9O4CGFSPbT7DihWCR6ZNYS-cqkS1y5EUgt6hJz2yTJZ7IiN_rxglvHtPL2adwgXYSwZV9a-jB2PDFB-qr3kKLqbWbdnalEgQfU9kg_dzeTUhXkGW01X2NUgAKEyuzaAPFaECQZIQWQcw0ymdN-9KLKn4CBAS8YZo8=&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1922602&pb=af4bc07d26d3bae3bda2e957ed26886a1675065753&psp=mI8VEgIU-2RK7VwhLKjrf0kegYb6hG9UVTQ_gLBCjBwoHTNlLBaCR3DIRU6TRxd-18M6dn37ygRc2NwcSYUuM3KwAHUQ0Y1m03gnMH95LFHEvDZTcb24kAIgGELPphc5frE9Ze7JoJ1AIbVpv3Dkz0HNNDsOw024ROIyrvu4noqlvHg8tH7zqTYHQf9tE-NSw8aVtSzoBxHyquACGWywoSTbj_JpoImcz_TRRueTKM2SQD7NcEQBZiloUVp9rTsmuSpazwVVz70BfARskSU_0zQROh8HNzwj_Jm3sHSC_h0_Pr2OH5PS-EwTp-D47ZhyZvSKKpPH1gnagxDj0w6ux3IPOhnkDZC_0cGm5E2Hmun92yMKk_dpe6BHRTxZijwIQ1s1-XA5nf0Kvn4NeXTSo5RlWYma1Hm15rM73farePCtKWEWn0HF3hopngCUSrH1KhKZHHXjUk5GtZ5d2a2nk-uQigBvLhUCh6Rp8EhnYZDUV4BLdPaTyOKM2V7RKnb8q-Vc2L4wq0EUOIt-1Eq6ZnD9plti4cfOjLFMGP3NqyMk9Bj0qn_6EXqH_zE-_hjKqNVi_kOTQ7886jpT7zLlHwp1wIRbC8B98zWbV0a4toKgixj3Up2Y2ZABoE7kJsS10OIIAQyPGodhI5puGnP1PBr66T-db3iXnmAvsPy4XecXGfAoCM4Hz7arEfZDysqklINjzwcautXLNNqIMKu2bPCzfWUodrnTUQCt8NyCUwCzjuWiQwxiDS05xCUojiYykWBtSH7BRhLBAKAi3rNq-r1KcIs2dxqsD8JnsHHfb_mZYp9O4CGFSPbT7DihWCR6ZNYS-cqkS1y5EUgt6hJz2yTJZ7IiN_rxglvHtPL2adwgXYSwZV9a-jB2PDFB-qr3kKLqbWbdnalEgQfU9kg_dzeTUhXkGW01X2NUgAKEyuzaAPFaECQZIQWQcw0ymdN-9KLKn4CBAS8YZo8=&abvar=0&os=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301300102b2fbcbd564a242149c6b500727
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
i.jads.co/network/user81419/47386-1642692305-0839407001642692305.gif
200 OK 95 kB URL HTTP/2 i.jads.co/network/user81419/47386-1642692305-0839407001642692305.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Hash 86c41d07ae1bb1676c7a64d0b5ef44b2
eba7c41a1772c94efb7b89b1e40277741cbfc8fb
57c40ba7ac70b86f5f2f497595be8747d32ba1ca0f6cba6630ebbdb915b08238
GET /network/user81419/47386-1642692305-0839407001642692305.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; imps47386=1; juicy_data_1=YToxOntpOjEzMTk2ODM7aToxNjc1MzE3NzUzO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
etag: "1642692305"
cache-control: max-age=183251
content-length: 95260
content-type: image/gif
last-modified: Thu, 20 Jan 2022 15:25:05 GMT
accept-ranges: bytes
x-hw: 1675058554.dop020.sk1.t,1675058554.cds205.sk1.hn,1675058554.cds069.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user22416/leaderboard-1392051379.jpg
200 OK 41 kB URL HTTP/2 i.jads.co/network/user22416/leaderboard-1392051379.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2014:02:03 12:22:48], baseline, precision 8, 728x90, components 3\012- data
Hash 252c3e225ca4dedb46eabfcc90279c92
3d5511b3720203d568a494f79ac22ba8476c3c45
82fc1983382dabbae669bb1debb2b1db755fabf9d3ff2e01b5389f40149ab2c7
GET /network/user22416/leaderboard-1392051379.jpg HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; imps47386=1; juicy_data_1=YToxOntpOjI5MDIzNTtpOjE2NzUzMTc3NTM7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
etag: "1456947710"
cache-control: max-age=27076132
content-length: 41266
content-type: image/jpeg
last-modified: Wed, 02 Mar 2016 19:41:50 GMT
accept-ranges: bytes
x-hw: 1675058554.dop020.sk1.t,1675058554.cds205.sk1.hn,1675058554.cds001.sk1.c
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 8338da928ed8c81e5c4960d05909101f
6b8948f369889429022b48a65a00e65c6ac94dcc
705dcd16d6bb07f959182ddf94e5253ef394875a0bcce3f95d29fdabb55c3326
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 06:02:34 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 15:56:18 GMT
Expires: Sat, 04 Feb 2023 15:56:17 GMT
Etag: "6b8948f369889429022b48a65a00e65c6ac94dcc"
Cache-Control: max-age=467022,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7917ffd9da85b51b-OSL
i.jads.co/1x1.gif
200 OK 43 B IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 9bb191c6827273aa978cab39a3587950
25d8043336eb799e52b1a0e15ff6b95e09c24e35
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
GET /1x1.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; imps47386=1; juicy_data_1=YToxOntpOjI5MDIzNTtpOjE2NzUzMTc3NTM7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
etag: "1457030838"
cache-control: max-age=12166712
content-length: 43
content-type: image/gif
last-modified: Thu, 03 Mar 2016 18:47:18 GMT
accept-ranges: bytes
x-hw: 1675058554.dop020.sk1.t,1675058554.cds205.sk1.hn,1675058554.cds264.sk1.c
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=0a8e1c62-bb81-4290-8ad6-6031b6f0186c; bfq=APeIECNCx5YZMWLcsFHDRhcWIsYU3BLjoYgyE2PYuFEjBg0aOWrM6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 28324291
accept-ranges: bytes
X-Firefox-Spdy: h2
go.live.tktube.com/abc.gif?userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=videoslider&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&language=en&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=canvas-newAPI&landing=Spot&referrer&i=0&ib=0&filtersMatch=1
200 OK 103 B URL HTTP/2 go.live.tktube.com/abc.gif?userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=videoslider&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&language=en&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=canvas-newAPI&landing=Spot&referrer&i=0&ib=0&filtersMatch=1
IP
ASN #39572 DataWeb Global Group B.V.
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=videoslider&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&language=en&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=canvas-newAPI&landing=Spot&referrer&i=0&ib=0&filtersMatch=1 HTTP/1.1
Host: go.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1675058564.1.0.1675058564.0.0.0; _ga=GA1.2.1458310837.1675058564; _gid=GA1.2.134327084.1675058564; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/gif
content-length: 103
strict-transport-security: max-age=15768000
access-control-allow-credentials: true
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-R6X849L82V>m=2oe1p0&_p=210875623&cid=1458310837.1675058564&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675058564&sct=1&seg=0&dl=https%3A%2F%2Ftktube.com%2Fvideos%2F27875%2Fedda63fb65099eaeb265e00fdd114ffa%2F&dt=%E6%93%8D%E7%BE%8E%E5%A5%B3%E4%B8%8D%E6%88%B4%E5%A5%97&en=page_view&_fv=1&_nsi=1&_ss=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-R6X849L82V>m=2oe1p0&_p=210875623&cid=1458310837.1675058564&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675058564&sct=1&seg=0&dl=https%3A%2F%2Ftktube.com%2Fvideos%2F27875%2Fedda63fb65099eaeb265e00fdd114ffa%2F&dt=%E6%93%8D%E7%BE%8E%E5%A5%B3%E4%B8%8D%E6%88%B4%E5%A5%97&en=page_view&_fv=1&_nsi=1&_ss=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R6X849L82V>m=2oe1p0&_p=210875623&cid=1458310837.1675058564&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675058564&sct=1&seg=0&dl=https%3A%2F%2Ftktube.com%2Fvideos%2F27875%2Fedda63fb65099eaeb265e00fdd114ffa%2F&dt=%E6%93%8D%E7%BE%8E%E5%A5%B3%E4%B8%8D%E6%88%B4%E5%A5%97&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://tktube.com
date: Mon, 30 Jan 2023 06:02:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ab7c061327e6055c81b5adb4534503e3
e7881809f7bc9e808ebaffb0bf5d74515d3c4798
cace1a6a8ec55404139c82ce8310c6df4f59d6363738167f4e49fe4910086875
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACE1A6A8EC55404139C82CE8310C6DF4F59D6363738167F4E49FE4910086875"
Last-Modified: Sun, 29 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12700
Expires: Mon, 30 Jan 2023 09:34:14 GMT
Date: Mon, 30 Jan 2023 06:02:34 GMT
Connection: keep-alive
ocsp.buypass.com/
200 OK 1.7 kB IP
ASN #20940 Akamai International B.V.
Hash eb5327537ab2d54d8eed1f670a799059
5a61a1d81dc000f5922e2af969dd1e12798e267a
4bd3a030ba6092e11c39561e061d2f3692cfeb2fcbee2117cecd70650ada1fbd
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 8915b7f4-ddc5-46de-a47c-6752c185d9d4
Content-Length: 1701
Date: Mon, 30 Jan 2023 06:02:34 GMT
Connection: keep-alive
img.strpst.com/thumbs/1675058461/86188148
200 OK 64 kB URL HTTP/2 img.strpst.com/thumbs/1675058461/86188148
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 6bbc002cc699fe827be3850235a3319f
77e07505533090af5c8c9e1767bb0256b5a1a173
7e28b77b531ffef8ef2a3cc6f4e000b0dd38e169e8f13401bb204b6e34eb94a3
GET /thumbs/1675058461/86188148 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/jpeg
content-length: 64315
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=66717, status=webp_bigger
etag: "2e2101620f8b63166adc68e9032fc371"
last-modified: Mon, 30 Jan 2023 06:00:42 GMT
cf-cache-status: HIT
age: 57
expires: Mon, 30 Jan 2023 06:32:34 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffdb7fd60b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675058461/93944140
200 OK 57 kB URL HTTP/2 img.strpst.com/thumbs/1675058461/93944140
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash ce975a4e92d144c6c7db01c6940b0c95
375bd802be736c1c691a8bd4d46dc636dcbae06a
06e30b6cdba9c85ea2992f1090ed06d1cdcf8157c4fa5ced302a3404cc296d4d
GET /thumbs/1675058461/93944140 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.live.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/jpeg
content-length: 56847
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=58953, status=webp_bigger
etag: "c66479fc13839ed9203c0112ca1bece3"
last-modified: Mon, 30 Jan 2023 06:00:07 GMT
cf-cache-status: HIT
age: 53
expires: Mon, 30 Jan 2023 06:32:34 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffdbbfe90b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.live.tktube.com/thumbs/view
200 OK 85 B URL HTTP/2 go.live.tktube.com/thumbs/view
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text
Hash 325a1be9d10b446d8e846111556e0d40
02e3069642fdeeca05988daa8fa045285667b4ef
a2d2b0b2d2f6bc8b6adfb8281fb2a28b1dd2bc3aad1b56c59765e2efcd54e5c2
POST /thumbs/view HTTP/1.1
Host: go.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tktube.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://tktube.com
Content-Length: 81
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: application/json
content-length: 85
strict-transport-security: max-age=15768000
access-control-allow-origin: https://tktube.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
urimnugocfr.com/get/1922602?zoneid=1922602&jp=_clu4uuhgvnrv4wul86wga0&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6865176079112202
200 OK 1.5 kB URL HTTP/2 urimnugocfr.com/get/1922602?zoneid=1922602&jp=_clu4uuhgvnrv4wul86wga0&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6865176079112202
IP
Hash 62d5cb0825f23d3bf599b09c327c33f6
97b6d61e5dc8daf355a4e35f7606b5625306e76a
c2c6a0f62bed82b47c3e1767cce998f0e6cfcc37d4f3006dbc5f2e8eef777d8c
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1922602?zoneid=1922602&jp=_clu4uuhgvnrv4wul86wga0&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6865176079112202 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: UID=2301300102b2fbcbd564a242149c6b500727
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15157f04a9789629f105eb9dcd42450
755e8929b20af253d243d9529ec7bbeeb818da5d
cce4e9a97ba9e3b2f9c48afc0ad52ab3a2654372fd83b12d4c65ec770d96eaa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCE4E9A97BA9E3B2F9C48AFC0AD52AB3A2654372FD83B12D4C65EC770D96EAA4"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4679
Expires: Mon, 30 Jan 2023 07:20:33 GMT
Date: Mon, 30 Jan 2023 06:02:34 GMT
Connection: keep-alive
mc7clurd09pla4nrtat7ion.com/aas/r45d/vki/1843476/tghr.js
200 OK 28 kB URL HTTP/2 mc7clurd09pla4nrtat7ion.com/aas/r45d/vki/1843476/tghr.js
IP
Hash 0dedff5f3ded6221c918b19ababef9bb
4461a7d5404c3342f87b3086cdcf2a933ea1a684
3fef8760521ce20660d0a438946fc0547f317caca235458f5b412701ee908979
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1843476/tghr.js HTTP/1.1
Host: mc7clurd09pla4nrtat7ion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: application/javascript
last-modified: Fri, 27 Jan 2023 10:36:21 GMT
vary: Accept-Encoding
etag: W/"63d3a925-1149c"
x-js-ab1: var14
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-36407794-11&cid=1458310837.1675058564&jid=2109473967&gjid=1880205908&_gid=134327084.1675058564&_u=YADAAUAAAAAAACAAI~&z=994549467
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-36407794-11&cid=1458310837.1675058564&jid=2109473967&gjid=1880205908&_gid=134327084.1675058564&_u=YADAAUAAAAAAACAAI~&z=994549467
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-36407794-11&cid=1458310837.1675058564&jid=2109473967&gjid=1880205908&_gid=134327084.1675058564&_u=YADAAUAAAAAAACAAI~&z=994549467 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://tktube.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 06:02:34 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mc7clurd09pla4nrtat7ion.com/solid.gif?z=1843476&abvar=14
200 OK 43 B URL HTTP/2 mc7clurd09pla4nrtat7ion.com/solid.gif?z=1843476&abvar=14
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1843476&abvar=14 HTTP/1.1
Host: mc7clurd09pla4nrtat7ion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go.goaserv.com/imp.go?nr=1&xref=E15_Wjnh9eAL-ddJ1oHKfxquCJ59VkrB24EX3SlnXQNo1yn9eEULQnlDp2bY9IpOkHchIKNMovMefz1lZilWhQ_Xj1QpFZR8ID0h0GxlWS0bRzh2rwmzx4gdYkELCvYe7h_imYShNdnveB--3dBmHMPXhEk5Hq9OXh7rtEO3wYq2OTirWW_fhEP8BGsdg5eVUDdAo0FiJhr4Qm9RqbZslSDphFxxFnuUKm9G96HiWIanmmwuYeyZlKPJ0OCuDP5aGxpOX-nBUXW4YxQW3fV3mfmtf3XeZgKHb2E31NJLzpja5f1pcMR9uu4e0CthvUpxlw1tVndTCVLZ-xTGqTEHXdskkVF7dQHSX15ViiJC8BGysqgTIm5AmTASRJO35Iok9O3eNJQPMVH7ysXL2Yxg2yA78-4whoTnXF4PWUV3MEln18Efur8pl4ray1R3fM4lfI4V0HbhQC6kF25lQmDUY6Qk3tivmZYsFZQLTBBPJENHLP4tK5C6dXZi7bqqzz5DkLlaDyOIrp5ph7uuj_dlgO_rMAD7vwVesZ_hYDj0Z3fmwpaM-SSKEAfvBR9537T_3OM0vkhisDKjaa71TXyo-r2UOlGqnIfj4gJa5fDrCfzbqDn3UMTtNLBjDKvex7qPIwdAYrPPKPy2cA3YbEQ2b0MUEdolGixP-MZK00niTmEtZywdbcACl6FKmLxieTh0C1qsT4OqEVv1nEI7PmivlncZQkIijtIlGaLvVKPbgAhCgekK2NKpbgt-M_mHl5u5w5IWEjd7FumgWwbwLlxv1at791EzwmhTqdWX-7gg7TIFIPd5lULMS4htSvy3fYCkAkgWS_UtAHXwoOvt_Tpw88JLaGyhiuLq6Kl0pd2CM4O1zcDoxE1sYhONSDmYSPoFBV7vAzuMckLkrT9Zx6W46l4Yzo5gDjt2mj2PIcZXwQ-1wgJIeg5BXdVJiiSyw_ZZOD-e_tf-ceG3Kw6sVsHL-bxsI7hltwM01yD-vNlnJC6cLZILrOyCZTnucifh41KqN_8exFIMdl3kZ7aLzK46hnv6psw-Oav0T1FlB_1Zz8-tlmDRlqSGYw5-nxbrwtDtViV_JGKyf_w0djz5oboiC4nsZb2ZdRNO9oQif7n0PbjC9wChwhOFJapujG2FzCIpNJjW_ppdzpHOx-Veejx_66yl4oh3ez1Er7HE6WAFvagunp1CCVVPxebU0yaYamEdHwjPUsFTZQ428b02u4fkJvQMKzjiuaE0zqPhkFdmy5z4Lo2yBtjfHZYXNRUfFoI2P9H8mvZIHJNzcqOZTApnXDLw8Jax7wbGLG77GT1EXtnjzZ-E1rJkC0RhRPuX3fPmtr8lDqEi1tEoL13asmI_31-hOK2NxT7DBbiJ2VZqqgC1_EZdzOSR7BHWxVGaPvntT82gNs6Hm0-YKFYLvjUDnEfQjN5_jrE1BzpyRbJb5mbh8-iksBPmxeefI5xNWubqrGqX62YvOb6vIZX6Aph5xFjao3jGDrG2TUvidfHCI59dghw838qzrmaytR693EiTXqPPj4-L4WnAPmxI-bk=
200 OK 0 B URL HTTP/2 go.goaserv.com/imp.go?nr=1&xref=E15_Wjnh9eAL-ddJ1oHKfxquCJ59VkrB24EX3SlnXQNo1yn9eEULQnlDp2bY9IpOkHchIKNMovMefz1lZilWhQ_Xj1QpFZR8ID0h0GxlWS0bRzh2rwmzx4gdYkELCvYe7h_imYShNdnveB--3dBmHMPXhEk5Hq9OXh7rtEO3wYq2OTirWW_fhEP8BGsdg5eVUDdAo0FiJhr4Qm9RqbZslSDphFxxFnuUKm9G96HiWIanmmwuYeyZlKPJ0OCuDP5aGxpOX-nBUXW4YxQW3fV3mfmtf3XeZgKHb2E31NJLzpja5f1pcMR9uu4e0CthvUpxlw1tVndTCVLZ-xTGqTEHXdskkVF7dQHSX15ViiJC8BGysqgTIm5AmTASRJO35Iok9O3eNJQPMVH7ysXL2Yxg2yA78-4whoTnXF4PWUV3MEln18Efur8pl4ray1R3fM4lfI4V0HbhQC6kF25lQmDUY6Qk3tivmZYsFZQLTBBPJENHLP4tK5C6dXZi7bqqzz5DkLlaDyOIrp5ph7uuj_dlgO_rMAD7vwVesZ_hYDj0Z3fmwpaM-SSKEAfvBR9537T_3OM0vkhisDKjaa71TXyo-r2UOlGqnIfj4gJa5fDrCfzbqDn3UMTtNLBjDKvex7qPIwdAYrPPKPy2cA3YbEQ2b0MUEdolGixP-MZK00niTmEtZywdbcACl6FKmLxieTh0C1qsT4OqEVv1nEI7PmivlncZQkIijtIlGaLvVKPbgAhCgekK2NKpbgt-M_mHl5u5w5IWEjd7FumgWwbwLlxv1at791EzwmhTqdWX-7gg7TIFIPd5lULMS4htSvy3fYCkAkgWS_UtAHXwoOvt_Tpw88JLaGyhiuLq6Kl0pd2CM4O1zcDoxE1sYhONSDmYSPoFBV7vAzuMckLkrT9Zx6W46l4Yzo5gDjt2mj2PIcZXwQ-1wgJIeg5BXdVJiiSyw_ZZOD-e_tf-ceG3Kw6sVsHL-bxsI7hltwM01yD-vNlnJC6cLZILrOyCZTnucifh41KqN_8exFIMdl3kZ7aLzK46hnv6psw-Oav0T1FlB_1Zz8-tlmDRlqSGYw5-nxbrwtDtViV_JGKyf_w0djz5oboiC4nsZb2ZdRNO9oQif7n0PbjC9wChwhOFJapujG2FzCIpNJjW_ppdzpHOx-Veejx_66yl4oh3ez1Er7HE6WAFvagunp1CCVVPxebU0yaYamEdHwjPUsFTZQ428b02u4fkJvQMKzjiuaE0zqPhkFdmy5z4Lo2yBtjfHZYXNRUfFoI2P9H8mvZIHJNzcqOZTApnXDLw8Jax7wbGLG77GT1EXtnjzZ-E1rJkC0RhRPuX3fPmtr8lDqEi1tEoL13asmI_31-hOK2NxT7DBbiJ2VZqqgC1_EZdzOSR7BHWxVGaPvntT82gNs6Hm0-YKFYLvjUDnEfQjN5_jrE1BzpyRbJb5mbh8-iksBPmxeefI5xNWubqrGqX62YvOb6vIZX6Aph5xFjao3jGDrG2TUvidfHCI59dghw838qzrmaytR693EiTXqPPj4-L4WnAPmxI-bk=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /imp.go?nr=1&xref=E15_Wjnh9eAL-ddJ1oHKfxquCJ59VkrB24EX3SlnXQNo1yn9eEULQnlDp2bY9IpOkHchIKNMovMefz1lZilWhQ_Xj1QpFZR8ID0h0GxlWS0bRzh2rwmzx4gdYkELCvYe7h_imYShNdnveB--3dBmHMPXhEk5Hq9OXh7rtEO3wYq2OTirWW_fhEP8BGsdg5eVUDdAo0FiJhr4Qm9RqbZslSDphFxxFnuUKm9G96HiWIanmmwuYeyZlKPJ0OCuDP5aGxpOX-nBUXW4YxQW3fV3mfmtf3XeZgKHb2E31NJLzpja5f1pcMR9uu4e0CthvUpxlw1tVndTCVLZ-xTGqTEHXdskkVF7dQHSX15ViiJC8BGysqgTIm5AmTASRJO35Iok9O3eNJQPMVH7ysXL2Yxg2yA78-4whoTnXF4PWUV3MEln18Efur8pl4ray1R3fM4lfI4V0HbhQC6kF25lQmDUY6Qk3tivmZYsFZQLTBBPJENHLP4tK5C6dXZi7bqqzz5DkLlaDyOIrp5ph7uuj_dlgO_rMAD7vwVesZ_hYDj0Z3fmwpaM-SSKEAfvBR9537T_3OM0vkhisDKjaa71TXyo-r2UOlGqnIfj4gJa5fDrCfzbqDn3UMTtNLBjDKvex7qPIwdAYrPPKPy2cA3YbEQ2b0MUEdolGixP-MZK00niTmEtZywdbcACl6FKmLxieTh0C1qsT4OqEVv1nEI7PmivlncZQkIijtIlGaLvVKPbgAhCgekK2NKpbgt-M_mHl5u5w5IWEjd7FumgWwbwLlxv1at791EzwmhTqdWX-7gg7TIFIPd5lULMS4htSvy3fYCkAkgWS_UtAHXwoOvt_Tpw88JLaGyhiuLq6Kl0pd2CM4O1zcDoxE1sYhONSDmYSPoFBV7vAzuMckLkrT9Zx6W46l4Yzo5gDjt2mj2PIcZXwQ-1wgJIeg5BXdVJiiSyw_ZZOD-e_tf-ceG3Kw6sVsHL-bxsI7hltwM01yD-vNlnJC6cLZILrOyCZTnucifh41KqN_8exFIMdl3kZ7aLzK46hnv6psw-Oav0T1FlB_1Zz8-tlmDRlqSGYw5-nxbrwtDtViV_JGKyf_w0djz5oboiC4nsZb2ZdRNO9oQif7n0PbjC9wChwhOFJapujG2FzCIpNJjW_ppdzpHOx-Veejx_66yl4oh3ez1Er7HE6WAFvagunp1CCVVPxebU0yaYamEdHwjPUsFTZQ428b02u4fkJvQMKzjiuaE0zqPhkFdmy5z4Lo2yBtjfHZYXNRUfFoI2P9H8mvZIHJNzcqOZTApnXDLw8Jax7wbGLG77GT1EXtnjzZ-E1rJkC0RhRPuX3fPmtr8lDqEi1tEoL13asmI_31-hOK2NxT7DBbiJ2VZqqgC1_EZdzOSR7BHWxVGaPvntT82gNs6Hm0-YKFYLvjUDnEfQjN5_jrE1BzpyRbJb5mbh8-iksBPmxeefI5xNWubqrGqX62YvOb6vIZX6Aph5xFjao3jGDrG2TUvidfHCI59dghw838qzrmaytR693EiTXqPPj4-L4WnAPmxI-bk= HTTP/1.1
Host: go.goaserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://go.goaserv.com/banner.go?spaceid=1219880&sid2=JTLIV3no04Ug4nUJuo77h6r2h135ilZrS3HHenbKW9BZ3vkAh0dM-k43XxUGiamgUVFQHXMydIsNiebWPRzbcZJPxo7E_Pj2urob9JTTw5tDbp1sqG_iEw_gUIDRUi&sid3=3803312
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-backend-server: nl2-go-web-247
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 06:02:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
solemnvine.com/pixel/purst?dl=0&th=0&sc=0&rs=193&rd=193&fd=106&bv=22.10.v.10&tmpl=136
200 OK 0 B URL HTTP/1.1 solemnvine.com/pixel/purst?dl=0&th=0&sc=0&rs=193&rd=193&fd=106&bv=22.10.v.10&tmpl=136
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=193&rd=193&fd=106&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: solemnvine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 30 Jan 2023 06:02:34 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
go.live.tktube.com/thumbs/view
200 OK 420 B URL HTTP/2 go.live.tktube.com/thumbs/view
IP
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text
Hash b73bf07161f57cab7c8d3b482f976452
2e8ba836d2529702d20268312a4cbc6ba30e05df
32ec211b235bc8738088d974b8f0cc44ad52c5f466b6873f75cad175689094c8
POST /thumbs/view HTTP/1.1
Host: go.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.live.tktube.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://creative.live.tktube.com
Content-Length: 396
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: application/json
content-length: 420
strict-transport-security: max-age=15768000
access-control-allow-origin: https://creative.live.tktube.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f0d4ffbc8e4fedb350a120c6a2659e7f
52a5176d34433332030f84658318328a26cb9c88
ed17c5028c2d87052c332e334f61352f416df64d97ece49f535efb2b452486d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED17C5028C2D87052C332E334F61352F416DF64D97ECE49F535EFB2B452486D4"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5242
Expires: Mon, 30 Jan 2023 07:29:56 GMT
Date: Mon, 30 Jan 2023 06:02:34 GMT
Connection: keep-alive
poweredby.jads.co/adshow.php?adzone=867429
200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=867429
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (409), with CRLF, LF line terminators
Hash 89a619f66cd49d7929b0f00d8c70ad69
36ca75de6dcd74bd30044a200b148bf2493bba8e
c9ea5c18315db6c3aab07c76e2ffaa26467aae752189c6a4fc11e786abc1016d
GET /adshow.php?adzone=867429 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; expires=Tue, 30-Jan-2024 06:02:33 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps30553=1; expires=Tue, 31-Jan-2023 06:02:33 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
imps30553=1; expires=Tue, 31-Jan-2023 06:02:33 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToyOntpOjcxMzIzMztpOjE2NzUzMTc3NTM7aTo3MTMyMzE7aToxNjc1MzE3NzUzO30%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user22416/30553-1544525888-0100799001544525888.png
200 OK 60 kB URL HTTP/2 i.jads.co/network/user22416/30553-1544525888-0100799001544525888.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash eef1c64ef9fc090e6e69a494e3799f21
aa78cbfe45395398eaa598f101e775f7c1e7912d
f95f832186fa40bceb4ea76af521bdf040c6e5cac6e54a48c0f10ef93dd35b7c
GET /network/user22416/30553-1544525888-0100799001544525888.png HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; imps47386=1; juicy_data_1=YToyOntpOjcxMzIzMztpOjE2NzUzMTc3NTM7aTo3MTMyMzE7aToxNjc1MzE3NzUzO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1; imps30553=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
etag: "1544525888"
cache-control: max-age=26255623
content-length: 59543
content-type: image/png
last-modified: Tue, 11 Dec 2018 10:58:08 GMT
accept-ranges: bytes
x-hw: 1675058554.dop020.sk1.t,1675058554.cds205.sk1.hn,1675058554.cds222.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user22416/30553-1544525887-0263027001544525887.gif
200 OK 142 kB URL HTTP/2 i.jads.co/network/user22416/30553-1544525887-0263027001544525887.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 142 kB (141966 bytes)
Hash 8c6cb001b922420243a333e9cba9c795
7ea19f5357480d0b02133b16b6ea963bf11d8cb3
bca98d1413e327ad043bdc9568ceb4972491040e38147a7235b35e9f18f5b515
GET /network/user22416/30553-1544525887-0263027001544525887.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; imps47386=1; juicy_data_1=YToyOntpOjcxMzIzMztpOjE2NzUzMTc3NTM7aTo3MTMyMzE7aToxNjc1MzE3NzUzO30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1; imps30553=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
etag: "1544525887"
cache-control: max-age=26255629
content-length: 141966
content-type: image/gif
last-modified: Tue, 11 Dec 2018 10:58:07 GMT
accept-ranges: bytes
x-hw: 1675058554.dop020.sk1.t,1675058554.cds205.sk1.hn,1675058554.cds216.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8613
Expires: Mon, 30 Jan 2023 08:26:07 GMT
Date: Mon, 30 Jan 2023 06:02:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8613
Expires: Mon, 30 Jan 2023 08:26:07 GMT
Date: Mon, 30 Jan 2023 06:02:34 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 29233
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:27 GMT
age: 28267
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ce4f845d4cdd467b4c82d8fbeb9ae0b
68257cdadb6e13a8f7f5e2354aca225286107a79
243b58df1616fd8b78c11302dbf90c97ecb6a3b289abe5f3439252cdbf304892
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 2b8949c8-5c97-49f5-8784-85daa42adff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4NF1moAMFQ9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e69a-2ab06022306835b013c1e46f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NEYfOHRSbqSqgj9m4A-z6jFKKbaiYC9DKmggHLFvSAK88FMnfXMn1Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:23:20 GMT
age: 27554
etag: "68257cdadb6e13a8f7f5e2354aca225286107a79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 29366
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 33377
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 29277
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIMVODxhiPM1rcmEGDTAsaYWyExBHjBo0WZcSMGTNDzA0zMWCQMSPi4Rwxacgo1LFFRAwcNEjaqNFCBg0YN3LQwCGiy8MwdcZklCGGTI6lNsS0gGFGjFgaYV_mGCOGaVQcZWLenBFjZ0-IZOwsnBEVhkMRcOqI2YtjBo6rcODslVFRxBw4E3UYhjGDroyHY9oo1kEjh4wcR6_aZfhQjBs3e2O0BPuwjRuMOmSMtJHjIRzXsGPQUH1YRJ0YGdHQoQNnjo4XL868caE8zByEdlyMedPmhZgwpxEyf_PjccQyQXvEYJwDBw4YXOrAgCHDxpygMnrciVKkSZM8LcmcqRMGjZUmdhQxxBxMTGGDElPA8EQeSjRxQxJ00HCHEWeQEcMXcpSBQxRy4NBCC2jQMIQVZZyBxBtS3CGDE3ecwUYdJV0xAxl3oBHGFDlUmIMTb-DBnhtHlGEFGU5I0UIaT6xR4xJ52KBGHGtMgQYSOcgxRgs4XBEFE3XoEcYbatwQxBdnVJEEEVJUkUZ667X3Hhkz9DBZZePddRtFD71xJ2kikEFdRnSsQYdgZUj3J2ZhRLaFDDVYBZiVC8HgwnqNbRTppH5hdtsXcECqg6TrUUbXQ3LYsVl7D5Uxxp6grkcDDTc8VEcdaWQEQxhwxTCGDTK0YBZLJ30GA5YG2dCCDZTFIIYNZsBwlA1aPZTGZiKA5kIOktIggwsN0XCXHF9Mm5G12LqgLbcd3cVfRk28oUcabLARxgs1TAoCClek4Yafd8wBghNUgJDTpDuAkK8bNtBQMB4JF1wqQ35NmgIIQY6xxhsvyOAspc6CYEQaGZrR4ws51QvDXTNl5MQTd70Bbso6iLDyXWxoFXMRTtx1kB0YlsEGRTXccENhNpwHA6lnoBZbDTjE2mcZPIshx0LmPbTzF228QcZCMuBgQ2NkyPHGXnkORYNtYuORx0JnixBycMMVd9wLgQ4qRqHTVXfXHRmNd95daPTNnrc-lZqR2HQk6nILdbiRBh1j3eACGWPUabXNT39BueUi0NEGRTbcUINfONRQwwwWtSED6KKTbjpfT4nW82NfJMr66Ey_nirPYbCBEB1DbUGSo2GIEdnTZmDFxkS21RwpZrDB0IcCAQE%3D&s=456aefd494dd486dcf4c30bd6349c04ad3bf4e28a96e41f9d945f7ec6138c0491675058553&w=t&r=1&d=380&priv=false
200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIMVODxhiPM1rcmEGDTAsaYWyExBHjBo0WZcSMGTNDzA0zMWCQMSPi4Rwxacgo1LFFRAwcNEjaqNFCBg0YN3LQwCGiy8MwdcZklCGGTI6lNsS0gGFGjFgaYV_mGCOGaVQcZWLenBFjZ0-IZOwsnBEVhkMRcOqI2YtjBo6rcODslVFRxBw4E3UYhjGDroyHY9oo1kEjh4wcR6_aZfhQjBs3e2O0BPuwjRuMOmSMtJHjIRzXsGPQUH1YRJ0YGdHQoQNnjo4XL868caE8zByEdlyMedPmhZgwpxEyf_PjccQyQXvEYJwDBw4YXOrAgCHDxpygMnrciVKkSZM8LcmcqRMGjZUmdhQxxBxMTGGDElPA8EQeSjRxQxJ00HCHEWeQEcMXcpSBQxRy4NBCC2jQMIQVZZyBxBtS3CGDE3ecwUYdJV0xAxl3oBHGFDlUmIMTb-DBnhtHlGEFGU5I0UIaT6xR4xJ52KBGHGtMgQYSOcgxRgs4XBEFE3XoEcYbatwQxBdnVJEEEVJUkUZ667X3Hhkz9DBZZePddRtFD71xJ2kikEFdRnSsQYdgZUj3J2ZhRLaFDDVYBZiVC8HgwnqNbRTppH5hdtsXcECqg6TrUUbXQ3LYsVl7D5Uxxp6grkcDDTc8VEcdaWQEQxhwxTCGDTK0YBZLJ30GA5YG2dCCDZTFIIYNZsBwlA1aPZTGZiKA5kIOktIggwsN0XCXHF9Mm5G12LqgLbcd3cVfRk28oUcabLARxgs1TAoCClek4Yafd8wBghNUgJDTpDuAkK8bNtBQMB4JF1wqQ35NmgIIQY6xxhsvyOAspc6CYEQaGZrR4ws51QvDXTNl5MQTd70Bbso6iLDyXWxoFXMRTtx1kB0YlsEGRTXccENhNpwHA6lnoBZbDTjE2mcZPIshx0LmPbTzF228QcZCMuBgQ2NkyPHGXnkORYNtYuORx0JnixBycMMVd9wLgQ4qRqHTVXfXHRmNd95daPTNnrc-lZqR2HQk6nILdbiRBh1j3eACGWPUabXNT39BueUi0NEGRTbcUINfONRQwwwWtSED6KKTbjpfT4nW82NfJMr66Ey_nirPYbCBEB1DbUGSo2GIEdnTZmDFxkS21RwpZrDB0IcCAQE%3D&s=456aefd494dd486dcf4c30bd6349c04ad3bf4e28a96e41f9d945f7ec6138c0491675058553&w=t&r=1&d=380&priv=false
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WIMVODxhiPM1rcmEGDTAsaYWyExBHjBo0WZcSMGTNDzA0zMWCQMSPi4Rwxacgo1LFFRAwcNEjaqNFCBg0YN3LQwCGiy8MwdcZklCGGTI6lNsS0gGFGjFgaYV_mGCOGaVQcZWLenBFjZ0-IZOwsnBEVhkMRcOqI2YtjBo6rcODslVFRxBw4E3UYhjGDroyHY9oo1kEjh4wcR6_aZfhQjBs3e2O0BPuwjRuMOmSMtJHjIRzXsGPQUH1YRJ0YGdHQoQNnjo4XL868caE8zByEdlyMedPmhZgwpxEyf_PjccQyQXvEYJwDBw4YXOrAgCHDxpygMnrciVKkSZM8LcmcqRMGjZUmdhQxxBxMTGGDElPA8EQeSjRxQxJ00HCHEWeQEcMXcpSBQxRy4NBCC2jQMIQVZZyBxBtS3CGDE3ecwUYdJV0xAxl3oBHGFDlUmIMTb-DBnhtHlGEFGU5I0UIaT6xR4xJ52KBGHGtMgQYSOcgxRgs4XBEFE3XoEcYbatwQxBdnVJEEEVJUkUZ667X3Hhkz9DBZZePddRtFD71xJ2kikEFdRnSsQYdgZUj3J2ZhRLaFDDVYBZiVC8HgwnqNbRTppH5hdtsXcECqg6TrUUbXQ3LYsVl7D5Uxxp6grkcDDTc8VEcdaWQEQxhwxTCGDTK0YBZLJ30GA5YG2dCCDZTFIIYNZsBwlA1aPZTGZiKA5kIOktIggwsN0XCXHF9Mm5G12LqgLbcd3cVfRk28oUcabLARxgs1TAoCClek4Yafd8wBghNUgJDTpDuAkK8bNtBQMB4JF1wqQ35NmgIIQY6xxhsvyOAspc6CYEQaGZrR4ws51QvDXTNl5MQTd70Bbso6iLDyXWxoFXMRTtx1kB0YlsEGRTXccENhNpwHA6lnoBZbDTjE2mcZPIshx0LmPbTzF228QcZCMuBgQ2NkyPHGXnkORYNtYuORx0JnixBycMMVd9wLgQ4qRqHTVXfXHRmNd95daPTNnrc-lZqR2HQk6nILdbiRBh1j3eACGWPUabXNT39BueUi0NEGRTbcUINfONRQwwwWtSED6KKTbjpfT4nW82NfJMr66Ey_nirPYbCBEB1DbUGSo2GIEdnTZmDFxkS21RwpZrDB0IcCAQE%3D&s=456aefd494dd486dcf4c30bd6349c04ad3bf4e28a96e41f9d945f7ec6138c0491675058553&w=t&r=1&d=380&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=0a8e1c62-bb81-4290-8ad6-6031b6f0186c; bfq=APeIECNCx5YZMWLcsFHDRhcWIsYU3BLjoYgyE2PYuFEjBg0aOWrM6NJH
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=1004867
200 OK 1.9 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=1004867
IP
Hash 735dcd44ed86ebaaab7f99fc3c35cb98
755a702c3c37d108155323cbbb35cb5bad6cc7a5
3b5241fe20c5af963cf50b5e41b953b701232f9b04cd2c424a25cfc94a2a7924
GET /adshow.php?adzone=1004867 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 06:02:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; expires=Tue, 30-Jan-2024 06:02:33 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps30553=1; expires=Tue, 31-Jan-2023 06:02:34 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjcxMzIzMDtpOjE2NzUzMTc3NTM7fQ%3D%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Thu, 02-Feb-2023 06:02:33 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=tktube.com&et=157
200 OK 0 B URL HTTP/2 pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=tktube.com&et=157
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=tktube.com&et=157 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: ts_uid=0a8e1c62-bb81-4290-8ad6-6031b6f0186c; bfq=APeIECNCx5YZMWLcsFHDRhcWIsYU3BLjoYgyE2PYuFEjBg0aOWrM6NJH
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
i.jads.co/network/user22416/30553-1544525886-0782517001544525886.gif
200 OK 624 kB URL HTTP/2 i.jads.co/network/user22416/30553-1544525886-0782517001544525886.gif
IP
File type GIF image data, version 89a, 300 x 250\012- data
Size 624 kB (623682 bytes)
Hash 8fdd44153a82d5e845e5c4433e2af3e7
a26e2fa1ba25c1bd630d5ba4a3e3a84c8fd2e289
67a6e646450f83d315410b58f7ee68dff0e12be3c64892e8b47dfca40f74162e
GET /network/user22416/30553-1544525886-0782517001544525886.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=9dead68025990a2b5c92153c58b3d1cc; imps47386=1; juicy_data_1=YToxOntpOjcxMzIzMDtpOjE2NzUzMTc3NTM7fQ%3D%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps9183=1; imps30553=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:34 GMT
etag: "1544525886"
cache-control: max-age=26255660
content-length: 623682
content-type: image/gif
last-modified: Tue, 11 Dec 2018 10:58:06 GMT
accept-ranges: bytes
x-hw: 1675058554.dop020.sk1.t,1675058554.cds205.sk1.hn,1675058554.cds213.sk1.c
X-Firefox-Spdy: h2
urimnugocfr.com/chicken.gif?z=1843465&pb=9a4c938a0aefeb73f7fa9cdf718e7f3d1675065752&psp=Daq-x20ZBvDTRMJt4n3fcSAJlfKFJN8SWak9socSpzkBP4nttLNqW6Gz2uyT_GwDt9s3bb2nsERM-C32NAOu9QouOKD-hOeGS5ph0rpDhF2U78gsEBFmG9Foma9PtiCWiW5n8q6h9ZI17tYAq6UynJ6HQ66-AEVJ79QVTJaWNlazRl2GWRT_4jiTtNjtbiRE7C_RgE75dQ1czF8tTn5lcERRrAOJuu_f5c41MdsIDjyrgALzJM08sLF7sUWlUB5h-vNaL4VGJeCbQpDHTDh-cVvVP4qmcyLz0MipPl_DhPmslimlJNuG8m5-uyqyx-n_q4NcVUlo9oysols04HJRnrjG1mMUivVbUxvkSaPM-JKYHhzDLMsKf6dZYzy0UNo6nBfjHFy0KjVW6qHG7CPJXeSIw5vMLY7ZoKk9ACCR4Mis8E6XcNllykxnKp4znhSvJhAD0YW4BRYjBMHm5K-LmZsVr7jG025OuYc9AZlgb0LTmPmjL_rauLO_mcij7yM5Rk6dKlO62XAtc7rFYcODpywpP9whCC_j4WyxONDqBamNtcTIHRuSLxQ_XhlcRvxDoiv-NIFH9xFod5CBZLB8kxipkaQUAPrBZ3lvKJqiG9EwARp2eSQ-CtN69sbe4JIHc4SFRLssX6y9xjNDg9LjqSTo5pbH8ReotyRbPklixMQQoddqFfYwdXzemPyXg-VF7NI5VU_rvOe37P0Jr-BuXD3rBb8BvYOkqr07d_DHN4M98FlhfR5k_PJmEk_h7NbUCX6YT5q64cS24Zc4l__vRpZxW-HyOo3-8LHfyJxYfgTu3FqeC4WIkLjM76_A_fYvjtBkhlk1QbkrsbCHh6CZ_Y9g5g==&abvar=0&os=0
200 OK 43 B URL HTTP/2 urimnugocfr.com/chicken.gif?z=1843465&pb=9a4c938a0aefeb73f7fa9cdf718e7f3d1675065752&psp=Daq-x20ZBvDTRMJt4n3fcSAJlfKFJN8SWak9socSpzkBP4nttLNqW6Gz2uyT_GwDt9s3bb2nsERM-C32NAOu9QouOKD-hOeGS5ph0rpDhF2U78gsEBFmG9Foma9PtiCWiW5n8q6h9ZI17tYAq6UynJ6HQ66-AEVJ79QVTJaWNlazRl2GWRT_4jiTtNjtbiRE7C_RgE75dQ1czF8tTn5lcERRrAOJuu_f5c41MdsIDjyrgALzJM08sLF7sUWlUB5h-vNaL4VGJeCbQpDHTDh-cVvVP4qmcyLz0MipPl_DhPmslimlJNuG8m5-uyqyx-n_q4NcVUlo9oysols04HJRnrjG1mMUivVbUxvkSaPM-JKYHhzDLMsKf6dZYzy0UNo6nBfjHFy0KjVW6qHG7CPJXeSIw5vMLY7ZoKk9ACCR4Mis8E6XcNllykxnKp4znhSvJhAD0YW4BRYjBMHm5K-LmZsVr7jG025OuYc9AZlgb0LTmPmjL_rauLO_mcij7yM5Rk6dKlO62XAtc7rFYcODpywpP9whCC_j4WyxONDqBamNtcTIHRuSLxQ_XhlcRvxDoiv-NIFH9xFod5CBZLB8kxipkaQUAPrBZ3lvKJqiG9EwARp2eSQ-CtN69sbe4JIHc4SFRLssX6y9xjNDg9LjqSTo5pbH8ReotyRbPklixMQQoddqFfYwdXzemPyXg-VF7NI5VU_rvOe37P0Jr-BuXD3rBb8BvYOkqr07d_DHN4M98FlhfR5k_PJmEk_h7NbUCX6YT5q64cS24Zc4l__vRpZxW-HyOo3-8LHfyJxYfgTu3FqeC4WIkLjM76_A_fYvjtBkhlk1QbkrsbCHh6CZ_Y9g5g==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1843465&pb=9a4c938a0aefeb73f7fa9cdf718e7f3d1675065752&psp=Daq-x20ZBvDTRMJt4n3fcSAJlfKFJN8SWak9socSpzkBP4nttLNqW6Gz2uyT_GwDt9s3bb2nsERM-C32NAOu9QouOKD-hOeGS5ph0rpDhF2U78gsEBFmG9Foma9PtiCWiW5n8q6h9ZI17tYAq6UynJ6HQ66-AEVJ79QVTJaWNlazRl2GWRT_4jiTtNjtbiRE7C_RgE75dQ1czF8tTn5lcERRrAOJuu_f5c41MdsIDjyrgALzJM08sLF7sUWlUB5h-vNaL4VGJeCbQpDHTDh-cVvVP4qmcyLz0MipPl_DhPmslimlJNuG8m5-uyqyx-n_q4NcVUlo9oysols04HJRnrjG1mMUivVbUxvkSaPM-JKYHhzDLMsKf6dZYzy0UNo6nBfjHFy0KjVW6qHG7CPJXeSIw5vMLY7ZoKk9ACCR4Mis8E6XcNllykxnKp4znhSvJhAD0YW4BRYjBMHm5K-LmZsVr7jG025OuYc9AZlgb0LTmPmjL_rauLO_mcij7yM5Rk6dKlO62XAtc7rFYcODpywpP9whCC_j4WyxONDqBamNtcTIHRuSLxQ_XhlcRvxDoiv-NIFH9xFod5CBZLB8kxipkaQUAPrBZ3lvKJqiG9EwARp2eSQ-CtN69sbe4JIHc4SFRLssX6y9xjNDg9LjqSTo5pbH8ReotyRbPklixMQQoddqFfYwdXzemPyXg-VF7NI5VU_rvOe37P0Jr-BuXD3rBb8BvYOkqr07d_DHN4M98FlhfR5k_PJmEk_h7NbUCX6YT5q64cS24Zc4l__vRpZxW-HyOo3-8LHfyJxYfgTu3FqeC4WIkLjM76_A_fYvjtBkhlk1QbkrsbCHh6CZ_Y9g5g==&abvar=0&os=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301300102b2fbcbd564a242149c6b500727; OACICAP=ACMMIAAAAAAAAAAB; OACIBLOCK=ACMMIAAAAABj11zg; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/whob.gif?z=1843465&pb=9a4c938a0aefeb73f7fa9cdf718e7f3d1675065752&psp=Daq-x20ZBvDTRMJt4n3fcSAJlfKFJN8SWak9socSpzkBP4nttLNqW6Gz2uyT_GwDt9s3bb2nsERM-C32NAOu9QouOKD-hOeGS5ph0rpDhF2U78gsEBFmG9Foma9PtiCWiW5n8q6h9ZI17tYAq6UynJ6HQ66-AEVJ79QVTJaWNlazRl2GWRT_4jiTtNjtbiRE7C_RgE75dQ1czF8tTn5lcERRrAOJuu_f5c41MdsIDjyrgALzJM08sLF7sUWlUB5h-vNaL4VGJeCbQpDHTDh-cVvVP4qmcyLz0MipPl_DhPmslimlJNuG8m5-uyqyx-n_q4NcVUlo9oysols04HJRnrjG1mMUivVbUxvkSaPM-JKYHhzDLMsKf6dZYzy0UNo6nBfjHFy0KjVW6qHG7CPJXeSIw5vMLY7ZoKk9ACCR4Mis8E6XcNllykxnKp4znhSvJhAD0YW4BRYjBMHm5K-LmZsVr7jG025OuYc9AZlgb0LTmPmjL_rauLO_mcij7yM5Rk6dKlO62XAtc7rFYcODpywpP9whCC_j4WyxONDqBamNtcTIHRuSLxQ_XhlcRvxDoiv-NIFH9xFod5CBZLB8kxipkaQUAPrBZ3lvKJqiG9EwARp2eSQ-CtN69sbe4JIHc4SFRLssX6y9xjNDg9LjqSTo5pbH8ReotyRbPklixMQQoddqFfYwdXzemPyXg-VF7NI5VU_rvOe37P0Jr-BuXD3rBb8BvYOkqr07d_DHN4M98FlhfR5k_PJmEk_h7NbUCX6YT5q64cS24Zc4l__vRpZxW-HyOo3-8LHfyJxYfgTu3FqeC4WIkLjM76_A_fYvjtBkhlk1QbkrsbCHh6CZ_Y9g5g==&abvar=0&os=0
200 OK 43 B URL HTTP/2 urimnugocfr.com/whob.gif?z=1843465&pb=9a4c938a0aefeb73f7fa9cdf718e7f3d1675065752&psp=Daq-x20ZBvDTRMJt4n3fcSAJlfKFJN8SWak9socSpzkBP4nttLNqW6Gz2uyT_GwDt9s3bb2nsERM-C32NAOu9QouOKD-hOeGS5ph0rpDhF2U78gsEBFmG9Foma9PtiCWiW5n8q6h9ZI17tYAq6UynJ6HQ66-AEVJ79QVTJaWNlazRl2GWRT_4jiTtNjtbiRE7C_RgE75dQ1czF8tTn5lcERRrAOJuu_f5c41MdsIDjyrgALzJM08sLF7sUWlUB5h-vNaL4VGJeCbQpDHTDh-cVvVP4qmcyLz0MipPl_DhPmslimlJNuG8m5-uyqyx-n_q4NcVUlo9oysols04HJRnrjG1mMUivVbUxvkSaPM-JKYHhzDLMsKf6dZYzy0UNo6nBfjHFy0KjVW6qHG7CPJXeSIw5vMLY7ZoKk9ACCR4Mis8E6XcNllykxnKp4znhSvJhAD0YW4BRYjBMHm5K-LmZsVr7jG025OuYc9AZlgb0LTmPmjL_rauLO_mcij7yM5Rk6dKlO62XAtc7rFYcODpywpP9whCC_j4WyxONDqBamNtcTIHRuSLxQ_XhlcRvxDoiv-NIFH9xFod5CBZLB8kxipkaQUAPrBZ3lvKJqiG9EwARp2eSQ-CtN69sbe4JIHc4SFRLssX6y9xjNDg9LjqSTo5pbH8ReotyRbPklixMQQoddqFfYwdXzemPyXg-VF7NI5VU_rvOe37P0Jr-BuXD3rBb8BvYOkqr07d_DHN4M98FlhfR5k_PJmEk_h7NbUCX6YT5q64cS24Zc4l__vRpZxW-HyOo3-8LHfyJxYfgTu3FqeC4WIkLjM76_A_fYvjtBkhlk1QbkrsbCHh6CZ_Y9g5g==&abvar=0&os=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1843465&pb=9a4c938a0aefeb73f7fa9cdf718e7f3d1675065752&psp=Daq-x20ZBvDTRMJt4n3fcSAJlfKFJN8SWak9socSpzkBP4nttLNqW6Gz2uyT_GwDt9s3bb2nsERM-C32NAOu9QouOKD-hOeGS5ph0rpDhF2U78gsEBFmG9Foma9PtiCWiW5n8q6h9ZI17tYAq6UynJ6HQ66-AEVJ79QVTJaWNlazRl2GWRT_4jiTtNjtbiRE7C_RgE75dQ1czF8tTn5lcERRrAOJuu_f5c41MdsIDjyrgALzJM08sLF7sUWlUB5h-vNaL4VGJeCbQpDHTDh-cVvVP4qmcyLz0MipPl_DhPmslimlJNuG8m5-uyqyx-n_q4NcVUlo9oysols04HJRnrjG1mMUivVbUxvkSaPM-JKYHhzDLMsKf6dZYzy0UNo6nBfjHFy0KjVW6qHG7CPJXeSIw5vMLY7ZoKk9ACCR4Mis8E6XcNllykxnKp4znhSvJhAD0YW4BRYjBMHm5K-LmZsVr7jG025OuYc9AZlgb0LTmPmjL_rauLO_mcij7yM5Rk6dKlO62XAtc7rFYcODpywpP9whCC_j4WyxONDqBamNtcTIHRuSLxQ_XhlcRvxDoiv-NIFH9xFod5CBZLB8kxipkaQUAPrBZ3lvKJqiG9EwARp2eSQ-CtN69sbe4JIHc4SFRLssX6y9xjNDg9LjqSTo5pbH8ReotyRbPklixMQQoddqFfYwdXzemPyXg-VF7NI5VU_rvOe37P0Jr-BuXD3rBb8BvYOkqr07d_DHN4M98FlhfR5k_PJmEk_h7NbUCX6YT5q64cS24Zc4l__vRpZxW-HyOo3-8LHfyJxYfgTu3FqeC4WIkLjM76_A_fYvjtBkhlk1QbkrsbCHh6CZ_Y9g5g==&abvar=0&os=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2301300102b2fbcbd564a242149c6b500727; OACICAP=ACMMIAAAAAAAAAAB; OACIBLOCK=ACMMIAAAAABj11zg; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
set-cookie: ppucnt=0; Path=/; Expires=Tue, 31 Jan 2023 06:02:34 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
tktube.com/static/styles/all-responsive-white.css?v=7.2
200 OK 0 B URL HTTP/2 tktube.com/static/styles/all-responsive-white.css?v=7.2
IP
GET /static/styles/all-responsive-white.css?v=7.2 HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Sat, 24 Dec 2022 05:35:29 GMT
etag: W/"63a68fa1-27a03"
expires: Mon, 30 Jan 2023 08:45:38 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 8089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXbKo%2FpQ6BvJbA%2FnEAMGXl7kmcemHCukQgVHSXORz9K%2BGpzhEYTU5aRIOIvABiDOqx9zqS5ACzB4ozgYApYhOD%2BBHqMtlX8%2BwGDT8QRia3ZqNq1bFO3lB14L9%2Fkl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7917ffd129fb74b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
urimnugocfr.com/get/1843465?zoneid=1843465&jp=_cln20f709cgpf40yh5445x&nojs=0&ix=0&abvar=0&t=0&x=1152&y=816&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8554025939319320
200 OK 0 B URL HTTP/2 urimnugocfr.com/get/1843465?zoneid=1843465&jp=_cln20f709cgpf40yh5445x&nojs=0&ix=0&abvar=0&t=0&x=1152&y=816&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8554025939319320
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1843465?zoneid=1843465&jp=_cln20f709cgpf40yh5445x&nojs=0&ix=0&abvar=0&t=0&x=1152&y=816&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8554025939319320 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301300102b2fbcbd564a242149c6b500727; Path=/; Expires=Tue, 30 Jan 2024 06:02:32 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/lv/esnk/1843465/code.js
200 OK 0 B URL HTTP/2 urimnugocfr.com/lv/esnk/1843465/code.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1843465/code.js HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-1a2c5"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
nimhuemark.com/aas/r45d/vki/1843476/tghr.js
200 OK 0 B URL HTTP/2 nimhuemark.com/aas/r45d/vki/1843476/tghr.js
IP
GET /aas/r45d/vki/1843476/tghr.js HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 13:21:09 GMT
vary: Accept-Encoding
etag: W/"63d27e45-10d38"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
go.goaserv.com/banner.go?spaceid=1219880&sid2=JTLIV3no04Ug4nUJuo77h6r2h135ilZrS3HHenbKW9BZ3vkAh0dM-k43XxUGiamgUVFQHXMydIsNiebWPRzbcZJPxo7E_Pj2urob9JTTw5tDbp1sqG_iEw_gUIDRUi&sid3=3803312
200 OK 0 B URL HTTP/2 go.goaserv.com/banner.go?spaceid=1219880&sid2=JTLIV3no04Ug4nUJuo77h6r2h135ilZrS3HHenbKW9BZ3vkAh0dM-k43XxUGiamgUVFQHXMydIsNiebWPRzbcZJPxo7E_Pj2urob9JTTw5tDbp1sqG_iEw_gUIDRUi&sid3=3803312
IP
GET /banner.go?spaceid=1219880&sid2=JTLIV3no04Ug4nUJuo77h6r2h135ilZrS3HHenbKW9BZ3vkAh0dM-k43XxUGiamgUVFQHXMydIsNiebWPRzbcZJPxo7E_Pj2urob9JTTw5tDbp1sqG_iEw_gUIDRUi&sid3=3803312 HTTP/1.1
Host: go.goaserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: text/html; charset=utf-8
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Mon, 30 01 2023 06:02:34 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-247
content-encoding: gzip
X-Firefox-Spdy: h2
data.goasrv.com/data/creatives/1164/37905.mp4
206 Partial Content 0 B URL HTTP/2 data.goasrv.com/data/creatives/1164/37905.mp4
IP
GET /data/creatives/1164/37905.mp4 HTTP/1.1
Host: data.goasrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://go.goaserv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: video/mp4
content-length: 971248
last-modified: Thu, 19 Jan 2023 13:25:01 GMT
etag: "63c944ad-ed1f0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-223
content-range: bytes 0-971247/971248
X-Firefox-Spdy: h2
tktube.com/static/styles/jquery.fancybox-white.css?v=7.2
200 OK 0 B URL HTTP/2 tktube.com/static/styles/jquery.fancybox-white.css?v=7.2
IP
GET /static/styles/jquery.fancybox-white.css?v=7.2 HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Jun 2019 06:54:16 GMT
etag: W/"5d09dc18-14e6"
expires: Mon, 30 Jan 2023 06:52:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 7983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hi5ToWBb5YMnX7CMaFTzo%2Bl8bLIrqZRX6zx3qSFNEbNz6rTo0yTzFjNmR%2FnGMLSKUaTjSQyeq8IJSxEvJW2rOYH8fvv8QCC%2FFxUScbECqIaLmfJDYt8OVLEnO9Zd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7917ffd129fc74b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
200 OK 0 B URL HTTP/2 a.realsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/javascript
etag: W/"c86623937323852b5fe82a29fcb"
expires: Tue, 24 Jan 2023 13:18:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1675063226
server: CDN77-Turbo
x-77-nzt: AblMCRQy/rj/7hcAAA
x-77-nzt-ray: af585630df16ced6785dd76371530322
x-cache: HIT
x-age: 6126
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tktube.com
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7917ffd1bbd1b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
200 OK 0 B URL HTTP/2 tktube.com/videos/27875/edda63fb65099eaeb265e00fdd114ffa/
IP
GET /videos/27875/edda63fb65099eaeb265e00fdd114ffa/ HTTP/1.1
Host: tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.3.33
set-cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; path=/; domain=.tktube.com; SameSite=Lax
kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; expires=Tue, 31-Jan-2023 06:02:32 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
kt_ips=91.90.42.154; expires=Tue, 31-Jan-2023 06:02:32 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; expires=Tue, 31-Jan-2023 06:02:32 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24g0%2F5ui%2Bg5mJJCyy3LdbmuEk4ThvRFgcVglzKmP%2Fm5aaeysYOQsmxB2QUKJIuorAT6NNgNKW%2BedeklkT%2BQ1avdqPZi6OO8K0PcArw9CB4k%2BjJ8roaBbdLSbzHXO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7917ffcfa92374b9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.live.tktube.com/widgets/v4/Universal/main.33831b792a3809ba493a.js
200 OK 0 B URL HTTP/2 creative.live.tktube.com/widgets/v4/Universal/main.33831b792a3809ba493a.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /widgets/v4/Universal/main.33831b792a3809ba493a.js HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.live.tktube.com/widgets/v4/Universal?tag=girls%2Fchinese&thumbsMargin=5&hideButton=1&hideTitle=1&userId=fbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff&campaignId=widget&showModal=signup
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 24 Jan 2023 03:09:56 GMT
etag: W/"63cf4c04-42f63"
expires: Mon, 30 Jan 2023 06:02:43 GMT
cache-control: max-age=10
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
content-encoding: gzip
X-Firefox-Spdy: h2
zatnoh.com/pw/waWQiOjExNDA5NTAsInNpZCI6MTE3MzcyNCwid2lkIjo0MDExMTgsInNyYyI6Mn0=eyJ.js
200 OK 0 B URL HTTP/2 zatnoh.com/pw/waWQiOjExNDA5NTAsInNpZCI6MTE3MzcyNCwid2lkIjo0MDExMTgsInNyYyI6Mn0=eyJ.js
IP
GET /pw/waWQiOjExNDA5NTAsInNpZCI6MTE3MzcyNCwid2lkIjo0MDExMTgsInNyYyI6Mn0=eyJ.js HTTP/1.1
Host: zatnoh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://tktube.com
e-tag: f61a7797957735580e4ebe6a83c04155
cache-control: max-age=14400
cf-cache-status: HIT
age: 613
last-modified: Mon, 30 Jan 2023 05:52:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0vM%2BFecxAq%2BvRgdJHu2esMBvYWQP4iL%2BUp90%2BmoaxC1SY6NMn5dZqET7IIQMGJwuhdnkNua8zS7%2B6QHuNHU4jIEuHp25ANJ4B58bdqko5a2%2F5K2m6gXefvHW3aD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7917ffd1fe64b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.live.tktube.com/widgets/Spot/lib.js
200 OK 0 B URL HTTP/2 creative.live.tktube.com/widgets/Spot/lib.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /widgets/Spot/lib.js HTTP/1.1
Host: creative.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:32 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 24 Jan 2023 03:09:56 GMT
etag: W/"63cf4c04-443ea"
expires: Mon, 30 Jan 2023 06:02:42 GMT
cache-control: max-age=10
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.live.tktube.com/report", "max_age": 1048576 }
content-encoding: gzip
X-Firefox-Spdy: h2
nimhuemark.com/get/1843476?zoneid=1843476&jp=_clkhw2p8uhrr3vcxnxx4g7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=8835500916084389
200 OK 0 B URL HTTP/2 nimhuemark.com/get/1843476?zoneid=1843476&jp=_clkhw2p8uhrr3vcxnxx4g7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=8835500916084389
IP
GET /get/1843476?zoneid=1843476&jp=_clkhw2p8uhrr3vcxnxx4g7&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=8835500916084389 HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2301300102fd611d6d03b147ca9faa6b72be; Path=/; Expires=Tue, 30 Jan 2024 06:02:33 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go.live.tktube.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=6
200 OK 0 B URL HTTP/2 go.live.tktube.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=6
IP
ASN #39572 DataWeb Global Group B.V.
GET /api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=6 HTTP/1.1
Host: go.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.live.tktube.com/
Origin: https://creative.live.tktube.com
Connection: keep-alive
Cookie: PHPSESSID=diqdeqb333en74ti92t6ckf1jf; kt_qparams=id%3D27875%26dir%3Dedda63fb65099eaeb265e00fdd114ffa; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1675058564.1.0.1675058564.0.0.0; _ga=GA1.2.1458310837.1675058564; _gid=GA1.2.134327084.1675058564; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:34 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
access-control-allow-origin: https://creative.live.tktube.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
go.live.tktube.com/config?url=https%3A%2F%2Fcreative.live.tktube.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%252Fchinese%26thumbsMargin%3D5%26hideButton%3D1%26hideTitle%3D1%26userId%3Dfbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff%26campaignId%3Dwidget%26showModal%3Dsignup
200 OK 0 B URL HTTP/2 go.live.tktube.com/config?url=https%3A%2F%2Fcreative.live.tktube.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%252Fchinese%26thumbsMargin%3D5%26hideButton%3D1%26hideTitle%3D1%26userId%3Dfbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff%26campaignId%3Dwidget%26showModal%3Dsignup
IP
ASN #39572 DataWeb Global Group B.V.
GET /config?url=https%3A%2F%2Fcreative.live.tktube.com%2Fwidgets%2Fv4%2FUniversal%3Ftag%3Dgirls%252Fchinese%26thumbsMargin%3D5%26hideButton%3D1%26hideTitle%3D1%26userId%3Dfbe991993b1d5c2eb1733620d878551006570012587b6ec7fe908ac7c206baff%26campaignId%3Dwidget%26showModal%3Dsignup HTTP/1.1
Host: go.live.tktube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.live.tktube.com/
Origin: https://creative.live.tktube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 06:02:33 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
access-control-allow-origin: https://creative.live.tktube.com
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
172.64.96.12
23.36.76.200
104.21.30.127
93.184.220.29
62.122.171.6
185.76.9.19
136.243.80.153
149.56.240.27