www.tktube.com/videos/49949/okax-623-50-20-240/
172.64.97.12301 Moved Permanently 0 B URL HTTP/1.1 www.tktube.com/videos/49949/okax-623-50-20-240/
IP 172.64.97.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /videos/49949/okax-623-50-20-240/ HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 28 Sep 2022 00:26:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 28 Sep 2022 01:26:07 GMT
Location: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToQYBkiH2kdSfmzcBlTc8%2BZBzWXnC0uBDGGCJIg8CL%2B24nvl5hLZeCGRal7WwoFu%2FAZuOI8temwWDmrJNcLoDFzdyf5R7qaqezqG316JVFlGZds8u6qlbfIJ4rtFLFnqqg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751858820e188926-LHR
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 00:15:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mHBGpl_N7Y21e7nN-6zKmtmdDjd-tsQ1vrs7p5yxd2nWyZQlzL8deA==
Age: 632
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4312
Expires: Wed, 28 Sep 2022 01:37:59 GMT
Date: Wed, 28 Sep 2022 00:26:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NePUOxOxdf1JDy9GIIRTUeRBOjk01LLlg1C6hLW7Jnbcho0BJDPN_g==
age: 54114
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.tktube.com/static/images/logo.png
172.64.96.12200 OK 2.6 kB URL HTTP/2 www.tktube.com/static/images/logo.png
IP 172.64.96.12:0
File type PNG image data, 181 x 42, 8-bit/color RGBA, non-interlaced\012- data
Hash cf316b70092d435274d8fc7eae9cad2c
77f5e0671a5ac7262422f3f879fefb7a95e93d29
c2fe6ab9f4f5b5b865356d3ce1d09f146d310932866c2a2cc123c9a665b49625
GET /static/images/logo.png HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/png
content-length: 2558
last-modified: Sun, 04 Aug 2019 12:59:18 GMT
etag: "5d46d6a6-9fe"
expires: Sun, 23 Oct 2022 20:50:56 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yh0yUtX%2F1b6CQkA4zsqNM9ZIqmjpUe%2BSg7uHsIR%2Bbj21Z9JC2x9ATpA5Ql7nfA3XdLd0xjvfYsxivSJXNJGvwI3WE6rYsJ01E%2B7FWtzpEPLWPEknf1VjD0%2FE%2B75SjSMlmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75185885f9920706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/avatars/1000/1565.jpg
172.64.96.12200 OK 7.7 kB URL HTTP/2 file.tktube.com/contents/avatars/1000/1565.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 180x180, components 3\012- data
Hash 3212ee5a7a7d89f1b5603774122d0c91
55616f3a73014edfc11c1abd8ca5a258d901ba82
89b64e7c35f11b0ce4622b462df92eb9f7a266a48f3abe08113eea799769d394
GET /contents/avatars/1000/1565.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 7677
last-modified: Sat, 04 Jan 2020 11:20:29 GMT
etag: "5e1074fd-1dfd"
expires: Fri, 07 Oct 2022 09:16:10 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 1746636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXcQwj3VLJGA5pAkjkAVuXci5yhDeCiz9%2B67nJIOyzJZT%2FcJ2DzTVUZ1Lq0s6oW%2BkQGcU50RBfyRS77%2BJzAq8aNV6i7kfIvjg9sP3MFmDZHyCpJXE8vGhivjwSfqGBL2J20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588609b20706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/49000/49949/320x180/2.jpg
172.64.96.12200 OK 8.7 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/49000/49949/320x180/2.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 1c0cdbd947e96f8bc74734c028e5ad3c
061112f745a0822535f12fb3ce563c99f5482225
88892a2e92147e2d280501a5b1d3542262d38681edde4527e06bb48e2bc7109c
GET /contents/videos_screenshots/49000/49949/320x180/2.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 8660
last-modified: Wed, 10 Mar 2021 18:05:33 GMT
etag: "60490a6d-21d4"
expires: Thu, 27 Oct 2022 14:15:50 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: HIT
age: 36617
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZyxhbN51gywoqszoYKO1jrwndVVhOH83o%2B%2FjQ%2BUFajYoRR7mr2w1slMsmQbyTnQ%2B94fS263bNu683%2FaPFU1cLyO%2F4WiTgX0mWwpTKje41k3OozqTquHNTRHzGd9s%2Fqysxk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619b50706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/49000/49949/320x180/1.jpg
172.64.96.12200 OK 24 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/49000/49949/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash d4659a57fba4a22ccaaffbe5ff9f8118
b9607490246ad778b99c66f1eab295c482c1bd2e
2c1b6686945aac716a2632d50d4a23bcf8b06f9492408e70a03d65d9b3587ffc
GET /contents/videos_screenshots/49000/49949/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 24146
last-modified: Wed, 10 Mar 2021 18:05:33 GMT
etag: "60490a6d-5e52"
expires: Thu, 27 Oct 2022 07:10:15 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 48087
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kn43SwXSVK2zH%2BDUuFvSjg0hGnP07bn9V0TbOEePTgG6bTISHKexwQk8fuz3d7JvK6h%2BELWDGYt7H6GQm%2F7aMX1gIZmcy2L%2FzjgWF%2F8iwqkfVb5Lueek9i3mcur8p%2Fjmkjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619b30706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/25000/25954/320x180/1.jpg
172.64.96.12200 OK 21 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/25000/25954/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash f3fd45bfc6ba2ddc2c3180b2cdb540f8
fd5f9452f1b4283826c629060911088f6cd49c11
954a4815eb5da231eb5af940c6be3d9ed8002e2c74d60146bad407ef88e48631
GET /contents/videos_screenshots/25000/25954/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 21091
last-modified: Sat, 13 Jun 2020 17:09:40 GMT
etag: "5ee50854-5263"
expires: Thu, 27 Oct 2022 07:01:52 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 52589
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVMhdX5EA50hOecuoklcvQ%2BrIic6GcestZvDUmJn%2FFwHStjiLe2do%2B76%2BCUMyT4lO9Nenp0CnuxfOh%2FE6lYfQOoFuNNu%2FzjakHrS5U4WZNIggBd0V7oeIwkleXcM4AnSJ5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619bd0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/13000/13583/320x180/1.jpg
172.64.96.12200 OK 827 B URL HTTP/2 file.tktube.com/contents/videos_screenshots/13000/13583/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 1\012- data
Hash df8957efa3f88dc81b2eb4f4c3c146b0
0d310af2dffce7b2bb7831ad13339e88855b5cfc
7924929cb6ac17b1c9f74e1fa9a68aa805f006d761204f13e18a3e8f06aa7684
GET /contents/videos_screenshots/13000/13583/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 827
last-modified: Mon, 02 Mar 2020 02:22:59 GMT
etag: "5e5c6e03-33b"
expires: Thu, 27 Oct 2022 02:17:35 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 50559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7wMBbAHdiEnqiduxBLZxk0J3fTcw7MrPXb68r1N%2BuCy5TQOVWJL0ySR8GjwDzRLXaS8dj%2Bdw91YTjZWVnGRVWnBzUA0hh%2Be009xkyOGV4LuYv4OeGsRVxMZ%2Fv9krRHvlFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619be0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/2000/2838/320x180/1.jpg
172.64.96.12200 OK 21 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/2000/2838/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 2eb6296bebe6fc71125b2ac72e8a715c
b7ccac8827beb7c68c78cf7fed54007fbbf1b905
e5c5dcdc5e5cab53751a3e1fb9bfc79a93be17debd3ac19d8696487d4bdf3023
GET /contents/videos_screenshots/2000/2838/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 21211
last-modified: Mon, 16 Sep 2019 07:49:29 GMT
etag: "5d7f3e89-52db"
expires: Thu, 27 Oct 2022 06:56:24 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 55978
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aAMCwqAPEnIi%2F%2FzE4Ka9srcyUan7mmFgwhZGXKiCple7lg3ijoEMYoCzO6CyMVWKetSb6fQq1LIfMjq%2BoT5oTUr9X0LXmYE9esLfWhNaNXEJf99DS4nbGDr964gapoz3z6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619bf0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/130000/130013/320x180/1.jpg
172.64.96.12200 OK 15 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/130000/130013/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash d5a698caffac6c6019f233c27267d8d9
deea730ba2b9d73a645b6e074dc1f5ee04aa6b85
21f898fac3410bf770723fb68444f608dea52fd4deaee807529eac99c7cc8c4e
GET /contents/videos_screenshots/130000/130013/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 15151
last-modified: Tue, 26 Jul 2022 04:44:04 GMT
etag: "62df7114-3b2f"
expires: Thu, 27 Oct 2022 07:03:57 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 48086
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlttGNJiLYWQNg90Ol3%2Fk%2BzBLknBDEFbOJC4MLXQNJa5JLV6xrQ84YIOv1uY%2BgtMhPDVnt%2Fr7qbAw8WKzgf%2B%2B%2BT6nnEFxPRstVoGGCP9fueo%2Ba9fQK1bQhq6KS7yhLd9QyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619c10706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/18000/18503/320x180/1.jpg
172.64.96.12200 OK 23 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/18000/18503/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 9de6117718d104ba587ac4b97dad7063
8aa0656d5c0587d08cf3261115278afb76a712e1
57ea5cf5f8e920dfe1402b80c940e4e41294a70840585034e8d9e6533912200a
GET /contents/videos_screenshots/18000/18503/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 23288
last-modified: Sun, 19 Apr 2020 00:39:14 GMT
etag: "5e9b9db2-5af8"
expires: Thu, 27 Oct 2022 06:56:10 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 61907
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqnp7z5apyXUome%2BBPKmM1fyzVks6MrOlNKYQndss68EnfMvFBHCv1xnEtvZj33n4uvzOxg77XVuC8%2BS%2Fhanb%2F715fFZgG72slRBWNS9aSwPlx31EAnfHMQ3ju6n9wJo5BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619c70706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/51000/51272/320x180/1.jpg
172.64.96.12200 OK 23 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/51000/51272/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash c2af93f5ae5698024a590c5e536c7505
65d12ca802a93ae0832bc43c3d318d7e180fd765
409a176eb30db4d1eba4b4bd06b5f4091132f4e78805a09da65962a742a7e3c6
GET /contents/videos_screenshots/51000/51272/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 23386
last-modified: Sat, 20 Mar 2021 21:25:17 GMT
etag: "6056683d-5b5a"
expires: Thu, 27 Oct 2022 06:56:39 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 61700
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pesPAivzpv6CxK5cQsxyMY7GVu6NQeYc1kK5PW35Hkb%2BCXray37tOxaBpZEAY69MwsRZDyJfmYWuqawthBmWR%2FVLB9TfseM8YK2q%2FkarEpOqp8iQS74QJNWeXD81%2F8qSWEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619c90706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/96000/96437/320x180/1.jpg
172.64.96.12200 OK 20 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/96000/96437/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 2bca3884881ec2eb877e0b72f786fce5
6e8d8718d68d62b39d9e6dacdaf8daa9909d4743
b7e1c74686b0eed62e78de918aac59a15ab8576dafaa69213ab82b55ee422ad1
GET /contents/videos_screenshots/96000/96437/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 20064
last-modified: Fri, 12 Nov 2021 07:31:25 GMT
etag: "618e184d-4e60"
expires: Thu, 27 Oct 2022 06:51:14 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 31008
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYYf2Qz5nF85X20G2O0rTeLjcvHO6UHmCdXIijMQmLscgFoxehGBffnEWxbFIe%2Bn%2BNP7T%2BYTJmUQspsggKwLOspCI9ynUygxopC8T%2BVTMBi85fFlUFHsnbl8iUyD9qjT06A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619c80706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/12000/12801/320x180/1.jpg
172.64.96.12200 OK 21 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/12000/12801/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 40b56e132ce62d4f9947055e1725bca1
30079dafbf31fb9570d0d8fde0287cb9b5c41e6c
b550e8786e77094ac9e6d38e39a2be6f2a399e51db89cb45b1ef42b71c60aab4
GET /contents/videos_screenshots/12000/12801/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 20991
last-modified: Wed, 19 Feb 2020 18:58:12 GMT
etag: "5e4d8544-51ff"
expires: Thu, 27 Oct 2022 04:49:28 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 51347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIwAY2RGhCZG3xcafj0l%2FExuOHRfi4Xlr8BRqM3pZetgxgO%2F%2BYRJ7%2BwCZLAIZ%2Bdf9tB1HGMwQfjfeKTLrNz96THeBt3Y5lIPu0tqZMSy83zGt32VjQc5pq3xEviaOtefULY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619ca0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/102000/102243/320x180/1.jpg
172.64.96.12200 OK 23 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/102000/102243/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 86abf34e852d2731781fb6cd12aa2619
d024d36a54d2f7aaed72f3611dc9b4ee30caeb7e
5b74498ab0e98f082fbb2e0237e2672b84f98fd0d0c83ec2c7d8b3fa01793a43
GET /contents/videos_screenshots/102000/102243/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 22801
last-modified: Thu, 09 Dec 2021 08:12:09 GMT
etag: "61b1ba59-5911"
expires: Thu, 27 Oct 2022 06:20:06 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 46716
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wnWeOkOY5VCtKAk%2B8NuvtXr5Vhko3qn88uLA2wV10oqwf2epObVCKVj7%2BGWcgVy7NqsuCO7wi9wNxwi%2FP%2B%2FVmNDGPecsJmnunkX60h7KPgTJycI6D92uvwZuf1HwAVRiaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588629ce0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/132000/132448/320x180/1.jpg
172.64.96.12200 OK 25 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/132000/132448/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 76f3f8a4b950d86ad9d26e81021ab6a4
eac7e75352c9785ed41cf00b6abc8458516ea3f4
3c70ef3f02c11e6376669e7c3c66ce56f95133aa3942620105183228a566858f
GET /contents/videos_screenshots/132000/132448/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 24792
last-modified: Sun, 14 Aug 2022 06:37:33 GMT
etag: "62f8982d-60d8"
expires: Thu, 27 Oct 2022 03:12:03 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 50559
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe3CGGGTHA24xe9Nk5OFapXJ0ovrIaJ%2Fm%2BAgNSyBL2D6ePwM%2BfrcsfA%2BjDjSH5f19z%2Fvt26woXLguBOModqfsDyURcjCaB%2FqjQrQNI%2BIwmiSs3Ag6tWMHXDK9oDFd3Z99Io%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588629cd0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/76000/76809/320x180/1.jpg
172.64.96.12200 OK 26 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/76000/76809/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 77330a3fcfc8401f89fc15b872e6299e
51e5a4b0146a40ba421b520e9c5a2777a3452d88
5d24179d89e173314771bb2918d89c9c5147205253e5ca3f9d2597092550b86e
GET /contents/videos_screenshots/76000/76809/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 26050
last-modified: Tue, 03 Aug 2021 12:29:25 GMT
etag: "610936a5-65c2"
expires: Thu, 27 Oct 2022 04:38:28 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 51347
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YdZBdLSG8SuOv%2FTfVLkpv8z5xJbVEZ7615jn%2F9YGLsiQV4CZJhmHxh9QoD7zs3u88h6H1LwwD3p5VrPzgF%2BBAdtYyjh4gyv%2FCGfVaYTFldNjbVu5cszGlLjO9QbBKeQIzXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588629d20706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/4000/4937/320x180/1.jpg
172.64.96.12200 OK 17 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/4000/4937/320x180/1.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 9dc0360cbc816dd91a00aaae6f3afa30
1c4ecb77deaf0cb7c8a8f52e3d0e8015204280f9
cc7b0c2285b2b168d9e29f8a9ca6a097f6428c13c94e4dabf7049ecc792f7afb
GET /contents/videos_screenshots/4000/4937/320x180/1.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 17251
last-modified: Wed, 23 Oct 2019 22:36:18 GMT
etag: "5db0d5e2-4363"
expires: Wed, 26 Oct 2022 22:25:13 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: HIT
age: 83381
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duHEC3zC2CfJBirdaykTYOzEHsWbXfuW4Px7GP3eMmvwTyO45DgXPVWkFqsuGyevaTUPNWJks4JCE9504XV%2BIX0NXU7QlqPJsD0ybcjfKo%2B3HZyMYc04LOObZfUXgibEgAQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588629d30706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/49000/49949/320x180/4.jpg
172.64.96.12200 OK 12 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/49000/49949/320x180/4.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash bfaeb3dc35bcd774f733e89bff808ad8
aace68c83842ed9d171f47380d1262e05fa45673
a6d32c2ded7fb22493c7fd5689d316858f282b104acec7090763bc1a86d57550
GET /contents/videos_screenshots/49000/49949/320x180/4.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 12161
last-modified: Wed, 10 Mar 2021 18:05:33 GMT
etag: "60490a6d-2f81"
expires: Thu, 27 Oct 2022 19:05:43 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOZQkWQb6zKVCeDLCWL4q43wO6sHJJlWxDFBvRmJxeEHaDvU7IhzFdJ6etis8w4Rm3TKIkDgesQAJ0qVtgN%2Bw2aU3%2FbaXL5cXah9pBg05qYrPRX20m%2BkgvsjYZKOsx%2BHrdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619b80706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
205.185.216.42200 OK 24 kB URL HTTP/1.1 a.realsrv.com/ad-provider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 46504668ecf4671f582f5ba93a2f3c6b
8b165c478da3dd4fd4df3b40745733049b5acb0c
5230c0e2745fedbf038f97e374a5b6ea033434301aa86ec545eae37b29350799
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:07 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 23726
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"2bf044048f482551901a41a7444"
X-HW: 1664324767.dop227.sk1.t,1664324767.cds209.sk1.shn,1664324767.cds209.sk1.c
Access-Control-Allow-Origin: *, *
file.tktube.com/contents/videos_screenshots/49000/49949/320x180/3.jpg
172.64.96.12200 OK 9.5 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/49000/49949/320x180/3.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 7ada0a4bcd0896aee00c6849bc4a39ae
f5793e7e0382d27a4ccafff4d0552cdf46e2ba44
db33d3d2f93f2ca0212fd793bbfc8c780b57ae467acdf1715ee5e204bde152cc
GET /contents/videos_screenshots/49000/49949/320x180/3.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 9484
last-modified: Wed, 10 Mar 2021 18:05:33 GMT
etag: "60490a6d-250c"
expires: Fri, 28 Oct 2022 00:26:07 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtRDK1lv1Cjt7TjYWyochJcuujXte0b4wGPoC%2Bbt2FB2AbhNn5lRRtIbXYC2Jwet23wiEuK%2FHb3TLYguYJWWrp4shrQsd57uaJRXq2ngPwUrW6LlUe5fc6yA0LzAdetX%2B9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619b70706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/49000/49949/320x180/5.jpg
172.64.96.12200 OK 11 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/49000/49949/320x180/5.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 75e62495344507f01d69e394c8f30414
df0fc275531c69d6ed8a5348827ed6c4cb980f9e
5858526b2bc712fb35ca09b23292bb0128e246184a104f0bfe73013cabf5f578
GET /contents/videos_screenshots/49000/49949/320x180/5.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/jpeg
content-length: 10593
last-modified: Wed, 10 Mar 2021 18:05:33 GMT
etag: "60490a6d-2961"
expires: Fri, 28 Oct 2022 00:26:07 GMT
cache-control: max-age=31536000
x-cache-status: MISS
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4SuCoH%2FUtPj5OeVPh%2B90666BRcLybSECu6KTzIG3oh8cR%2FERgGqnCIbrrI84Aasc2ecqRkWpRNndVHaQpuKFUd0f%2FFaLNZj3UaVABPAf9a4KG4kSmX%2B1fhHSH313MsAGqRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588619b90706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.realsrv.com/video-slider.js
205.185.216.42200 OK 13 kB URL HTTP/1.1 a.realsrv.com/video-slider.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (45940), with no line terminators
Hash 07d750a289cf8a7c3c20af4b9ba0b63a
f9b0e0552166f7bdd385e44bc90454c2b511c87b
82e62d897cda2722a3a6cf931007edb26f1460db7e6f7a208dbb850c163feeba
GET /video-slider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:07 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 13053
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"73550e53a906252c92c7cdc1628"
X-HW: 1664324767.dop009.sk1.t,1664324767.cds009.sk1.shn,1664324767.dop009.sk1.t,1664324767.cds221.sk1.c
Access-Control-Allow-Origin: *, *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tktube.com/static/images/fonts/icomoon.ttf?nddhpi
172.64.96.12200 OK 9.6 kB URL HTTP/2 www.tktube.com/static/images/fonts/icomoon.ttf?nddhpi
IP 172.64.96.12:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 21263355cf739547055f2da9fd6759bd
762384d3af0de2d2bd630855b3f388326038ba92
2674595ece6d29bba3197719873b35d8e2893e9eb3a0271bad0ea717e9b3d405
GET /static/images/fonts/icomoon.ttf?nddhpi HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/static/styles/all-responsive-white.css?v=7.2
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: application/octet-stream
content-length: 9568
last-modified: Wed, 19 Jun 2019 06:54:16 GMT
etag: "5d09dc18-2560"
cache-control: max-age=31536000
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FB8dEtijrfIG623RdjYoqBR9KMHb%2F89iausTO4vnWKIm%2F52RJcmnFFqHKfU5r5HZ1bD%2BL8rrtbVFlvZ8XDmAYHQ6071yKbsFZKHfKndlFMdOk5oYInlgmEsu8aSdCIb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75185886ba2a0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=recaptchaOnLoad&render=explicit
142.250.74.164200 OK 576 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=recaptchaOnLoad&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (910), with no line terminators
Hash 37f63b0211ff3be39365f0e6e656ec10
82577218215aafe6c7720eef7e6e152105190ec6
22bd4752fbfaf098fe099603714af0bc46066dd47d405a0da1ed6449be2b9bdb
GET /recaptcha/api.js?onload=recaptchaOnLoad&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Sep 2022 00:26:07 GMT
date: Wed, 28 Sep 2022 00:26:07 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 576
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-36407794-11
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-36407794-11
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash 836deacce3fee35f99e308edc0324466
7f93ff64ee5c0f550edf85cdb62234d8fac32822
c613b5e57539695b91ff2eacd85ff2cca33d444ce56d75db85399d5c350bc923
GET /gtag/js?id=UA-36407794-11 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 00:26:07 GMT
expires: Wed, 28 Sep 2022 00:26:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43368
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 00:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 00:12:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3SRdxRAXDOMQdDbQU4HJpVqA6So_reZYDsCviVWM3t6U6kqV0M6lrw==
Age: 921
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash f8826519fae90d681854a581b06615c2
d2c22fa085aae20ff7d563cc44f9d44f898614cc
b0971fe17ce963c7a8aa3b18ac0f61b60ebfb12316dd01c12804e61cbce3f7e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:08 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 27 Sep 2022 08:27:05 GMT
Expires: Tue, 04 Oct 2022 08:27:04 GMT
Etag: "d2c22fa085aae20ff7d563cc44f9d44f898614cc"
Cache-Control: max-age=546655,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751858870edab4f7-OSL
poweredby.jads.co/js/jads.js
185.94.236.244301 Moved Permanently 178 B URL HTTP/1.1 poweredby.jads.co/js/jads.js
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 28 Sep 2022 00:26:08 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
104.22.58.221200 OK 22 kB URL HTTP/2 cdn.pncloudfl.com/pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg
IP 104.22.58.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash fd339d0abd644dfc62b8dcd2cd15bd2b
0af5c8cec4712fb169744df0ecc88faf9125e9df
385adfface9b1e607e43242a9d9877fbdf7c71278940709ecad3d2e53e0e931a
GET /pn/514/b34/fc1/514b34fc18d3f446e094227228e3b1595fe3abf9.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: image/webp
content-length: 22450
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=40774
content-disposition: inline; filename="514b34fc18d3f446e094227228e3b1595fe3abf9.webp"
etag: 19e0f2a507ac755f9419ea98d0121544
expires: Wed, 28 Sep 2022 22:52:58 GMT
last-modified: Thu, 22 Sep 2022 09:48:57 GMT
vary: Accept
x-openstack-request-id: tx7c030a591e2a48f1aae4d-00632c2fcb
x-proxy-cache: HIT
x-timestamp: 1663840136.02468
x-trans-id: tx7c030a591e2a48f1aae4d-00632c2fcb
cf-cache-status: HIT
age: 91990
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 75185888ddbc1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tktube.com/static/styles/all-responsive-white.css?v=7.2
172.64.96.12200 OK 24 kB URL HTTP/2 www.tktube.com/static/styles/all-responsive-white.css?v=7.2
IP 172.64.96.12:0
File type ASCII text, with very long lines (15274), with CRLF line terminators
Hash f87bd5bee6cea9b7e63f18e570ae53ca
5ac8aac882d462d3e5b679991aaafa4ed71a1417
102f204578fbfc176af04e0e4447a4abde34bf9e0a94729a8e479030853c988f
GET /static/styles/all-responsive-white.css?v=7.2 HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Jun 2019 06:54:16 GMT
etag: W/"5d09dc18-279fd"
expires: Wed, 28 Sep 2022 12:16:07 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OB5VviEdM7jmDNVT6mwAzfV%2F7uMmP0s23BM0UQEPr5se96nMHPhO%2Fq2TH1eiIayCYWoNZL%2BamNZP2IWR3LvjGqYPiQXNxYikZ4gtQI10iHwrVdFL218bItzI21K1mrKJuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75185885f98d0706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tktube.com/static/images/search.svg
172.64.96.12200 OK 1.1 kB URL HTTP/2 www.tktube.com/static/images/search.svg
IP 172.64.96.12:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (545)
Hash 9cba3992ebb8ef2de97aa576d7ab4901
51265d237068ccc861f9e29e7eb3abbea07b63ef
c248e1b389d32e2a63bb37a6f536f45f1b29920894f0fda9f3dae427e5422ad2
GET /static/images/search.svg HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/static/styles/all-responsive-white.css?v=7.2
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Jun 2019 06:54:16 GMT
etag: W/"5d09dc18-c43"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4260
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gY3BL3H2y8kAv%2BuJOi0fvUrkx54VAlK2%2BbwXfRV3HLpcX3X0H3EY2daBAoTLmZt82qHC3HQSlI8SIgO1sSjb2psGZxXwonLgIB1kPuaL9C1APHLq6caymheQ3KVVd%2B1FFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588669f90706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads2.js
185.94.236.244200 OK 1.7 kB URL HTTP/1.1 poweredby.jads.co/js/jads2.js
IP 185.94.236.244:0
File type ASCII text, with very long lines (3758), with no line terminators
Hash 558e1b61fc513016183a3812938e79fb
5f72ea61a2aad8f7a0956321d3fd8524db70eddf
a79f8c0aabfc2d1d45e4df2a86ca9172d292b08987f7a9d5c10bd10abf3aef54
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.tktube.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:08 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 11 Jul 2022 00:36:11 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"62cb707b-eae"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6348
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:08 GMT
Last-Modified: Tue, 27 Sep 2022 22:40:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
nimhuemark.com/solid.gif?z=1843476&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 nimhuemark.com/solid.gif?z=1843476&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1843476&abvar=0 HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
inopportunetorn.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
192.243.59.12200 OK 29 kB URL HTTP/1.1 inopportunetorn.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 9ea3ea887e422ea2df62162ea0be9940
f23c7c1f647463c2e20a864609ca03b7922a71a6
ecea434111cae5b2f9bdc3f1faa0b106e2e42f32f5cc29b6c2ed4867c98ab09a
Analyzer Verdict Alert quad9 Sinkholed
GET /1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js HTTP/1.1
Host: inopportunetorn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 00:26:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ddf3f75f69690100cfbae7195864b8b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /b8BUyQiQIHGHplMTTSnoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FBIc3okGQ3MZDMLsLTGH6iETW0U=
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 281a1314db9ff5d58e798af43ff5006a
91257ac2f1882606b05a985115645908572a00a1
9f3ff1aea2eeba30718c8516117dd6feb67277d27cf4e7b60cbf5f25353cad73
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9F3FF1AEA2EEBA30718C8516117DD6FEB67277D27CF4E7B60CBF5F25353CAD73"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12773
Expires: Wed, 28 Sep 2022 03:59:01 GMT
Date: Wed, 28 Sep 2022 00:26:08 GMT
Connection: keep-alive
syndication.realsrv.com/splash.php?idzone=4384438&cookieconsent=true
95.211.229.245200 OK 2.6 kB URL HTTP/1.1 syndication.realsrv.com/splash.php?idzone=4384438&cookieconsent=true
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1530)
Hash 7999bc086cc76a72857a35150a07ae6a
55b52a492a0119a63ceb764a858d1acfe6800abe
4bd9d24d8fc3cc758f5c15a37d1c28033deffa9823f9b0c39f0379d122b6f4a7
GET /splash.php?idzone=4384438&cookieconsent=true HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:08 GMT
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0a89896.293151721671997546%22%3B%7D; expires=Fri, 27 Sep 2024 00:26:08 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4384438%7C75938560%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Ctktube.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D; expires=Thu, 29 Sep 2022 00:26:08 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Cache-Control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://www.tktube.com
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash b3d6b07e3998c6d4341acb2b263e609e
12e3561297d635de3fbd5212e2ae66a6e91ac673
534a36edebee87dbf492d6b5895e47385e65849b261348ab3623a8e17dc323cc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 28 Sep 2022 00:26:08 GMT
Last-Modified: Tue, 27 Sep 2022 22:42:00 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: biCzGtj1o41w-4Y_a4-pxPbXdIrIxK_bVSu5ZnStbNf9BPQ3yC3T2A==
Age: 6248
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash e51ded653615838f81e12186a783f533
24cc30d73b104b6fe4184385576661b7449a90d7
7e538f4d7ba8174cb5be9b11908459aecf1667d2c8bf9a90be3cc018c8da1723
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.tktube.com
access-control-allow-credentials: true
set-cookie: uid_id2=623d719a-0987-45e3-a8d2-6e48237b5a09:1:1; expires=Sat, 25 Sep 2032 00:26:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
nimhuemark.com/solid.gif?z=1843476&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 nimhuemark.com/solid.gif?z=1843476&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1843476&abvar=0 HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: UID=2209271926af143cd855ae4b179341c3ccf8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.234.254200 OK 28 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.234.254:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 27a457972d6f73b6be0258a66cc745e0
2a51a4001776726a3ae2015ec96c56d5cab86420
377916ac92c6ca9b6b6787e0fe4cbebb1c3c864f52ffdeb54f0cae49f68a822a
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3d0b27dc2c50cbc48f86f82554bafe1a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 28 Sep 2022 00:26:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fG9O1g2wStlF3PMV5b0Q1h%2FeK4tuLVgYKmfJbtDOrCbtkEgaHjJZGHuX5uzYUkGg22QnhtuSoEVW3GNngBqcolHWI0lapc3%2B6PoAiuW2g6wBzmtLKnMLjD4iNiYXZt5Wm0kfQkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588c09eee620-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 883ec1194dab27f778c6fc13746bc546
a9c5d6785a5a04b1745e3954ea16b0d4f43f49bb
a61fd3ca2cbb4daea1e4c1d7d70e9f106d7dbab3a801a75d06c8c5ec39697e32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A61FD3CA2CBB4DAEA1E4C1D7D70E9F106D7DBAB3A801A75D06C8C5EC39697E32"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14683
Expires: Wed, 28 Sep 2022 04:30:52 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
www.tktube.com/player/skin/img/play_white.png
172.64.96.12200 OK 3.7 kB URL HTTP/2 www.tktube.com/player/skin/img/play_white.png
IP 172.64.96.12:0
File type PNG image data, 120 x 120, 8-bit gray+alpha, non-interlaced\012- data
Hash f9a6b1c24a8858cf91b1f79ccecb8544
e63232a567ab4c0d09dcd7c9649abbc747e6d2a2
e13296a19c623cff752620a9f03aa2b920a13ea08a1d2292ebd423a2e0feeb2c
GET /player/skin/img/play_white.png HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/player/skin/youtube.css
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.1.699724199.1664324767
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/png
content-length: 3679
last-modified: Wed, 19 Jun 2019 06:54:32 GMT
etag: "5d09dc28-e5f"
expires: Sun, 23 Oct 2022 20:50:58 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 358511
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQVt%2B%2BAM4E7EsmkUkhari7IETXbXUvsH1NqUWLtvqfuUgd1CczZrR9aLGmkjCCzQ9aDFxp6FQ1qAgueYQdfUHUNOEiylqH4D5tvczTSVh4Y4VHwVk70vFifQILGfJpODaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588e6f530706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nimhuemark.com/get/1843476?zoneid=1843476&jp=_clt598ggp3ex1i0dljzkgd&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331197838554840
62.122.171.6200 OK 2.3 kB URL HTTP/2 nimhuemark.com/get/1843476?zoneid=1843476&jp=_clt598ggp3ex1i0dljzkgd&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331197838554840
IP 62.122.171.6:0
Hash 74977b7f74ccfc8f4a1d26c4a20bef17
3839acef75b815999206966f5cf77522603a1c99
323603fd3cd4da8060f7e20474db33c81d006c740b6ba644bc69242d1336ebef
GET /get/1843476?zoneid=1843476&jp=_clt598ggp3ex1i0dljzkgd&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331197838554840 HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: UID=2209271926af143cd855ae4b179341c3ccf8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
file.tktube.com/contents/videos_screenshots/49000/49949/preview_720p.mp4.jpg
172.64.96.12200 OK 193 kB URL HTTP/2 file.tktube.com/contents/videos_screenshots/49000/49949/preview_720p.mp4.jpg
IP 172.64.96.12:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x537, components 3\012- data
Size 193 kB (192569 bytes)
Hash 065063e7089fa4fc1b2d6f7e5258a703
499e11e8537e09126df2a700c8c76cd81847099f
fe269231eb25dd174f44493e15d8fcc15a4d07a446c62ecb5ec1e3dfa68246fe
GET /contents/videos_screenshots/49000/49949/preview_720p.mp4.jpg HTTP/1.1
Host: file.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.1.699724199.1664324767
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/jpeg
content-length: 192569
last-modified: Wed, 10 Mar 2021 18:05:33 GMT
etag: "60490a6d-2f039"
expires: Thu, 27 Oct 2022 19:05:44 GMT
cache-control: max-age=31536000
x-cache-status: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RoeV2eydAnt5ell6zMrYyQw4RXFEIsh1gMvjktaSC7NeuwvY9Hs%2BTkBbt%2FcFig7BfzRTB6FnFT14aPNGLDeEAZij%2Bbyn%2BrVtk%2F8WKZqm%2Bn0cfQlx0TS8kYMmu5g1xbuhZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7518588e5f3c0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
governessmagnituderecoil.com/pixel/purst?dl=0&th=0&sc=0&rs=1534&rd=1534&fd=956&bv=22.8.v.2&tmpl=136
192.243.59.12200 OK 0 B URL HTTP/1.1 governessmagnituderecoil.com/pixel/purst?dl=0&th=0&sc=0&rs=1534&rd=1534&fd=956&bv=22.8.v.2&tmpl=136
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1534&rd=1534&fd=956&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: governessmagnituderecoil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
inopportunetorn.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
192.243.59.12200 OK 29 kB URL HTTP/1.1 inopportunetorn.com/1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash eef6241056852163774cc046ba980249
cb0ea106f848ec6abe85b13dbb0024f7700b14fa
bfa100488f1ab59a41626f382381cdb71fad5acd309ea05e56ced27288031fe4
Analyzer Verdict Alert quad9 Sinkholed
GET /1c/7e/2f/1c7e2f1280cb5040773607debbc5e1dc.js HTTP/1.1
Host: inopportunetorn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7cbb89951a70d5cc7425e035baa93748
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
xwlketvkzf.com/chicken.gif?z=1922602&pb=5a0d56a121a40fcaf495c33450c2052f1664331969&psp=mg1PHqbt21xCYzblLp1RYUcGozzHQn5augHbaF5NY5MwzMs98ifwAowHxEqR6G4OANl0Ubg_HOtff2W_-yuVns_Kh4XUM632P97YLngPi0jxB-P6GaMJIHl-VwrwUgFMnDu_tWOXKkntjxwJoHvZrJQ7eVKwfASG5gVnvfZ1edNskd38o3esjfIv6Gsj_EMdzd5EYHrw9lP26eDOOI1KCgMjCYE-Cz008rDZqkE4gzpx6RcMnAtP9pEP8f8h5AYZtkFTqXmwppa3Gbd5LvGHXcOm9y2O9oUINAtWPEtV_O0GR6iMudHvGcaemX2XTSEPXdjKulg-U7BnJDpV-fAKL3W_3qANb5bTVwTMoww9B6IH9nMEf3f-XvGUAtV2BVhCcss72bu7G4UZ7_Ne2mrJR-kNn7ePnIzo6JyL_MtzdvU14Nxndxc12it7AS3DmSntLLIzHal573I9C5amcs-HhVaF0ZHaJNGXaDyrEfhsnq3XuZH9DmrfvpsYWcK5EGj-SIVoqzkgRR4mbFM3eHx9AuotIXeYpbQ9T1DtlAk-01LlHuew8rI0K-10fK_jSiDwhCKtlxhfoV2O8v4oPECnbI21IAAekbfOy5RaYXgVeQjTF02GPdon9ynnQzsKflLBl4JLbbch1P-sajeAFVHZey8GVLVqX9y_rHt6ykF8CjatnC5BIGrMpBhY4ApFhoktRyoW4ZQb4Iw=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 xwlketvkzf.com/chicken.gif?z=1922602&pb=5a0d56a121a40fcaf495c33450c2052f1664331969&psp=mg1PHqbt21xCYzblLp1RYUcGozzHQn5augHbaF5NY5MwzMs98ifwAowHxEqR6G4OANl0Ubg_HOtff2W_-yuVns_Kh4XUM632P97YLngPi0jxB-P6GaMJIHl-VwrwUgFMnDu_tWOXKkntjxwJoHvZrJQ7eVKwfASG5gVnvfZ1edNskd38o3esjfIv6Gsj_EMdzd5EYHrw9lP26eDOOI1KCgMjCYE-Cz008rDZqkE4gzpx6RcMnAtP9pEP8f8h5AYZtkFTqXmwppa3Gbd5LvGHXcOm9y2O9oUINAtWPEtV_O0GR6iMudHvGcaemX2XTSEPXdjKulg-U7BnJDpV-fAKL3W_3qANb5bTVwTMoww9B6IH9nMEf3f-XvGUAtV2BVhCcss72bu7G4UZ7_Ne2mrJR-kNn7ePnIzo6JyL_MtzdvU14Nxndxc12it7AS3DmSntLLIzHal573I9C5amcs-HhVaF0ZHaJNGXaDyrEfhsnq3XuZH9DmrfvpsYWcK5EGj-SIVoqzkgRR4mbFM3eHx9AuotIXeYpbQ9T1DtlAk-01LlHuew8rI0K-10fK_jSiDwhCKtlxhfoV2O8v4oPECnbI21IAAekbfOy5RaYXgVeQjTF02GPdon9ynnQzsKflLBl4JLbbch1P-sajeAFVHZey8GVLVqX9y_rHt6ykF8CjatnC5BIGrMpBhY4ApFhoktRyoW4ZQb4Iw=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1922602&pb=5a0d56a121a40fcaf495c33450c2052f1664331969&psp=mg1PHqbt21xCYzblLp1RYUcGozzHQn5augHbaF5NY5MwzMs98ifwAowHxEqR6G4OANl0Ubg_HOtff2W_-yuVns_Kh4XUM632P97YLngPi0jxB-P6GaMJIHl-VwrwUgFMnDu_tWOXKkntjxwJoHvZrJQ7eVKwfASG5gVnvfZ1edNskd38o3esjfIv6Gsj_EMdzd5EYHrw9lP26eDOOI1KCgMjCYE-Cz008rDZqkE4gzpx6RcMnAtP9pEP8f8h5AYZtkFTqXmwppa3Gbd5LvGHXcOm9y2O9oUINAtWPEtV_O0GR6iMudHvGcaemX2XTSEPXdjKulg-U7BnJDpV-fAKL3W_3qANb5bTVwTMoww9B6IH9nMEf3f-XvGUAtV2BVhCcss72bu7G4UZ7_Ne2mrJR-kNn7ePnIzo6JyL_MtzdvU14Nxndxc12it7AS3DmSntLLIzHal573I9C5amcs-HhVaF0ZHaJNGXaDyrEfhsnq3XuZH9DmrfvpsYWcK5EGj-SIVoqzkgRR4mbFM3eHx9AuotIXeYpbQ9T1DtlAk-01LlHuew8rI0K-10fK_jSiDwhCKtlxhfoV2O8v4oPECnbI21IAAekbfOy5RaYXgVeQjTF02GPdon9ynnQzsKflLBl4JLbbch1P-sajeAFVHZey8GVLVqX9y_rHt6ykF8CjatnC5BIGrMpBhY4ApFhoktRyoW4ZQb4Iw=&abvar=0&os=0 HTTP/1.1
Host: xwlketvkzf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=220927192683e7631e576e40e9b6f1c0647b; OACICAP=ACImmwAAAAAAAAAB; OACIBLOCK=ACImmwAAAABjMoNQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACImmwAAAAAAAAABACIuUwAAAAAAAAAB; Path=/; Expires=Fri, 28 Oct 2022 00:26:09 GMT; Secure; SameSite=None
OACIBLOCK=ACImmwAAAABjMoNQACIuUwAAAABjMoNQ; Path=/; Expires=Fri, 28 Oct 2022 00:26:09 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 29 Sep 2022 00:26:09 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash fbae9a3ca4096d73ab8df703ed4a01ab
322f7a5bce762f479dac834e29d9a02ddf0fce1b
8ee01374c0e32f3cac19e163ecf7c9873446e67a03464602a3ab79eef90fb2bc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 17:56:28 GMT
Expires: Mon, 03 Oct 2022 17:56:27 GMT
Etag: "322f7a5bce762f479dac834e29d9a02ddf0fce1b"
Cache-Control: max-age=494417,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7518588e5b13b4f7-OSL
cdn.tsyndicate.com/sdk/v1/bi.js
8.254.252.210200 OK 3.3 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/bi.js
IP 8.254.252.210:0
File type C source, ASCII text, with very long lines (7675)
Hash 994ce2eb3c88a9c1025564da2a49a681
8f8e617b60e5626becb9bd5e4edd5461ccf4279e
8927431d37a4d03469c7d618a05ac02c7149c988766fb34667f06f1310a2246e
GET /sdk/v1/bi.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: application/javascript
content-length: 3253
last-modified: Mon, 19 Sep 2022 08:53:30 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"63282e0a-1e1a"
age: 744563
accept-ranges: bytes
X-Firefox-Spdy: h2
mc7clurd09pla4nrtat7ion.com/solid.gif?z=1843476&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 mc7clurd09pla4nrtat7ion.com/solid.gif?z=1843476&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1843476&abvar=0 HTTP/1.1
Host: mc7clurd09pla4nrtat7ion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
u3y8v8u4.aucdn.net/library/802424/d99d56556b71b25499dff2e104e80de94aef9a8b.mp4
185.76.9.16206 Partial Content 51 kB URL HTTP/2 u3y8v8u4.aucdn.net/library/802424/d99d56556b71b25499dff2e104e80de94aef9a8b.mp4
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 67df38afdcd2ddf8ecf69b7aec0ba19a
e122b10b48cb6ab31630798436d45554c0322bed
8f45fafcdb9e7895a1ec686c0d2c9fea1583eb1e8cd4b74c5b8ec4d4d977f7e0
GET /library/802424/d99d56556b71b25499dff2e104e80de94aef9a8b.mp4 HTTP/1.1
Host: u3y8v8u4.aucdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: video/mp4
content-length: 12172614
last-modified: Thu, 22 Sep 2022 14:26:02 GMT
etag: "632c707a-b9bd46"
expires: Fri, 22 Sep 2023 14:36:03 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1695393676
server: CDN77-Turbo
x-77-nzt: AblMCQ3Vlgv/lSAHAA
x-77-nzt-ray: 0TRfGabY7OU
x-cache: HIT
x-age: 467093
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-12172613/12172614
X-Firefox-Spdy: h2
cdn18685953.ahacdn.me/skins/bannerdating4.png
45.133.44.20200 OK 9.6 kB URL HTTP/2 cdn18685953.ahacdn.me/skins/bannerdating4.png
IP 45.133.44.20:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 147 x 153, 8-bit/color RGBA, non-interlaced\012- data
Hash 56f07e0d933a1f7211667b4cc4a7db80
daf466fe3e15cc69bcf6b1d2592ba2d33357250f
5cc8d7fef92d8de943e1979813099b5f825d12443a29cf008928de90197b7118
GET /skins/bannerdating4.png HTTP/1.1
Host: cdn18685953.ahacdn.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/png
content-length: 9644
server: nginx/1.16.1
last-modified: Wed, 28 Jul 2021 08:50:24 GMT
etag: 56f07e0d933a1f7211667b4cc4a7db80
x-timestamp: 1627462223.18881
x-trans-id: tx9ec40df6ae564c1abf95a-0061c43775
x-openstack-request-id: tx9ec40df6ae564c1abf95a-0061c43775
cache-control: max-age=172800
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Fri, 30 Sep 2022 00:26:09 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=864813
185.94.236.244200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=864813
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (301), with CRLF, LF line terminators
Hash 8fa883ee8e0a303ae205faffdabaa043
7763b9786b97cc29a1ecc3c93539d754ffe11eed
fe7af39f67d7c94c013819ab33560ce9b301ccf5c00203564a02b73688043a20
GET /adshow.php?adzone=864813 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a2a2dfdc0d0f74713fe1b54269190981; expires=Thu, 28-Sep-2023 00:26:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sat, 01-Oct-2022 00:26:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 01-Oct-2022 00:26:08 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 22:41:09 GMT
expires: Wed, 28 Sep 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 6300
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc7clurd09pla4nrtat7ion.com/get/1843476?zoneid=1843476&jp=_cll5lr2b9vwh1x781zxkji&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331197838653044
62.122.171.6200 OK 1.3 kB URL HTTP/2 mc7clurd09pla4nrtat7ion.com/get/1843476?zoneid=1843476&jp=_cll5lr2b9vwh1x781zxkji&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331197838653044
IP 62.122.171.6:0
Hash 896a47d26cae8bf613e5be0f973b8b42
bb544f33f3a9d2192465573baf4f11e209f83d2b
28ec89b57f103e4c230f8d086a241f3d30d3af3db1b4654cea8103b6a223c19e
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1843476?zoneid=1843476&jp=_cll5lr2b9vwh1x781zxkji&nojs=0&ix=0&abvar=0&t=0&x=801&y=801&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4331197838653044 HTTP/1.1
Host: mc7clurd09pla4nrtat7ion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22092719265e854b176aa84bca817b9e7ba1; Path=/; Expires=Thu, 28 Sep 2023 00:26:09 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bf270d8d16a1ec6ea1d489320f6f04c9
eb510c01136cdb1f79aae200730a6d2b798489df
4bdbb015229744095c9f75a84aefb115f57e0d363e8d9af43268e66592971cb4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDBB015229744095C9F75A84AEFB115F57E0D363E8D9AF43268E66592971CB4"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11649
Expires: Wed, 28 Sep 2022 03:40:18 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
142.250.74.163200 OK 158 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (826)
Size 158 kB (158248 bytes)
Hash db1b5789e9915e9c82f5df92e5982980
2e193e502995501c85f45fd89d9f83707a7f9573
db9c82b18117d7cff0f674de758f5bbb39bc6dee969cee679c741090968b9206
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:25:55 GMT
expires: Mon, 25 Sep 2023 22:25:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 180014
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
95.211.229.245200 OK 5.6 kB URL HTTP/1.1 syndication.realsrv.com/v1/api.php
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (10861), with no line terminators
Hash ab9cf73252d823864dbb54f94373539a
fb2b0c7b43d333812538a509a934caa6edbf8edf
9717ab6dc6d2ee62790e262d420bc12e388c481c0b298e05e0d7023805ba92b3
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 339
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.tktube.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; expires=Fri, 27-Sep-2024 00:26:09 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
www.google-analytics.com/j/collect?v=1&_v=j97&a=859213221&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tktube.com%2Fvideos%2F49949%2Fokax-623-50-20-240%2F&ul=en-us&de=UTF-8&dt=OKAX-623%20%E7%86%9F%E5%A5%B3%E9%A2%A8%E4%BF%97%E5%AC%A2%E3%81%AF50%E4%BB%A3%E3%82%92%E8%B6%85%E3%81%88%E3%82%8B%E3%81%A8%E6%9C%AC%E7%95%AA%E7%A2%BA%E7%8E%87%E3%81%8C%E9%AB%98%E3%81%BE%E3%82%8B%EF%BC%81%E3%81%AE%E3%81%AF%E3%83%9B%E3%83%B3%E3%83%88%EF%BC%9F%E7%AA%81%E5%85%A5%E5%8F%A3%E8%AA%AC%E3%81%8D20%E4%BA%BA%E3%83%81%E3%83%A3%E3%83%AC%E3%83%B3%E3%82%B8%E5%A4%B1%E6%95%97%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%94%E5%AE%B9%E8%B5%A6%E4%B8%8B%E3%81%95%E3%81%84240%E5%88%86&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAAC~&jid=909904084&gjid=1538365151&cid=699724199.1664324767&tid=UA-36407794-11&_gid=1840436100.1664324767&_r=1>m=2ou9q0&z=1332917524
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=859213221&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tktube.com%2Fvideos%2F49949%2Fokax-623-50-20-240%2F&ul=en-us&de=UTF-8&dt=OKAX-623%20%E7%86%9F%E5%A5%B3%E9%A2%A8%E4%BF%97%E5%AC%A2%E3%81%AF50%E4%BB%A3%E3%82%92%E8%B6%85%E3%81%88%E3%82%8B%E3%81%A8%E6%9C%AC%E7%95%AA%E7%A2%BA%E7%8E%87%E3%81%8C%E9%AB%98%E3%81%BE%E3%82%8B%EF%BC%81%E3%81%AE%E3%81%AF%E3%83%9B%E3%83%B3%E3%83%88%EF%BC%9F%E7%AA%81%E5%85%A5%E5%8F%A3%E8%AA%AC%E3%81%8D20%E4%BA%BA%E3%83%81%E3%83%A3%E3%83%AC%E3%83%B3%E3%82%B8%E5%A4%B1%E6%95%97%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%94%E5%AE%B9%E8%B5%A6%E4%B8%8B%E3%81%95%E3%81%84240%E5%88%86&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAAC~&jid=909904084&gjid=1538365151&cid=699724199.1664324767&tid=UA-36407794-11&_gid=1840436100.1664324767&_r=1>m=2ou9q0&z=1332917524
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j97&a=859213221&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tktube.com%2Fvideos%2F49949%2Fokax-623-50-20-240%2F&ul=en-us&de=UTF-8&dt=OKAX-623%20%E7%86%9F%E5%A5%B3%E9%A2%A8%E4%BF%97%E5%AC%A2%E3%81%AF50%E4%BB%A3%E3%82%92%E8%B6%85%E3%81%88%E3%82%8B%E3%81%A8%E6%9C%AC%E7%95%AA%E7%A2%BA%E7%8E%87%E3%81%8C%E9%AB%98%E3%81%BE%E3%82%8B%EF%BC%81%E3%81%AE%E3%81%AF%E3%83%9B%E3%83%B3%E3%83%88%EF%BC%9F%E7%AA%81%E5%85%A5%E5%8F%A3%E8%AA%AC%E3%81%8D20%E4%BA%BA%E3%83%81%E3%83%A3%E3%83%AC%E3%83%B3%E3%82%B8%E5%A4%B1%E6%95%97%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%94%E5%AE%B9%E8%B5%A6%E4%B8%8B%E3%81%95%E3%81%84240%E5%88%86&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAAC~&jid=909904084&gjid=1538365151&cid=699724199.1664324767&tid=UA-36407794-11&_gid=1840436100.1664324767&_r=1>m=2ou9q0&z=1332917524 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.tktube.com
date: Wed, 28 Sep 2022 00:26:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-R6X849L82V>m=2oe9q0&_p=859213221&cid=699724199.1664324767&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664324766&sct=1&seg=0&dl=https%3A%2F%2Fwww.tktube.com%2Fvideos%2F49949%2Fokax-623-50-20-240%2F&dt=OKAX-623%20%E7%86%9F%E5%A5%B3%E9%A2%A8%E4%BF%97%E5%AC%A2%E3%81%AF50%E4%BB%A3%E3%82%92%E8%B6%85%E3%81%88%E3%82%8B%E3%81%A8%E6%9C%AC%E7%95%AA%E7%A2%BA%E7%8E%87%E3%81%8C%E9%AB%98%E3%81%BE%E3%82%8B%EF%BC%81%E3%81%AE%E3%81%AF%E3%83%9B%E3%83%B3%E3%83%88%EF%BC%9F%E7%AA%81%E5%85%A5%E5%8F%A3%E8%AA%AC%E3%81%8D20%E4%BA%BA%E3%83%81%E3%83%A3%E3%83%AC%E3%83%B3%E3%82%B8%E5%A4%B1%E6%95%97%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%94%E5%AE%B9%E8%B5%A6%E4%B8%8B%E3%81%95%E3%81%84240%E5%88%86&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-R6X849L82V>m=2oe9q0&_p=859213221&cid=699724199.1664324767&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664324766&sct=1&seg=0&dl=https%3A%2F%2Fwww.tktube.com%2Fvideos%2F49949%2Fokax-623-50-20-240%2F&dt=OKAX-623%20%E7%86%9F%E5%A5%B3%E9%A2%A8%E4%BF%97%E5%AC%A2%E3%81%AF50%E4%BB%A3%E3%82%92%E8%B6%85%E3%81%88%E3%82%8B%E3%81%A8%E6%9C%AC%E7%95%AA%E7%A2%BA%E7%8E%87%E3%81%8C%E9%AB%98%E3%81%BE%E3%82%8B%EF%BC%81%E3%81%AE%E3%81%AF%E3%83%9B%E3%83%B3%E3%83%88%EF%BC%9F%E7%AA%81%E5%85%A5%E5%8F%A3%E8%AA%AC%E3%81%8D20%E4%BA%BA%E3%83%81%E3%83%A3%E3%83%AC%E3%83%B3%E3%82%B8%E5%A4%B1%E6%95%97%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%94%E5%AE%B9%E8%B5%A6%E4%B8%8B%E3%81%95%E3%81%84240%E5%88%86&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-R6X849L82V>m=2oe9q0&_p=859213221&cid=699724199.1664324767&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664324766&sct=1&seg=0&dl=https%3A%2F%2Fwww.tktube.com%2Fvideos%2F49949%2Fokax-623-50-20-240%2F&dt=OKAX-623%20%E7%86%9F%E5%A5%B3%E9%A2%A8%E4%BF%97%E5%AC%A2%E3%81%AF50%E4%BB%A3%E3%82%92%E8%B6%85%E3%81%88%E3%82%8B%E3%81%A8%E6%9C%AC%E7%95%AA%E7%A2%BA%E7%8E%87%E3%81%8C%E9%AB%98%E3%81%BE%E3%82%8B%EF%BC%81%E3%81%AE%E3%81%AF%E3%83%9B%E3%83%B3%E3%83%88%EF%BC%9F%E7%AA%81%E5%85%A5%E5%8F%A3%E8%AA%AC%E3%81%8D20%E4%BA%BA%E3%83%81%E3%83%A3%E3%83%AC%E3%83%B3%E3%82%B8%E5%A4%B1%E6%95%97%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%81%94%E5%AE%B9%E8%B5%A6%E4%B8%8B%E3%81%95%E3%81%84240%E5%88%86&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.tktube.com
date: Wed, 28 Sep 2022 00:26:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b78f91affaafa269dd35ef38c812fc2
25d29332ab1d7d0f255d5597c45849b1981c94c4
1ddfc6fe9835ad89f2d59a02dc58cb60c82895a488db64649bdc4f9acddf3dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DDFC6FE9835AD89F2D59A02DC58CB60C82895A488DB64649BDC4F9ACDDF3DAC"
Last-Modified: Tue, 27 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11940
Expires: Wed, 28 Sep 2022 03:45:09 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
r.trwl1.com/s1/b285dcb5-9c63-46ab-b11a-63616469dbaa?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=154410&cv4=255707&cv5=864813&cv6=
185.98.53.17200 OK 749 B URL HTTP/1.1 r.trwl1.com/s1/b285dcb5-9c63-46ab-b11a-63616469dbaa?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=154410&cv4=255707&cv5=864813&cv6=
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (553)
Hash 0f158d2e898a1228b7d18afc7315e446
809741d3bee2316e29eada5a94cb44d51130c707
d1152968ce50607647ed7303f7a64eb99d6e0a9943e9f9cc518052af4a87592e
GET /s1/b285dcb5-9c63-46ab-b11a-63616469dbaa?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=154410&cv4=255707&cv5=864813&cv6= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 749
Connection: close
Set-Cookie: uid=V_Fpb0atMH; Path=/; Domain=trwl1.com; Expires=Thu, 29 Sep 2022 00:26:09 GMT; HttpOnly
X-Request-Id: c197516c-9d8e-4b3d-8a8f-b0f611b12536
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6974aeeda270142a361b4a4db6fefac6
cb5d4655286e43f6a4899dc87483f2d13ac427f3
174ad195c5e55bbd44c930c0cc336bc466645738f92c74bc564cb7705ca068ff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 15:56:17 GMT
Expires: Sat, 01 Oct 2022 15:56:16 GMT
Etag: "cb5d4655286e43f6a4899dc87483f2d13ac427f3"
Cache-Control: max-age=314406,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751858920d45b4f7-OSL
s3t3d2y8.afcdn.net/library/379728/b3ce69a50c097954ee85a6f0bde8c4784d5a2b78.webp
185.76.9.16200 OK 9.6 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/379728/b3ce69a50c097954ee85a6f0bde8c4784d5a2b78.webp
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 85eb3bf2f52bcbe7eb3b5ff4f014d0f8
b3ce69a50c097954ee85a6f0bde8c4784d5a2b78
532fe805bc910e1c03546876735a63895f695ec6ab0a479a69b8c18a8980d96b
GET /library/379728/b3ce69a50c097954ee85a6f0bde8c4784d5a2b78.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/webp
content-length: 9598
last-modified: Sun, 12 Jun 2022 09:12:56 GMT
etag: "62a5ae18-257e"
expires: Sat, 01 Jul 2023 11:25:39 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688305477
server: CDN77-Turbo
x-77-nzt: AblMCQ1kdYD/3EhzAA
x-77-nzt-ray: kJVakVul0pM
x-cache: HIT
x-age: 7555292
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
s3t3d2y8.afcdn.net/library/379728/e4f1be041510ae6126c9c59fcaa312da299ef8cb.webp
185.76.9.16200 OK 25 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/379728/e4f1be041510ae6126c9c59fcaa312da299ef8cb.webp
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9810eb98c65abe98afab4610f227f28e
e4f1be041510ae6126c9c59fcaa312da299ef8cb
948c917d548a5b9a8af87add54a87e080d4c38ae71a96329fff68da64d8256ac
GET /library/379728/e4f1be041510ae6126c9c59fcaa312da299ef8cb.webp HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/webp
content-length: 24924
last-modified: Thu, 16 Jun 2022 09:31:47 GMT
etag: "62aaf883-615c"
expires: Tue, 29 Aug 2023 12:12:59 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1693312955
server: CDN77-Turbo
x-77-nzt: AblMCQ3bUMT/ZuAmAA
x-77-nzt-ray: agYCk+OEgMQ
x-cache: HIT
x-age: 2547814
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Qy07EMAz8FX6g0fiVOHvmDBKID0jT9oKAA7vSIvnjSbtoRUaRxvZ4bJnBPKFOXB4YJ84n1KiUKpJyItN4en4JpTi/ny/zmvrXR0iphT0KscLDXdg4FJodOWykTCRLGQormZ08yEICA2yiurMEUGSPt9fH49MAhwBXNgy+Tx2eoYPjurd2hclis2Dp2lvRulXNc918W2tF24X/t8QNCQVymP8lQkiFlWOie6AxHuIot++fzx5xl99ghwEHqe7rSV7axqtqK2zLUhpRd9/Q87hKqfILPJP5LlYBAAA=
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Qy07EMAz8FX6g0fiVOHvmDBKID0jT9oKAA7vSIvnjSbtoRUaRxvZ4bJnBPKFOXB4YJ84n1KiUKpJyItN4en4JpTi/ny/zmvrXR0iphT0KscLDXdg4FJodOWykTCRLGQormZ08yEICA2yiurMEUGSPt9fH49MAhwBXNgy+Tx2eoYPjurd2hclis2Dp2lvRulXNc918W2tF24X/t8QNCQVymP8lQkiFlWOie6AxHuIot++fzx5xl99ghwEHqe7rSV7axqtqK2zLUhpRd9/Q87hKqfILPJP5LlYBAAA=
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Qy07EMAz8FX6g0fiVOHvmDBKID0jT9oKAA7vSIvnjSbtoRUaRxvZ4bJnBPKFOXB4YJ84n1KiUKpJyItN4en4JpTi/ny/zmvrXR0iphT0KscLDXdg4FJodOWykTCRLGQormZ08yEICA2yiurMEUGSPt9fH49MAhwBXNgy+Tx2eoYPjurd2hclis2Dp2lvRulXNc918W2tF24X/t8QNCQVymP8lQkiFlWOie6AxHuIot++fzx5xl99ghwEHqe7rSV7axqtqK2zLUhpRd9/Q87hKqfILPJP5LlYBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4384438%7C75938560%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Ctktube.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.tktube.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22633394a0b0b9c4.178793062094803763%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
s3t3d2y8.afcdn.net/library/379728/c43c3184062cdaaa7460628bdd12892f83f7e1fa.mp4
185.76.9.16206 Partial Content 29 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/379728/c43c3184062cdaaa7460628bdd12892f83f7e1fa.mp4
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 047d9fad81a1a127d86bd1817569e625
c43c3184062cdaaa7460628bdd12892f83f7e1fa
072f7e9b611fcfd90af8726da7fe0b3dfce9c6109453531a3f95d4fc6973e56e
GET /library/379728/c43c3184062cdaaa7460628bdd12892f83f7e1fa.mp4 HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: video/mp4
content-length: 28942
last-modified: Tue, 12 Apr 2022 11:29:47 GMT
etag: "625562ab-710e"
expires: Fri, 30 Jun 2023 11:12:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195533
server: CDN77-Turbo
x-77-nzt: AblMCQ2KBh7/VPZ0AA
x-77-nzt-ray: LOgebapUU68
x-cache: HIT
x-age: 7665236
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-28941/28942
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
8.254.252.214200 OK 2.8 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP 8.254.252.214:0
File type ASCII text, with very long lines (2590)
Hash 01c3ce239d639853ba1e41661c115938
704741ca41e890a26eef6190c2d61131ff294f56
9aabcddb7b91826c4b8bf721d77fa448ceba501616a38c6fe0d6c4f11091ed47
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=6bb44e8f-0f8f-484a-9b96-33bc3b725117; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYUEgjhkcbObr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: application/javascript
content-length: 2808
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 17590506
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy07EMAz8FX6gkZ9JvGfOIIH4gDZtLwg4sCst0nw8SRet8MjS2B6PLSQyUUxSHoROkk8UCE5BySSxG56eX2CM8/v5smypfX1ASxSpKCxGFbWquMDIcqUM7y1XzVq6wkuWyhnsUFCHuJoNlogYueLt9fFI7hAo0VWcOh9Xuyesc7qO1WbkuvqitDZrc7HYw/ISe923CJqH8P+XdEOSiMP7r4ayqZhg4nth6EE4xvP3z2cD7vIb/DAQsNn4TotWl3UrFBzNypY3i7Z7XSL7SvUXyfZRpVUBAAA=
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy07EMAz8FX6gkZ9JvGfOIIH4gDZtLwg4sCst0nw8SRet8MjS2B6PLSQyUUxSHoROkk8UCE5BySSxG56eX2CM8/v5smypfX1ASxSpKCxGFbWquMDIcqUM7y1XzVq6wkuWyhnsUFCHuJoNlogYueLt9fFI7hAo0VWcOh9Xuyesc7qO1WbkuvqitDZrc7HYw/ISe923CJqH8P+XdEOSiMP7r4ayqZhg4nth6EE4xvP3z2cD7vIb/DAQsNn4TotWl3UrFBzNypY3i7Z7XSL7SvUXyfZRpVUBAAA=
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Oy07EMAz8FX6gkZ9JvGfOIIH4gDZtLwg4sCst0nw8SRet8MjS2B6PLSQyUUxSHoROkk8UCE5BySSxG56eX2CM8/v5smypfX1ASxSpKCxGFbWquMDIcqUM7y1XzVq6wkuWyhnsUFCHuJoNlogYueLt9fFI7hAo0VWcOh9Xuyesc7qO1WbkuvqitDZrc7HYw/ISe923CJqH8P+XdEOSiMP7r4ayqZhg4nth6EE4xvP3z2cD7vIb/DAQsNn4TotWl3UrFBzNypY3i7Z7XSL7SvUXyfZRpVUBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4384438%7C75938560%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Ctktube.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.tktube.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22633394a0b0b9c4.178793062094803763%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 904a8d4d380c2afb0f06401ce4c8491e
6c09e83415a209d302caba25187cae51fb998e9e
10724ff231265f6c0da44eb9ade0a936362252cad64cbcebb1d4414f4985730a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10724FF231265F6C0DA44EB9ADE0A936362252CAD64CBCEBB1D4414F4985730A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3125
Expires: Wed, 28 Sep 2022 01:18:14 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
185.76.9.16200 OK 27 kB URL HTTP/2 s3t3d2y8.afcdn.net/library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg
IP 185.76.9.16:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c1c75724467e05b05d3f47c4192d595a
be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1
e3274a14bb5b75548d26cd44215aef5395348223ed43c262cb17c3783f88c132
GET /library/761560/be8f9e4bb2c87d63b72fe3a2f621be35a92d75e1.jpg HTTP/1.1
Host: s3t3d2y8.afcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/jpeg
content-length: 27027
last-modified: Thu, 03 Mar 2022 12:22:54 GMT
etag: "6220b31e-6993"
expires: Tue, 12 Sep 2023 00:42:58 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1694772188
server: CDN77-Turbo
x-77-nzt: AblMCQ1277b/RZwQAA
x-77-nzt-ray: b6gRMyr2XjI
x-cache: HIT
x-age: 1088581
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OS04FMQy7CheYkZM6neatWYME4gCdTzcIWPCQQMrhaUfoiVipEteKrVCd4JMud4qL5gs8XGbHTJ3FGA+PT0GJ6+v1az3m7eMtliyWEYsoUaKUpKZBMBfksE7Rs2jWroBKygyxSIEOtUSeUy7x8nx/tnQoor/Da4yDwfeQbYSl3daEfeNWF3pz5tVbaYc76hD+z4awJaE7ClLRwOxCHfdP04EkTNq5SW4Loxfi/K6fP+9bxE3+F9fOCxZCjnhpb9Z6oXAFSlsPhVU9GivLXv0XTt6sRVYBAAA=
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01OS04FMQy7CheYkZM6neatWYME4gCdTzcIWPCQQMrhaUfoiVipEteKrVCd4JMud4qL5gs8XGbHTJ3FGA+PT0GJ6+v1az3m7eMtliyWEYsoUaKUpKZBMBfksE7Rs2jWroBKygyxSIEOtUSeUy7x8nx/tnQoor/Da4yDwfeQbYSl3daEfeNWF3pz5tVbaYc76hD+z4awJaE7ClLRwOxCHfdP04EkTNq5SW4Loxfi/K6fP+9bxE3+F9fOCxZCjnhpb9Z6oXAFSlsPhVU9GivLXv0XTt6sRVYBAAA=
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01OS04FMQy7CheYkZM6neatWYME4gCdTzcIWPCQQMrhaUfoiVipEteKrVCd4JMud4qL5gs8XGbHTJ3FGA+PT0GJ6+v1az3m7eMtliyWEYsoUaKUpKZBMBfksE7Rs2jWroBKygyxSIEOtUSeUy7x8nx/tnQoor/Da4yDwfeQbYSl3daEfeNWF3pz5tVbaYc76hD+z4awJaE7ClLRwOxCHfdP04EkTNq5SW4Loxfi/K6fP+9bxE3+F9fOCxZCjnhpb9Z6oXAFSlsPhVU9GivLXv0XTt6sRVYBAAA= HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4384438%7C75938560%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Ctktube.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.tktube.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22633394a0b0b9c4.178793062094803763%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
poweredby.jads.co/adshow.php?adzone=899777
185.94.236.244200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=899777
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF, LF line terminators
Hash 9b3e13553ccfb29f01be788270edbfed
9a3111761efcda5932707e3d7ff609c905261121
72f46ae99d9ae6f0b714e18b7a0da46c2c873a4fffb4a283830bdca91338e310
GET /adshow.php?adzone=899777 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a2a2dfdc0d0f74713fe1b54269190981; expires=Thu, 28-Sep-2023 00:26:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YTowOnt9; expires=Sat, 01-Oct-2022 00:26:08 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 01-Oct-2022 00:26:08 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
xwlketvkzf.com/lv/esnk/1843465/code.js
62.122.171.6200 OK 47 kB URL HTTP/2 xwlketvkzf.com/lv/esnk/1843465/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash 5d8f02c6b24b66f5d379a48dab6a1e0e
9d3bbbb52b324c30949cb149683b6fc5fc7efbd6
555ec8dab16ad39a5fd13c0b06eb91b37fddd832774c3a0a1e2d2c059e7ceb70
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1843465/code.js HTTP/1.1
Host: xwlketvkzf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 14:00:58 GMT
vary: Accept-Encoding
etag: W/"6333021a-1e318"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy0oEQQz8FX9gmupK0o89e1ZQ/ICZnumLqAd3YYV8vD2zspgiUEkqlRDkhDoxPxAnphOq1xgqgjJEU396fnGNfn4/X5YttK8Pl1wzi+dIRfFShEZXaCpIbqNlIknyUFhOLIRHc3EM0ER1ZwGInoq/vT4eGQfoAlxpQ39cHZ6ug+O6rzaFyWqLYG3a5qy1V01L7aVvtWLehf+/xA3BCB7mfw2XqEKlT/FeqI+AH+P5++ezud/lN9hhMIxU9/dWa7lK7j0VK2rc6py6gQLLbEl+Acbwn/tWAQAA
95.211.229.245200 OK 20 B URL HTTP/1.1 syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA01Oy0oEQQz8FX9gmupK0o89e1ZQ/ICZnumLqAd3YYV8vD2zspgiUEkqlRDkhDoxPxAnphOq1xgqgjJEU396fnGNfn4/X5YttK8Pl1wzi+dIRfFShEZXaCpIbqNlIknyUFhOLIRHc3EM0ER1ZwGInoq/vT4eGQfoAlxpQ39cHZ6ug+O6rzaFyWqLYG3a5qy1V01L7aVvtWLehf+/xA3BCB7mfw2XqEKlT/FeqI+AH+P5++ezud/lN9hhMIxU9/dWa7lK7j0VK2rc6py6gQLLbEl+Acbwn/tWAQAA
IP 95.211.229.245:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA01Oy0oEQQz8FX9gmupK0o89e1ZQ/ICZnumLqAd3YYV8vD2zspgiUEkqlRDkhDoxPxAnphOq1xgqgjJEU396fnGNfn4/X5YttK8Pl1wzi+dIRfFShEZXaCpIbqNlIknyUFhOLIRHc3EM0ER1ZwGInoq/vT4eGQfoAlxpQ39cHZ6ug+O6rzaFyWqLYG3a5qy1V01L7aVvtWLehf+/xA3BCB7mfw2XqEKlT/FeqI+AH+P5++ezud/lN9hhMIxU9/dWa7lK7j0VK2rc6py6gQLLbEl+Acbwn/tWAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; c-tag=%7B%22tag-video%22%3A%22v3%7C%7CNOR%7C4384438%7C75938560%7C0%7C%7C508%7C41%7C3%7C15%7C0%7C0%7C0%7C25344%7C3143242%7C3143244%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C%7C0%7Ctktube.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://www.tktube.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22633394a0b0b9c4.178793062094803763%22%3B%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=; domain=.realsrv.com; Secure; SameSite=none
__upt=%7B%22v%22%3A1%2C%22id%22%3A%22633394a0b0b9c4.178793062094803763%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Fri, 27 Sep 2024 00:26:09 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11347
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
www.tktube.com/static/styles/jquery.fancybox-white.css?v=7.2
172.64.96.12200 OK 3.0 kB URL HTTP/2 www.tktube.com/static/styles/jquery.fancybox-white.css?v=7.2
IP 172.64.96.12:0
File type ASCII text, with CRLF line terminators
Hash e1fded4e8d35642142f541149c02e520
d729b34accb117737b0b8cbc0309aacd253c4231
01c476744b71f1fb197e18c89642aaa941e8a86d704a735ca381ed01f9e81231
GET /static/styles/jquery.fancybox-white.css?v=7.2 HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 19 Jun 2019 06:54:16 GMT
etag: W/"5d09dc18-14e6"
expires: Wed, 28 Sep 2022 05:04:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 26482
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=056g17kQ2QfT1rQr7C7ykKVeW6ea4q%2F5H%2BhMkg0hSuirOtbsrolgf77JXEI0or%2BJuK9xAKARsDsUZzvTC4HfvyDDLuLe4f84iOU9MzaBWY7q4w8cRFsMt%2BbkCNGO3m3rig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75185885f98e0706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11347
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11347
Expires: Wed, 28 Sep 2022 03:35:16 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TlEcmqE03c_aVOwGbXRCTsU5MOTiUF4C93U3zcIVqzg6NCGJJGup7A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:09:10 GMT
age: 8219
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee83d08d024d127fad5918e1ffacb78b
8ad289a77705358ab660b6123e9d90de991b6c13
aaab3590ef3777ce8b7a9a34f18866fa20ecaa554cbcdcdb3f1fa3c34c88ceb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5653a1a-a7d7-4b1e-a27e-4eb6b032901d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11314
x-amzn-requestid: 9f410158-cd1a-45a9-9e86-4005b25577e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4Hw7oAMFpAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-70683c681f22a3b6103fcb4a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: l9IinQYCcQV_iymSArIEnOWgbmLlmVqz94402zcsmga5Bp3Sty7QRg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:49 GMT
age: 9920
etag: "8ad289a77705358ab660b6123e9d90de991b6c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fa8cb4f4be5057788cd1a2a4d0e76d6
1aec1d67a36867bee8069a144fb1b0d95ff2cb54
5193131db8040ef254554d59109002ec7b8cfc2eab1e872b63e5f65db7cf5105
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40456fc-e6ad-484b-8754-8b2b0e7abc7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5944
x-amzn-requestid: 040b4452-4120-4ae5-9ad2-c5b341abbb13
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34BFdmIAMFmew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cff-103adde82b57535e4f3fb16a;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: q03mXCSikJcsTBGqk1Xq7452EiDz4t9PFbp5Qj4xwobiFgqtPwGCBw==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 23:06:54 GMT
age: 4755
etag: "1aec1d67a36867bee8069a144fb1b0d95ff2cb54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46dc8f1499f4de5f03bd87a68c3c6c7b
0cd28a243f9704140ccb9eb1415a77fcccc7cf87
3d7a5cdc0812857efabd7ab941aea6d6582790b86a9587809d222c0a8546262b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7723c423-9c9b-4e58-93cc-7198e8ff6f62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7359
x-amzn-requestid: 6e3123b2-ea7e-4e3e-8399-19a66d27923f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI34CEYtIAMF01w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336d00-5995316c70da7a0c460ac432;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:37:04 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C8VwjZMvXqbQlvSRB8ugvw6o-wRUI0Xtbn91g79lSpBxrXiCzC_FXg==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:26:18 GMT
age: 7191
etag: "0cd28a243f9704140ccb9eb1415a77fcccc7cf87"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0fc75051e565c146221c672a81acaf9b
495ab7020de0f4d36fedbe299b55e59208873585
c32bb7797983bc31f79381513a9127523ecb1e37db6f7a7ba9bdf26b3204a68a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C32BB7797983BC31F79381513A9127523ECB1E37DB6F7A7BA9BDF26B3204A68A"
Last-Modified: Mon, 26 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1837
Expires: Wed, 28 Sep 2022 00:56:46 GMT
Date: Wed, 28 Sep 2022 00:26:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 9699
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:29:45 GMT
age: 60984
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ
185.76.9.21200 OK 1.3 kB URL HTTP/2 static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a1264081e0047736c7a91a5f3b267105
cb4062c1893a437fc0766404dedc111932865627
89ee911b04fc0753a9562083c45519bb62be9ff1fb1b27a6ce62cf61d5b33d85
GET /h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://r.trwl1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: text/html
last-modified: Tue, 26 Jul 2022 12:47:16 GMT
etag: W/"62dfe254-c86"
expires: Wed, 26 Oct 2022 14:44:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-accel-expires: @1666795480
server: CDN77-Turbo
x-77-nzt: AblMCRRuwLL/ydkBAA
x-77-nzt-ray: OMYb4QFEI54
x-cache: HIT
x-age: 121289
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c75843e4f0878431449368b162769db
Strict-Transport-Security: max-age=0; includeSubdomains
sstatic1.histats.com/0.gif?4360397&101
192.99.8.27200 OK 43 B URL HTTP/1.1 sstatic1.histats.com/0.gif?4360397&101
IP 192.99.8.27:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /0.gif?4360397&101 HTTP/1.1
Host: sstatic1.histats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: image/gif
Content-Length: 43
Connection: close
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-36407794-11&cid=699724199.1664324767&jid=909904084&gjid=1538365151&_gid=1840436100.1664324767&_u=YADAAUAAAAAAAC~&z=42797352
64.233.165.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-36407794-11&cid=699724199.1664324767&jid=909904084&gjid=1538365151&_gid=1840436100.1664324767&_u=YADAAUAAAAAAAC~&z=42797352
IP 64.233.165.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-36407794-11&cid=699724199.1664324767&jid=909904084&gjid=1538365151&_gid=1840436100.1664324767&_u=YADAAUAAAAAAAC~&z=42797352 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.tktube.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 00:26:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tktube.com/videos/49949/okax-623-50-20-240/?video_id=49949&mode=async&action=js_stats&rand=1664324766425
172.64.96.12200 OK 1.6 kB URL HTTP/2 www.tktube.com/videos/49949/okax-623-50-20-240/?video_id=49949&mode=async&action=js_stats&rand=1664324766425
IP 172.64.96.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 0a00225d42584b8b59270625da6eb835
7ed170c3c855895f7ee907a42626bed8d303617a
853f813aac0961519373ddb3a1192cd04bb5c09455996975c84da4e7aa284b72
GET /videos/49949/okax-623-50-20-240/?video_id=49949&mode=async&action=js_stats&rand=1664324766425 HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: bnState={"impressions":1,"delayStarted":0}; PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: image/gif
x-powered-by: PHP/7.3.23
set-cookie: kt_is_visited=1; expires=Thu, 29-Sep-2022 00:26:08 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWWbp8k4DKWhyp98XbjApJk0VKBKloMLtmtw%2F4vQkbv37OE1AL86EOAWUX0SM1JtJqvfdMGXmIyge7n2fl%2BXgeKQGbHGteI0JMGuwkmfEb4ZTtemFgWnNJNn0B%2BuCitneg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518588cadcd0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1602-overlay.png
185.76.9.21200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1602-overlay.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRS9cd7/UCqoAA
x-77-nzt-ray: P4wdbmJfk8A
x-cache: HIT
x-age: 11020880
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/29-button.png
185.76.9.21200 OK 733 B URL HTTP/2 static.javhd.com/h5/files/button/29-button.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRRqdH//UCqoAA
x-77-nzt-ray: 2upHQIlnk7c
x-cache: HIT
x-age: 11020880
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r.trwl1.com/s1/45a2d0a8-8b7c-464e-850c-939e765fb042?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=154410&cv4=255707&cv5=899777&cv6=
185.98.53.17200 OK 745 B URL HTTP/1.1 r.trwl1.com/s1/45a2d0a8-8b7c-464e-850c-939e765fb042?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=154410&cv4=255707&cv5=899777&cv6=
IP 185.98.53.17:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (549)
Hash 10e5e0dbd7f7e84fc0de6cd83a21a50b
c0a207219a02bd93331e6b71195ecae0e7a467a0
08d116134b46833ebe16b0d31f45555467bafff9651df057b60f9c53b4295631
GET /s1/45a2d0a8-8b7c-464e-850c-939e765fb042?externalId={extPlaceholder}&cost={costPlaceholder}&cv1={dynamicCON}&cv2=NO&cv3=154410&cv4=255707&cv5=899777&cv6= HTTP/1.1
Host: r.trwl1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 745
Connection: close
Set-Cookie: uid=iTOMsjtaMj; Path=/; Domain=trwl1.com; Expires=Thu, 29 Sep 2022 00:26:09 GMT; HttpOnly
X-Request-Id: 7c644fd2-181b-46eb-a750-b5922a7df984
i.jads.co/network/user47819/8666-1660879920-0528133001660879920.gif
69.16.175.10200 OK 133 kB URL HTTP/2 i.jads.co/network/user47819/8666-1660879920-0528133001660879920.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 133 kB (132889 bytes)
Hash 29ae8fd62e0284de34d199085e0e77ed
a1406e6a215db8773f48065e027e4f2b8d2fd5e5
ec43a504b9a010439fc0a533db9748be3c67590ee4eb9918c2c6594ec1daa17f
GET /network/user47819/8666-1660879920-0528133001660879920.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=3a93fd9b62153cd6aa5a8b7b07a53159; juicy_data_1=YToxOntpOjE0NDQ3MzU7aToxNjY0NTgzOTY5O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps8666=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
etag: "1660879920"
cache-control: max-age=28114110
content-length: 132889
content-type: image/gif
last-modified: Fri, 19 Aug 2022 03:32:00 GMT
accept-ranges: bytes
x-hw: 1664324769.dop012.sk1.t,1664324769.cds228.sk1.hn,1664324769.cds072.sk1.c
X-Firefox-Spdy: h2
poweredby.jads.co/adshow.php?adzone=867429
185.94.236.244200 OK 1.6 kB URL HTTP/1.1 poweredby.jads.co/adshow.php?adzone=867429
IP 185.94.236.244:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (421), with CRLF, LF line terminators
Hash 2348af55d6f0c6194dd8c3e77bd3e4eb
04b3d313a931fbeed8f99a80e8d5465a58670d12
d24daddc2ed07d83d53298318d29454d6c6b558422a54982fdf66d1ccf0159f5
GET /adshow.php?adzone=867429 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=a2a2dfdc0d0f74713fe1b54269190981; expires=Thu, 28-Sep-2023 00:26:08 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps8666=1; expires=Thu, 29-Sep-2022 00:26:09 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjEwMjE3Mzc7aToxNjY0NTgzOTY4O30%3D; expires=Sat, 01-Oct-2022 00:26:08 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 01-Oct-2022 00:26:08 GMT; Max-Age=259199; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 00:26:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.jads.co/ads/user52477/ad1840898-1664061835.png
69.16.175.10200 OK 104 kB URL HTTP/2 i.jads.co/ads/user52477/ad1840898-1664061835.png
IP 69.16.175.10:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 104 kB (104361 bytes)
Hash 84a6c695465750f3129813b23e286b70
2e6edef7fe267d71476f3df7bd880c48fdfbcc1f
7987ff8bc83a42c4054700049f55850d5255b0535b84044fc90e1d78c591ae9d
GET /ads/user52477/ad1840898-1664061835.png HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=a2a2dfdc0d0f74713fe1b54269190981; juicy_data_1=YToxOntpOjEwMjE3Mzc7aToxNjY0NTgzOTY4O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps8666=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
etag: "1664061835"
cache-control: max-age=31273139
content-length: 104361
content-type: image/png
last-modified: Sat, 24 Sep 2022 23:23:55 GMT
accept-ranges: bytes
x-hw: 1664324769.dop012.sk1.t,1664324769.cds228.sk1.hn,1664324769.cds243.sk1.c
X-Firefox-Spdy: h2
i.jads.co/network/user152224/37612-1592932978-0872591001592932978.gif
69.16.175.10200 OK 603 kB URL HTTP/2 i.jads.co/network/user152224/37612-1592932978-0872591001592932978.gif
IP 69.16.175.10:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 603 kB (602812 bytes)
Hash 2f57c91dd5654d1152ab196101662078
726a5385e26dea5d4f58633331f1339a3619254d
d927584d7180e50a124d087c7db9f70c4ac8c681d309de96c6ed1c3a8d1326f7
GET /network/user152224/37612-1592932978-0872591001592932978.gif HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=a2a2dfdc0d0f74713fe1b54269190981; juicy_data_1=YToxOntpOjEwMjE3Mzc7aToxNjY0NTgzOTY4O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; imps8666=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
etag: "1592932978"
cache-control: max-age=28098309
content-length: 602812
content-type: image/gif
last-modified: Tue, 23 Jun 2020 17:22:58 GMT
accept-ranges: bytes
x-hw: 1664324769.dop012.sk1.t,1664324769.cds228.sk1.hn,1664324769.cds239.sk1.c
X-Firefox-Spdy: h2
dictatepantry.com/pixel/purst?dl=0&th=0&sc=0&rs=202&rd=202&fd=127&bv=22.8.v.2&tmpl=136
192.243.61.227200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/purst?dl=0&th=0&sc=0&rs=202&rd=202&fd=127&bv=22.8.v.2&tmpl=136
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=202&rd=202&fd=127&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 00:26:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
static.javhd.com/h5/files/video/6461-19699-300x250.medium.mp4
185.76.9.21206 Partial Content 17 kB URL HTTP/2 static.javhd.com/h5/files/video/6461-19699-300x250.medium.mp4
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 89379659bdabbda493bf94b4f051db10
459b22201a02a40b42df96b074404a28650d1e02
bac0279481ad1f9bbcb57806cbad75ddd6d9c2695da40a81a77d0e10ca0400e5
GET /h5/files/video/6461-19699-300x250.medium.mp4 HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: video/mp4
content-length: 524664
last-modified: Tue, 26 Jul 2022 12:47:15 GMT
etag: "62dfe253-80178"
expires: Sun, 31 Jul 2022 00:27:34 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-accel-expires: @1664380258
server: CDN77-Turbo
x-77-nzt: AblMCRT3rqz/v3gAAA
x-77-nzt-ray: zlKeBLeWCs4
x-cache: HIT
x-age: 30911
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-524663/524664
X-Firefox-Spdy: h2
static.javhd.com/h5/files/overlay/1605-overlay.png
185.76.9.21200 OK 1.8 kB URL HTTP/2 static.javhd.com/h5/files/overlay/1605-overlay.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 60a69a3e27a7af6a1ca80fa453182c84
8c8bed593ca4c7b4ff1f17dce90fe46a6f176dd3
4a29be7a012125280667bd82a2c2516a29590e0f4af8cc7c81c2e2e584fd846a
GET /h5/files/overlay/1605-overlay.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16000/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1cf82411-d50b-43c6-910e-71bed88c5ca6%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D899777%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0ODAsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjI4MDJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: image/png
content-length: 1821
last-modified: Wed, 20 Apr 2022 13:57:37 GMT
etag: "62601151-71d"
expires: Tue, 23 May 2023 11:05:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839941
server: CDN77-Turbo
x-77-nzt: AblMCRSgXhT/HSqoAA
x-77-nzt-ray: HHjNfu3kj8g
x-cache: HIT
x-age: 11020829
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhd.com/h5/files/button/19-button.png
185.76.9.21200 OK 504 B URL HTTP/2 static.javhd.com/h5/files/button/19-button.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b9292b2f016f0dca094f08e98b10e4f
032fb37c0956d518c289b727d4f2b1f7d300f9e1
549b9bd0060e105223af22424e20b6dce5b9276b90bda0af13a1b0fc503bd673
GET /h5/files/button/19-button.png HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16000/728x90.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F1cf82411-d50b-43c6-910e-71bed88c5ca6%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D899777%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzc0ODAsImJoIjo5MCwiYnciOjcyOCwiZiI6MSwibyI6MiwicCI6MSwicyI6MjI4MDJ9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: image/png
content-length: 504
last-modified: Fri, 11 Dec 2015 19:04:22 GMT
etag: "566b1e36-1f8"
expires: Tue, 23 May 2023 11:05:06 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839906
server: CDN77-Turbo
x-77-nzt: AblMCRRpxWj/QCqoAA
x-77-nzt-ray: s71rj0hRa0o
x-cache: HIT
x-age: 11020864
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
205.185.208.20200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP 205.185.208.20:0
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:10 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10449421
X-HW: 1664324770.dop214.sk1.t,1664324770.cds017.sk1.shn,1664324770.cds017.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
209.197.3.25200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP 209.197.3.25:0
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 00:26:10 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10418447
X-HW: 1664324769.dop022.sk1.t,1664324770.cds002.sk1.shn,1664324770.cds002.sk1.c
Access-Control-Allow-Origin: *
static.javhd.com/h5/files/css/style.css
185.76.9.21200 OK 3.8 kB URL HTTP/2 static.javhd.com/h5/files/css/style.css
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash e07516edb1d97f135c79362e4a6b339c
1f70322dbf1584ac3d3a49991cb1ca7f03ad51d1
65d78a880aa0b012d62e6f59eb2b620aa283652be8234dae0c4de963f69b0425
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.javhd.com/h5/files/16441/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2F9cd56cc5-e1d1-4e14-bdc6-adcbdc851c4f%3Fcost%3D%257BcostPlaceholder%257D%26cv1%3D%257BdynamicCON%257D%26cv2%3DNO%26cv3%3D154410%26cv4%3D255707%26cv5%3D864813%26cv6%3D%26externalId%3D%257BextPlaceholder%257D%26p%3DeyJiIjoyNzgxNTYsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIyMTU4fQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: text/css
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:49 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-accel-expires: @1684839889
server: CDN77-Turbo
x-77-nzt: AblMCRTGjnn/UCqoAA
x-77-nzt-ray: fyEc1D6EyxM
x-cache: HIT
x-age: 11020880
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMuWGGDAwZHFvkiFGwBQ0bNGi0CCODRowWY8qYESMGx8cwZWzkEPFwjpg0ZBTq2CIiBg4aM07WaNESxo0cNHCI6PIwTJ0xGXOUuREDqQ0yTKO-pCGjjIyVNmqEaYFjTBgcOGrkMBMmjJgZPCGSsbNQpw0ZD-HUEbNwBg7DVeHAKSyjoog5cCbqMAxjxowYgDW2WazDpY0bNmZUJWOG4kMxbtwsBIkytGgRbdxg1AFyhs7AsWd3jWH0YZ0YGdHQoQNnjo4XL8K4MEhHtosxb9q8OFOGzosYMLLXsD3jB500bcr0aJij5UgaNWogjcGlTnYZNsLQGdPDM-gZ7d_HhyOmB544TLxhhRJfjAEDGkNU8YQSRIwxRBBnhCHEFUWcEQMdRcRQBBRJnJGDSHlcMYQMdEDxxBw1IDGDHUJMsUQQYgThExJ12OEEEU_8NgUUQSS0hhxHJBHHGFS4gccUMEDBhgxrtECFFFI80YYTVhjRAhYx1FHDFWYcIcRSebTxhRlOfHFGFUkQIUUVaeQFRxumifDGm3GSEV1Gd-TpAh1r0DFYGc_d-ZBbkm0hQw1UiQCHHFjpAIML2TkmRmmOQgqDQxq9-cWijeLgAkktXPqQHHZwBt9DZYxBZ6XZwcCbb3W0qYMINtCUUhk4mBGqGbmadNRaOYiRgw0tWCbGGDOIccOhvN2QVxqciTCSCzk8Stan6uUlxxfQZhUDtdbKgC0NedURRkZNvKFHGmywEcYLNUAKAgpYxrADCEyk4UYdeICABw42fIHSvaTqMCykKYBwRKprvPGCDK5G6ioIRqQhh0xv4PHCwTDkNUajIjjxRF5vbPtxRiLnxQbIRTiR10F2fHExGxTVcMMNh9lgEwyjnqEabTXgcMNDMH8hhhwLwUV0GTG38QYZqwHsGBlyvFHYQ28IldmiGeexEA2jyhTccMUd90Ked-zZ55-BSpfXHRlhZlNeaMT9Ebk9kZpR1XTIV3ILdbiRBh3FekrGGJi9DPJBXxyeuEVwMmQDSjO0BFoOkMtA0eRIWa7TSTiMJnMZkH0h3-aUe465CEybzgZCdAi1RVKJ2iWZCAfRVQcbEwW28kI8azQbDH0oEBA%3D&s=a54830b057604bf54c78a7de03f29d98a0dc2f9432c6ee7c899bd96c298575951664324769&w=t&r=1&d=414&priv=false
136.243.80.153200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMuWGGDAwZHFvkiFGwBQ0bNGi0CCODRowWY8qYESMGx8cwZWzkEPFwjpg0ZBTq2CIiBg4aM07WaNESxo0cNHCI6PIwTJ0xGXOUuREDqQ0yTKO-pCGjjIyVNmqEaYFjTBgcOGrkMBMmjJgZPCGSsbNQpw0ZD-HUEbNwBg7DVeHAKSyjoog5cCbqMAxjxowYgDW2WazDpY0bNmZUJWOG4kMxbtwsBIkytGgRbdxg1AFyhs7AsWd3jWH0YZ0YGdHQoQNnjo4XL8K4MEhHtosxb9q8OFOGzosYMLLXsD3jB500bcr0aJij5UgaNWogjcGlTnYZNsLQGdPDM-gZ7d_HhyOmB544TLxhhRJfjAEDGkNU8YQSRIwxRBBnhCHEFUWcEQMdRcRQBBRJnJGDSHlcMYQMdEDxxBw1IDGDHUJMsUQQYgThExJ12OEEEU_8NgUUQSS0hhxHJBHHGFS4gccUMEDBhgxrtECFFFI80YYTVhjRAhYx1FHDFWYcIcRSebTxhRlOfHFGFUkQIUUVaeQFRxumifDGm3GSEV1Gd-TpAh1r0DFYGc_d-ZBbkm0hQw1UiQCHHFjpAIML2TkmRmmOQgqDQxq9-cWijeLgAkktXPqQHHZwBt9DZYxBZ6XZwcCbb3W0qYMINtCUUhk4mBGqGbmadNRaOYiRgw0tWCbGGDOIccOhvN2QVxqciTCSCzk8Stan6uUlxxfQZhUDtdbKgC0NedURRkZNvKFHGmywEcYLNUAKAgpYxrADCEyk4UYdeICABw42fIHSvaTqMCykKYBwRKprvPGCDK5G6ioIRqQhh0xv4PHCwTDkNUajIjjxRF5vbPtxRiLnxQbIRTiR10F2fHExGxTVcMMNh9lgEwyjnqEabTXgcMNDMH8hhhwLwUV0GTG38QYZqwHsGBlyvFHYQ28IldmiGeexEA2jyhTccMUd90Ked-zZ55-BSpfXHRlhZlNeaMT9Ebk9kZpR1XTIV3ILdbiRBh3FekrGGJi9DPJBXxyeuEVwMmQDSjO0BFoOkMtA0eRIWa7TSTiMJnMZkH0h3-aUe465CEybzgZCdAi1RVKJ2iWZCAfRVQcbEwW28kI8azQbDH0oEBA%3D&s=a54830b057604bf54c78a7de03f29d98a0dc2f9432c6ee7c899bd96c298575951664324769&w=t&r=1&d=414&priv=false
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WMuWGGDAwZHFvkiFGwBQ0bNGi0CCODRowWY8qYESMGx8cwZWzkEPFwjpg0ZBTq2CIiBg4aM07WaNESxo0cNHCI6PIwTJ0xGXOUuREDqQ0yTKO-pCGjjIyVNmqEaYFjTBgcOGrkMBMmjJgZPCGSsbNQpw0ZD-HUEbNwBg7DVeHAKSyjoog5cCbqMAxjxowYgDW2WazDpY0bNmZUJWOG4kMxbtwsBIkytGgRbdxg1AFyhs7AsWd3jWH0YZ0YGdHQoQNnjo4XL8K4MEhHtosxb9q8OFOGzosYMLLXsD3jB500bcr0aJij5UgaNWogjcGlTnYZNsLQGdPDM-gZ7d_HhyOmB544TLxhhRJfjAEDGkNU8YQSRIwxRBBnhCHEFUWcEQMdRcRQBBRJnJGDSHlcMYQMdEDxxBw1IDGDHUJMsUQQYgThExJ12OEEEU_8NgUUQSS0hhxHJBHHGFS4gccUMEDBhgxrtECFFFI80YYTVhjRAhYx1FHDFWYcIcRSebTxhRlOfHFGFUkQIUUVaeQFRxumifDGm3GSEV1Gd-TpAh1r0DFYGc_d-ZBbkm0hQw1UiQCHHFjpAIML2TkmRmmOQgqDQxq9-cWijeLgAkktXPqQHHZwBt9DZYxBZ6XZwcCbb3W0qYMINtCUUhk4mBGqGbmadNRaOYiRgw0tWCbGGDOIccOhvN2QVxqciTCSCzk8Stan6uUlxxfQZhUDtdbKgC0NedURRkZNvKFHGmywEcYLNUAKAgpYxrADCEyk4UYdeICABw42fIHSvaTqMCykKYBwRKprvPGCDK5G6ioIRqQhh0xv4PHCwTDkNUajIjjxRF5vbPtxRiLnxQbIRTiR10F2fHExGxTVcMMNh9lgEwyjnqEabTXgcMNDMH8hhhwLwUV0GTG38QYZqwHsGBlyvFHYQ28IldmiGeexEA2jyhTccMUd90Ked-zZ55-BSpfXHRlhZlNeaMT9Ebk9kZpR1XTIV3ILdbiRBh3FekrGGJi9DPJBXxyeuEVwMmQDSjO0BFoOkMtA0eRIWa7TSTiMJnMZkH0h3-aUe465CEybzgZCdAi1RVKJ2iWZCAfRVQcbEwW28kI8azQbDH0oEBA%3D&s=a54830b057604bf54c78a7de03f29d98a0dc2f9432c6ee7c899bd96c298575951664324769&w=t&r=1&d=414&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=6bb44e8f-0f8f-484a-9b96-33bc3b725117; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYUEgjhkcbObr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=www.tktube.com&et=165
136.243.80.153200 OK 0 B URL HTTP/2 pxl.tsyndicate.com/api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=www.tktube.com&et=165
IP 136.243.80.153:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/elapsedtime?f=banner%20300x250&sc=449e4fe3501746fda88f88df1f88ddf7&hn=www.tktube.com&et=165 HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: ts_uid=6bb44e8f-0f8f-484a-9b96-33bc3b725117; bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYUEgjhkcbObr0URAQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:10 GMT
content-length: 0
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
xwlketvkzf.com/chicken.gif?z=1843465&pb=7325d53d4adc3dec6925fed4e72ff0e71664331968&psp=XVMvgWv-J-G_tAJXoS4yN652R66P7TzYP-iGShimDLHrkd8jOfO7vfGffLM1iej4QMp7WYVLkqVTafZXPDN3evzcdNSXmURwb6Zu1Vb5Mld7MEjJbQFf09lpQuZtTLUQ_jMtFy3jN-oPpXw1MlIaExRBisuMqjsBvEhRiGtgta9yTPUHCOpT_QH8NgbLxrPOaDBnUmWK1NuKG7mWu726DGbzWlP7QttA9qDgsc08ghn-TuvDHhIYvRjP_img3UFaPB4bilXFTEj6MsvO5TXPfhGBMt1pxA9O9qhtPH1G764Nhh8gkY5_1bTE6qd0Ktk667vGfKJNAg2Ps0fXMIS_fNSbhTmfH7HPsBwpm6mn4m4gsbzK21MdHUGBM0NoCKGTDOUp0H0RiSMu8Ly-JtjDOIhFck6q_Xh7_grJG1dHfv3F2UMruTTCb_EWQXm-OGRmiPVIRDszBKhkpFYhchC8nzXxwT-hE0k2JITMhoN7UcSmsTBmd5GsUvrpsIVSQWZrrUUKbAPooC9KmM-LFJe9_V1eqaS0PKzjtCrUlmx3pDKHAV2mhlQuYfVM3iD7JJ2rMAMx71XR5GmPeg==&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 xwlketvkzf.com/chicken.gif?z=1843465&pb=7325d53d4adc3dec6925fed4e72ff0e71664331968&psp=XVMvgWv-J-G_tAJXoS4yN652R66P7TzYP-iGShimDLHrkd8jOfO7vfGffLM1iej4QMp7WYVLkqVTafZXPDN3evzcdNSXmURwb6Zu1Vb5Mld7MEjJbQFf09lpQuZtTLUQ_jMtFy3jN-oPpXw1MlIaExRBisuMqjsBvEhRiGtgta9yTPUHCOpT_QH8NgbLxrPOaDBnUmWK1NuKG7mWu726DGbzWlP7QttA9qDgsc08ghn-TuvDHhIYvRjP_img3UFaPB4bilXFTEj6MsvO5TXPfhGBMt1pxA9O9qhtPH1G764Nhh8gkY5_1bTE6qd0Ktk667vGfKJNAg2Ps0fXMIS_fNSbhTmfH7HPsBwpm6mn4m4gsbzK21MdHUGBM0NoCKGTDOUp0H0RiSMu8Ly-JtjDOIhFck6q_Xh7_grJG1dHfv3F2UMruTTCb_EWQXm-OGRmiPVIRDszBKhkpFYhchC8nzXxwT-hE0k2JITMhoN7UcSmsTBmd5GsUvrpsIVSQWZrrUUKbAPooC9KmM-LFJe9_V1eqaS0PKzjtCrUlmx3pDKHAV2mhlQuYfVM3iD7JJ2rMAMx71XR5GmPeg==&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1843465&pb=7325d53d4adc3dec6925fed4e72ff0e71664331968&psp=XVMvgWv-J-G_tAJXoS4yN652R66P7TzYP-iGShimDLHrkd8jOfO7vfGffLM1iej4QMp7WYVLkqVTafZXPDN3evzcdNSXmURwb6Zu1Vb5Mld7MEjJbQFf09lpQuZtTLUQ_jMtFy3jN-oPpXw1MlIaExRBisuMqjsBvEhRiGtgta9yTPUHCOpT_QH8NgbLxrPOaDBnUmWK1NuKG7mWu726DGbzWlP7QttA9qDgsc08ghn-TuvDHhIYvRjP_img3UFaPB4bilXFTEj6MsvO5TXPfhGBMt1pxA9O9qhtPH1G764Nhh8gkY5_1bTE6qd0Ktk667vGfKJNAg2Ps0fXMIS_fNSbhTmfH7HPsBwpm6mn4m4gsbzK21MdHUGBM0NoCKGTDOUp0H0RiSMu8Ly-JtjDOIhFck6q_Xh7_grJG1dHfv3F2UMruTTCb_EWQXm-OGRmiPVIRDszBKhkpFYhchC8nzXxwT-hE0k2JITMhoN7UcSmsTBmd5GsUvrpsIVSQWZrrUUKbAPooC9KmM-LFJe9_V1eqaS0PKzjtCrUlmx3pDKHAV2mhlQuYfVM3iD7JJ2rMAMx71XR5GmPeg==&abvar=0&os=0 HTTP/1.1
Host: xwlketvkzf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=220927192683e7631e576e40e9b6f1c0647b; OACICAP=ACImmwAAAAAAAAABACIuUwAAAAAAAAAB; OACIBLOCK=ACImmwAAAABjMoNQACIuUwAAAABjMoNQ; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 29 Sep 2022 00:26:10 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b56134771794748d7d8788b4f4e677c2
104d818d4b9ef1f1bd8e96c860766d021fc628f5
da1ae9892ad3e3453af5b255d0c5a3cd145f45e1444a1406cbbb5e663959c2b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA1AE9892AD3E3453AF5B255D0C5A3CD145F45E1444A1406CBBB5E663959C2B3"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20774
Expires: Wed, 28 Sep 2022 06:12:24 GMT
Date: Wed, 28 Sep 2022 00:26:10 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=623d719a-0987-45e3-a8d2-6e48237b5a09&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=1c7e2f1280cb5040773607debbc5e1dc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=623d719a-0987-45e3-a8d2-6e48237b5a09&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=1c7e2f1280cb5040773607debbc5e1dc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=623d719a-0987-45e3-a8d2-6e48237b5a09&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=1&pk=1c7e2f1280cb5040773607debbc5e1dc&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 28 Sep 2022 00:26:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c1c426ea34fb7a389e326c5b50bf8688
Strict-Transport-Security: max-age=0; includeSubdomains
www.tktube.com/player/stats.php?embed=0&device_type=2&event=PlayerLoad,
172.64.96.12200 OK 44 B URL HTTP/2 www.tktube.com/player/stats.php?embed=0&device_type=2&event=PlayerLoad,
IP 172.64.96.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c28edde2fac4c1e396335197ee91fee0
d01e77e9cf0357920e14a21ac3ffc65caf48e2a0
cf9867c9140bbd9a63eca4b23f964910b1964a48b8b2b761d047e0a88b05651f
GET /player/stats.php?embed=0&device_type=2&event=PlayerLoad, HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.1.699724199.1664324767; ppu_main_1c7e2f1280cb5040773607debbc5e1dc=1; ppu_idelay_1c7e2f1280cb5040773607debbc5e1dc=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: image/gif
x-powered-by: PHP/7.3.23
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FsB%2FT%2B5y0otsTf8qQ66Q2k7tgGOMUloFqg4YeLZ3qpe2ZVzBJOE0mWCdafAPqAb1bc5HfK0Ek%2Bq6JX42bOSBElvrlKWLQefnqZO0TUF2sFZt%2BDFINO%2BITC%2Fx92gStM6vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518588e9f8b0706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=OKAX,623,240,url,http,www,qqupload,com,6drq,url,OKAX,623,240,JAV,Censored,okax,&subid=1843465-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
136.243.69.157200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=OKAX,623,240,url,http,www,qqupload,com,6drq,url,OKAX,623,240,JAV,Censored,okax,&subid=1843465-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0
IP 136.243.69.157:0
ASN #24940 Hetzner Online GmbH
GET /iframes2/449e4fe3501746fda88f88df1f88ddf7.html?keywords=OKAX,623,240,url,http,www,qqupload,com,6drq,url,OKAX,623,240,JAV,Censored,okax,&subid=1843465-2407948&adb=0&clientjs=1&w=1280&h=1024&tz=0 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 0d4c14ec08d1f0fb
set-cookie: ts_uid=6bb44e8f-0f8f-484a-9b96-33bc3b725117; expires=Tue, 28 Mar 2023 00:26:09 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQsDFjRhcWIsYU3BLjoYgyE2PYUEgjhkcbObr0URAQ; expires=Thu, 29 Sep 2022 00:26:09 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=aYEN2wLj0rSFElItJbfTvr4Z3fnGWZjsQGVZbFlG48mCLzpuuWq2wQEaiq76Kh-AlIz16YlgAQuGsCwgxm6ZxstS6tg6z1GOKRVFUh0zIsrm_gUIDRUi
66.254.114.171200 OK 0 B URL HTTP/2 a.adtng.com/get/10005363?time=1592491455431&atc=416763&apb=aYEN2wLj0rSFElItJbfTvr4Z3fnGWZjsQGVZbFlG48mCLzpuuWq2wQEaiq76Kh-AlIz16YlgAQuGsCwgxm6ZxstS6tg6z1GOKRVFUh0zIsrm_gUIDRUi
IP 66.254.114.171:0
GET /get/10005363?time=1592491455431&atc=416763&apb=aYEN2wLj0rSFElItJbfTvr4Z3fnGWZjsQGVZbFlG48mCLzpuuWq2wQEaiq76Kh-AlIz16YlgAQuGsCwgxm6ZxstS6tg6z1GOKRVFUh0zIsrm_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KJmMzlKEgRSj8EgofAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded6742; path=/; HttpOnly; Secure; SameSite=None
x-request-id: 633394A1-42FE72AB01BB7A93-3B4FBF1F
X-Firefox-Spdy: h2
www.tktube.com/cdn-cgi/rum?
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/cdn-cgi/rum?
IP 172.64.96.12:0
POST /cdn-cgi/rum? HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1127
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.2.699724199.1664324767; ppu_main_1c7e2f1280cb5040773607debbc5e1dc=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=623d719a-0987-45e3-a8d2-6e48237b5a09%3A1%3A1; _gid=GA1.2.1840436100.1664324767; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.tktube.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 751858952bc60706-LHR
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
nimhuemark.com/aas/r45d/vki/1843476/tghr.js
62.122.171.6200 OK 0 B URL HTTP/2 nimhuemark.com/aas/r45d/vki/1843476/tghr.js
IP 62.122.171.6:0
GET /aas/r45d/vki/1843476/tghr.js HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 14:00:58 GMT
vary: Accept-Encoding
etag: W/"6333021a-10a29"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
xwlketvkzf.com/lv/esnk/1845095/code.js
62.122.171.6200 OK 0 B URL HTTP/2 xwlketvkzf.com/lv/esnk/1845095/code.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1845095/code.js HTTP/1.1
Host: xwlketvkzf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 14:00:58 GMT
vary: Accept-Encoding
etag: W/"6333021a-1e318"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
xwlketvkzf.com/get/1843465?zoneid=1843465&jp=_clr5gpc37q33kimu4hd3ld&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=1&cid=672023141299754
62.122.171.6200 OK 0 B URL HTTP/2 xwlketvkzf.com/get/1843465?zoneid=1843465&jp=_clr5gpc37q33kimu4hd3ld&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=1&cid=672023141299754
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1843465?zoneid=1843465&jp=_clr5gpc37q33kimu4hd3ld&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=1&cid=672023141299754 HTTP/1.1
Host: xwlketvkzf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Cookie: UID=220927192683e7631e576e40e9b6f1c0647b; OACICAP=ACImmwAAAAAAAAAB; OACIBLOCK=ACImmwAAAABjMoNQ; ppucnt=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.tktube.com/static/js/main.min.js?v=7.2
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/static/js/main.min.js?v=7.2
IP 172.64.96.12:0
GET /static/js/main.min.js?v=7.2 HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Mon, 14 Dec 2020 09:24:53 GMT
etag: W/"5fd72f65-43fd4"
expires: Wed, 28 Sep 2022 05:04:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 26482
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo2y4zwV3McyPZdDsmvUdjTJGnZylgers1TIN0ks5Na8r8mjhGdQRCu6RdGYalFS3K7xoczexE2CCB0gwfwU0x1T2EzZoXee30D2O9B2XQMjvWvQUUtMYtQnJWhTJsAtGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518588629d40706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tktube.com/cdn-cgi/rum?
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/cdn-cgi/rum?
IP 172.64.96.12:0
POST /cdn-cgi/rum? HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1202
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/player/html.php?aid=start_html&video_id=49949&cs_id=&category_ids=2&referer=&rnd=1664324766734
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.2.699724199.1664324767; ppu_main_1c7e2f1280cb5040773607debbc5e1dc=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=623d719a-0987-45e3-a8d2-6e48237b5a09%3A1%3A1; _gid=GA1.2.1840436100.1664324767; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.tktube.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 75185894bb740706-LHR
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
xwlketvkzf.com/get/1845095?zoneid=1845095&jp=_cl0ap0vxcp44x7zpzlomrq&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6020047698780355
62.122.171.6200 OK 0 B URL HTTP/2 xwlketvkzf.com/get/1845095?zoneid=1845095&jp=_cl0ap0vxcp44x7zpzlomrq&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6020047698780355
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1845095?zoneid=1845095&jp=_cl0ap0vxcp44x7zpzlomrq&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=6020047698780355 HTTP/1.1
Host: xwlketvkzf.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220927192683e7631e576e40e9b6f1c0647b; Path=/; Expires=Thu, 28 Sep 2023 00:26:07 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.tktube.com/videos/49949/okax-623-50-20-240/
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/videos/49949/okax-623-50-20-240/
IP 172.64.96.12:0
GET /videos/49949/okax-623-50-20-240/ HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.3.23
set-cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; path=/; domain=.tktube.com; SameSite=Lax
kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; expires=Thu, 29-Sep-2022 00:26:07 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
kt_ips=91.90.42.154; expires=Thu, 29-Sep-2022 00:26:07 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; expires=Thu, 29-Sep-2022 00:26:07 GMT; Max-Age=86400; path=/; domain=.tktube.com; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKKgtYW6ihtoU%2BHx4xv6KjpApfZv4jtM38oUv69nrvscvSa4P9BhkmoIbT37fIjH1mfQmVYcHsD3tTz4aamO4ne1Aes%2Bui%2FZlrgdqewYQUScWfbLQLwNP5JviQk3BM6d7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75185883f85b0706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tktube.com/player/kt_player.js?v=5.4.0
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/player/kt_player.js?v=5.4.0
IP 172.64.96.12:0
GET /player/kt_player.js?v=5.4.0 HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Fri, 09 Apr 2021 21:35:58 GMT
etag: W/"6070c8be-280f9"
expires: Wed, 28 Sep 2022 05:04:45 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
age: 26482
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQX7SE6EvwzyjrU%2Fkv0vCIOALhD5VBK0A3dPiRB5gXASsQGR3Hi9eMqcLR1tSHnki6ZOt%2BrJcOBWsSjfl%2FMO08ezPU1krvEWP6x7wmjQ%2FC2vtJyGQCl9Li07gju5R%2BqyeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518588609a80706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nimhuemark.com/get/1843476?zoneid=1843476&jp=_cli897bk750g8wc6oqjbci&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8834797465857588
62.122.171.6200 OK 0 B URL HTTP/2 nimhuemark.com/get/1843476?zoneid=1843476&jp=_cli897bk750g8wc6oqjbci&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8834797465857588
IP 62.122.171.6:0
GET /get/1843476?zoneid=1843476&jp=_cli897bk750g8wc6oqjbci&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8834797465857588 HTTP/1.1
Host: nimhuemark.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 00:26:08 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209271926af143cd855ae4b179341c3ccf8; Path=/; Expires=Thu, 28 Sep 2023 00:26:08 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
172.64.156.26200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.tktube.com
Connection: keep-alive
Referer: https://www.tktube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:07 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75185886cddc0b06-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.tktube.com/player/html.php?aid=start_html&video_id=49949&cs_id=&category_ids=2&referer=&rnd=1664324766734
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/player/html.php?aid=start_html&video_id=49949&cs_id=&category_ids=2&referer=&rnd=1664324766734
IP 172.64.96.12:0
GET /player/html.php?aid=start_html&video_id=49949&cs_id=&category_ids=2&referer=&rnd=1664324766734 HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.1.699724199.1664324767
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:09 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.3.23
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHbXk6k3O%2BgwxwlbK3Eok06l%2FAT6ZOMTe9j%2BBu%2Bz1b%2Biat5c1tGq1QouwBP%2Bm7snNsnZ0oRekHf6Lxz0KbNcT1VKbW2Nh%2B6Tjp07kvUdmNa5PUemG6YWatCaUqmSZz61XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7518588e9f820706-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tktube.com/player/stats.php?embed=0&device_type=2&event=AdvertisingShow,StartAd
172.64.96.12200 OK 0 B URL HTTP/2 www.tktube.com/player/stats.php?embed=0&device_type=2&event=AdvertisingShow,StartAd
IP 172.64.96.12:0
GET /player/stats.php?embed=0&device_type=2&event=AdvertisingShow,StartAd HTTP/1.1
Host: www.tktube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.tktube.com/videos/49949/okax-623-50-20-240/
Cookie: bnState={"impressions":1,"delayStarted":0}; PHPSESSID=vn88adv0osrjo93b5qbubedvc8; kt_qparams=id%3D49949%26dir%3Dokax-623-50-20-240; kt_ips=91.90.42.154; kt_vast_585561=59dc36a8c8d70dc1a3bada9bafc6ccae; kt_tcookie=1; kt_is_visited=1; _ga_R6X849L82V=GS1.1.1664324766.1.0.1664324766.0.0.0; _ga=GA1.2.699724199.1664324767; ppu_main_1c7e2f1280cb5040773607debbc5e1dc=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=623d719a-0987-45e3-a8d2-6e48237b5a09%3A1%3A1; _gid=GA1.2.1840436100.1664324767; _gat_gtag_UA_36407794_11=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 00:26:10 GMT
content-type: image/gif
x-powered-by: PHP/7.3.23
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JshQ5tw8eCgACK571EfWyU7EXcIwf6YlnZOVOpuoTDszvE7NTqi%2BgUBU94h3cifXVk040BW8Tc7rQKfyzzizhrto%2FW3To2DUFFY62zeFHdoEQh7lCUTtsX0aSwgjQiUftQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 751858952bc30706-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2