| r10.o.lencr.org/ |  23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash85b35ef8e54cfd751670f6a6d56541bd 162e94ccf2a785ea99c41f45c3a76815a2f8ae5f 3f59c24a6538550f52a4c9b39d9f57b023c9d44d50a846e742b763f74dfc179d
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3F59C24A6538550F52A4C9B39D9F57B023C9D44D50A846E742B763F74DFC179D"
Last-Modified: Sun, 08 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11974
Expires: Wed, 11 Sep 2024 01:01:57 GMT
Date: Tue, 10 Sep 2024 21:42:23 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6bd7ab339c70a2fbeee4c8c0acd11d01 d73d3395447b2a06e32c1e3efb673107259de9d2 fdfd7bc2cf6ecc38fb1098f0fdb33cc28a034bb850556c8be63823f4c4718be2
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "FDFD7BC2CF6ECC38FB1098F0FDB33CC28A034BB850556C8BE63823F4C4718BE2"
Last-Modified: Tue, 10 Sep 2024 00:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5057
Expires: Tue, 10 Sep 2024 23:06:40 GMT
Date: Tue, 10 Sep 2024 21:42:23 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashc02cbc5c5d1b0406dcc246d4bd1a6d2b 4926c8ef9661a0a06ddca8476543ba0016f6db23 6d53e4415d0c45468d4481cf09e5ea095019a86af85ccd64064eb060ab802455
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "6D53E4415D0C45468D4481CF09E5EA095019A86AF85CCD64064EB060AB802455"
Last-Modified: Tue, 10 Sep 2024 02:37:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6642
Expires: Tue, 10 Sep 2024 23:33:06 GMT
Date: Tue, 10 Sep 2024 21:42:24 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasha7b43c2db23f4707afe450545389f0e3 6428f8192a8ee0df1a0885d3b5af9e9b27deec9e 2f2fa723adedbdbe67d46c7a8b1b08382962a64f2bc97ee1db7cd374e9f730da
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "2F2FA723ADEDBDBE67D46C7A8B1B08382962A64F2BC97EE1DB7CD374E9F730DA"
Last-Modified: Mon, 09 Sep 2024 07:30:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11536
Expires: Wed, 11 Sep 2024 00:54:40 GMT
Date: Tue, 10 Sep 2024 21:42:24 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash49e3d04c2eb4d704e7e7c90e2dc519c0 33f04bc1c596585870c7b00e24bf9bef4d01dc8e 1a381b926d3ed1420dc33ec68eb8ff332a94ff175191a0564c07552b80c7a3d7
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1A381B926D3ED1420DC33EC68EB8FF332A94FF175191A0564C07552B80C7A3D7"
Last-Modified: Tue, 10 Sep 2024 02:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2185
Expires: Tue, 10 Sep 2024 22:18:49 GMT
Date: Tue, 10 Sep 2024 21:42:24 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash03f9bbb65c96a3c251005fbddf07090e 9b216f139e9e2fae757fc6ed15ee5514f2cc98a1 814812344c68259f7a9a388a79d95518d0d1b799368c249da07f307b32d1fffe
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "814812344C68259F7A9A388A79D95518D0D1B799368C249DA07F307B32D1FFFE"
Last-Modified: Sun, 08 Sep 2024 20:48:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5450
Expires: Tue, 10 Sep 2024 23:13:14 GMT
Date: Tue, 10 Sep 2024 21:42:24 GMT
Connection: keep-alive
|
|
| o.pki.goog/wr2 |  142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashc0352a67fec0e31af09e55cadc62466a 3dc66227496510e7f0be04eda03988431dab1ca4 7d0049c3bfeec906333051c0f9890dc933760f494e850b2e0bbd5c42bcc552f4
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Sep 2024 21:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash55c596578922c1e2aabb481e73b7d0c9 83126a3d0ed8389b3c1429861aae4a910af9125b 22b8c6986a96007925026bc63ce9da71ef647603cb8cbda8389c5f0b8f5b8471
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Sep 2024 21:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js | 142.250.74.74 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP142.250.74.74:443
Requested byhttps://tiktok.ewtch.ru/?video=7222171953 CertificateIssuerGoogle Trust Services Subjectupload.video.google.com Fingerprint9F:01:79:20:AD:58:33:6E:BF:F2:BF:DA:69:ED:BD:8D:19:F9:2D:D9 ValidityMon, 12 Aug 2024 07:18:03 GMT - Mon, 04 Nov 2024 07:18:02 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktok.ewtch.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 05 Sep 2024 13:24:21 GMT
expires: Fri, 05 Sep 2025 13:24:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 461883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| upl.lol/def.js?v=2 |  81.91.178.190 | 200 OK | 3.6 kB |
IP81.91.178.190:443
Requested byhttps://tiktok.ewtch.ru/?video=7222171953 CertificateIssuerLet's Encrypt Subjectupl.lol Fingerprint38:92:31:19:57:E1:13:2A:1E:5C:89:4E:01:A4:F0:F1:52:3E:AD:E4 ValidityTue, 27 Aug 2024 06:32:17 GMT - Mon, 25 Nov 2024 06:32:16 GMT
File typeUnicode text, UTF-8 text, with CRLF line terminators Hash40a859624bf6596c5fcadc26e53a9168 15b58c71c551fe77b47d7856796dcaf14a407477 de7607e99023d626d00a99fc53081ecc0a60c7d4b642155051fd897a99dd948d
GET /def.js?v=2 HTTP/1.1
Host: upl.lol
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktok.ewtch.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=JhIkgMzyuSAUCHmFq0Wk; Domain=.upl.lol; HttpOnly; Path=/; Expires=Wed, 10-Sep-2025 21:42:24 GMT
date: Tue, 10 Sep 2024 20:35:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 09 Sep 2024 10:22:29 GMT
content-encoding: br
content-length: 3609
ddg-cache-status: HIT,HIT
age: 4005
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-22S9P2RVGZ | 142.250.74.168 | 200 OK | 106 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-22S9P2RVGZ IP142.250.74.168:443
Requested byhttps://tiktok.ewtch.ru/?video=7222171953 CertificateIssuerGoogle Trust Services Subject*.google-analytics.com FingerprintE1:54:98:CD:9D:7A:BD:80:E1:F7:F7:9E:4A:C0:BA:A2:F1:F0:5D:C0 ValidityMon, 12 Aug 2024 06:33:44 GMT - Mon, 04 Nov 2024 06:33:43 GMT
File typeJavaScript source, ASCII text, with very long lines (20814) Size106 kB (106101 bytes) Hashd43ff9564ee1a74f216ea119e1bf1b2e dd9b6c415fb641d78ae8d5405325846bfe1c4325 ba0b78baf09d54a68f596a5f6bb2f5aa5c2ddc3683864c6a8b820b09a187c542
GET /gtag/js?id=G-22S9P2RVGZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktok.ewtch.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 10 Sep 2024 21:42:24 GMT
expires: Tue, 10 Sep 2024 21:42:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106101
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 471 B |
IP142.250.74.131:0
Hashc0352a67fec0e31af09e55cadc62466a 3dc66227496510e7f0be04eda03988431dab1ca4 7d0049c3bfeec906333051c0f9890dc933760f494e850b2e0bbd5c42bcc552f4
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Sep 2024 21:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| o.pki.goog/wr2 | 142.250.74.131 | | 472 B |
IP142.250.74.131:0
Hash55c596578922c1e2aabb481e73b7d0c9 83126a3d0ed8389b3c1429861aae4a910af9125b 22b8c6986a96007925026bc63ce9da71ef647603cb8cbda8389c5f0b8f5b8471
POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Sep 2024 21:42:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| tiktok.ewtch.ru/favicon.ico |  92.53.96.223 | 404 Not Found | 196 B |
URL GET HTTP/2tiktok.ewtch.ru/favicon.ico IP92.53.96.223:443
Requested byhttps://tiktok.ewtch.ru/?video=7222171953 CertificateIssuerLet's Encrypt Subjecttiktok.ewtch.ru Fingerprint2F:F3:03:63:FD:DA:BC:8E:97:0A:ED:18:E6:E7:96:59:9D:AF:18:11 ValidityFri, 06 Sep 2024 17:25:28 GMT - Thu, 05 Dec 2024 17:25:27 GMT
File typeHTML document, ASCII text Hash62962daa1b19bbcc2db10b7bfd531ea6 d64bae91091eda6a7532ebec06aa70893b79e1f8 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
GET /favicon.ico HTTP/1.1
Host: tiktok.ewtch.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktok.ewtch.ru/?video=7222171953
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx/1.26.1
date: Tue, 10 Sep 2024 21:42:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 196
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9166ec047d1a1a5f81e7d3837eabbc9a 7ed1e5b331a854776d5c422d2ded1329b74c7044 63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Tue, 10 Sep 2024 22:20:41 GMT
Date: Tue, 10 Sep 2024 21:42:25 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9166ec047d1a1a5f81e7d3837eabbc9a 7ed1e5b331a854776d5c422d2ded1329b74c7044 63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Tue, 10 Sep 2024 22:20:41 GMT
Date: Tue, 10 Sep 2024 21:42:25 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9166ec047d1a1a5f81e7d3837eabbc9a 7ed1e5b331a854776d5c422d2ded1329b74c7044 63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Tue, 10 Sep 2024 22:20:41 GMT
Date: Tue, 10 Sep 2024 21:42:25 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9166ec047d1a1a5f81e7d3837eabbc9a 7ed1e5b331a854776d5c422d2ded1329b74c7044 63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Tue, 10 Sep 2024 22:20:41 GMT
Date: Tue, 10 Sep 2024 21:42:25 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash9166ec047d1a1a5f81e7d3837eabbc9a 7ed1e5b331a854776d5c422d2ded1329b74c7044 63274b199d0425d6b2283c6a23df2ab604b62be6614d18b74decff86727eb1ca
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "63274B199D0425D6B2283C6A23DF2AB604B62BE6614D18B74DECFF86727EB1CA"
Last-Modified: Tue, 10 Sep 2024 02:38:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Tue, 10 Sep 2024 22:20:41 GMT
Date: Tue, 10 Sep 2024 21:42:25 GMT
Connection: keep-alive
|
|
| get.geojs.io/v1/ip/geo.js?callback=geoip&_=1726004544734 |  104.26.1.100 | 200 OK | 345 B |
URL GET HTTP/2get.geojs.io/v1/ip/geo.js?callback=geoip&_=1726004544734 IP104.26.1.100:443
Requested byhttps://tiktok.ewtch.ru/?video=7222171953 CertificateIssuerGoogle Trust Services Subjectgeojs.io Fingerprint5E:FD:53:CD:F8:A3:BD:DD:17:E4:CC:6F:54:DE:06:63:E4:F5:50:9B ValidityWed, 04 Sep 2024 04:14:07 GMT - Tue, 03 Dec 2024 04:14:06 GMT
File typeASCII text, with very long lines (403), with no line terminators Hash16766fc46e6369e4439697a7419eeb5d 61b12a1248f912b65b8674b2c8a1dcb0e3c3f78f 6f9bbff27077f777ad1c9229c18ea82f9cf2ca86d14c8bad100e8bd3def6523d
GET /v1/ip/geo.js?callback=geoip&_=1726004544734 HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tiktok.ewtch.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 10 Sep 2024 21:42:24 GMT
content-type: application/javascript; charset=utf-8
x-request-id: acfd5fb7da4210c295f05ce407d27a23-ASH
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
geojs-backend: ash-01
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBPzLkZp6VOKAQWHAU%2FVl%2F4cWIuZTQhUJ6SIvZzsFno2ZLwi82uMsDgGhHChNM30aeKS9rxR3LWsV3qR8d5tEBQnGNiKtyoZob4XRW2ZFafxQK4DuozOMNZeXF5IRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8c12967579c95687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| tiktok.ewtch.ru/?video=7222171953 | 92.53.96.223 | 200 OK | 5.5 kB |
URL User Request GET HTTP/2tiktok.ewtch.ru/?video=7222171953 IP92.53.96.223:443
CertificateIssuerLet's Encrypt Subjecttiktok.ewtch.ru Fingerprint2F:F3:03:63:FD:DA:BC:8E:97:0A:ED:18:E6:E7:96:59:9D:AF:18:11 ValidityFri, 06 Sep 2024 17:25:28 GMT - Thu, 05 Dec 2024 17:25:27 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (5560), with no line terminators Hash37d552eba2c4ed758d2fe90bc6bd3af8 11adb81b382788221286dd27d256beb0af89b8ab 27c3264de597715fa72d8f3282d91d18b8ab51b56769cdd5546daed0583b17f0
GET /?video=7222171953 HTTP/1.1
Host: tiktok.ewtch.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.26.1
date: Tue, 10 Sep 2024 21:42:24 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
last-modified: Mon, 09 Sep 2024 10:25:01 GMT
etag: W/"15a2-621ad2b6a7010"
content-encoding: gzip
X-Firefox-Spdy: h2
|
|