tktube.com Open in urlscan Pro
172.64.167.10 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tktube.com/embed/160096
Submission: On August 21 via manual (August 21st 2023, 7:35:42 am UTC) from JP — Scanned from JP

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 20 domains to perform 84 HTTP transactions. The main IP is 172.64.167.10, located in United States and belongs to CLOUDFLARENET, US. The main domain is tktube.com. The Cisco Umbrella rank of the primary domain is 424056.
TLS certificate: Issued by GTS CA 1P5 on August 7th 2023. Valid for: 3 months.

This is the only time tktube.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fake Adobe Update

Domain & IP information

	IP Address	AS Autonomous System
10	172.64.167.10 172.64.167.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.175.104 172.217.175.104	15169 (GOOGLE) (GOOGLE)
2	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	173.233.137.52 173.233.137.52	7979 (SERVERS-COM) (SERVERS-COM)
3	23.106.127.156 23.106.127.156	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1 3	185.94.237.77 185.94.237.77	42567 (MOJHOST-EU) (MOJHOST-EU)
4	142.251.222.14 142.251.222.14	15169 (GOOGLE) (GOOGLE)
4	172.64.162.2 172.64.162.2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	173.233.137.60 173.233.137.60	7979 (SERVERS-COM) (SERVERS-COM)
2	52.76.152.234 52.76.152.234	16509 (AMAZON-02) (AMAZON-02)
1	142.251.8.154 142.251.8.154	15169 (GOOGLE) (GOOGLE)
3	23.106.127.147 23.106.127.147	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
1	104.21.35.62 104.21.35.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	173.233.137.44 173.233.137.44	7979 (SERVERS-COM) (SERVERS-COM)
1	45.131.147.145 45.131.147.145	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	212.102.50.11 212.102.50.11	60068 (CDN77 ^_^) (CDN77 ^_^)
2	104.26.6.19 104.26.6.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	172.64.197.23 172.64.197.23	() ()
4	192.243.59.12 192.243.59.12	() ()
84	20

10 172.64.167.10 (United States)

ASN13335 (CLOUDFLARENET, US)

tktube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.104 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)

debtminusmaternal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.106.127.156 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

lby2kd27c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.237.77 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.222.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.162.2 (United States)

ASN13335 (CLOUDFLARENET, US)

friendshipmale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 173.233.137.60 (United States)

ASN7979 (SERVERS-COM, US)

foodowingweapon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lamesinging.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.76.152.234 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-152-234.ap-southeast-1.compute.amazonaws.com

simplewebanalysis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.8.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.106.127.147 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

iezxmddndn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.35.62 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 173.233.137.44 (United States)

ASN7979 (SERVERS-COM, US)

sheethoneymoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.131.147.145 (Bucharest, Romania)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

r.trwl1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.102.50.11 (Tokyo, Japan)

ASN60068 (CDN77 ^_^, GB)
PTR: 422668507.tyo.cdn77.com

static.javhdhello.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.6.19 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.yourwebbars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.64.197.23 (None, )

ASN- ()

cdn.creative-bars1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.243.59.12 (None, )

ASN- ()

unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	creative-bars1.com cdn.creative-bars1.com	119 KB
10	sheethoneymoon.com sheethoneymoon.com	24 KB
10	tktube.com tktube.com — Cisco Umbrella Rank: 424056	164 KB
8	javhdhello.com static.javhdhello.com — Cisco Umbrella Rank: 46321	696 KB
8	lamesinging.com lamesinging.com	8 KB
4	unseenreport.com unseenreport.com	2 KB
4	friendshipmale.com friendshipmale.com — Cisco Umbrella Rank: 16789	108 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62	21 KB
3	iezxmddndn.com iezxmddndn.com — Cisco Umbrella Rank: 67744	66 KB
3	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 25590	4 KB
3	lby2kd27c.com lby2kd27c.com — Cisco Umbrella Rank: 38630	55 KB
2	yourwebbars.com cdn.yourwebbars.com — Cisco Umbrella Rank: 33799	2 KB
2	simplewebanalysis.com simplewebanalysis.com — Cisco Umbrella Rank: 12981	595 B
2	foodowingweapon.com foodowingweapon.com	14 KB
2	debtminusmaternal.com debtminusmaternal.com	58 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	14 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	129 KB
1	trwl1.com r.trwl1.com — Cisco Umbrella Rank: 89678	977 B
1	bncloudfl.com cdn.bncloudfl.com — Cisco Umbrella Rank: 16598	176 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 122	342 B
84	20

	Domain	Requested by
12	cdn.creative-bars1.com	foodowingweapon.com tktube.com sheethoneymoon.com
10	sheethoneymoon.com	debtminusmaternal.com tktube.com foodowingweapon.com
10	tktube.com	tktube.com static.cloudflareinsights.com
8	static.javhdhello.com	r.trwl1.com static.javhdhello.com
8	lamesinging.com	sheethoneymoon.com tktube.com
4	unseenreport.com
4	friendshipmale.com	debtminusmaternal.com foodowingweapon.com sheethoneymoon.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	iezxmddndn.com	lby2kd27c.com iezxmddndn.com
3	poweredby.jads.co	1 redirects tktube.com poweredby.jads.co
3	lby2kd27c.com	tktube.com lby2kd27c.com
2	cdn.yourwebbars.com	foodowingweapon.com sheethoneymoon.com
2	simplewebanalysis.com	debtminusmaternal.com
2	foodowingweapon.com	debtminusmaternal.com tktube.com
2	debtminusmaternal.com	tktube.com
2	static.cloudflareinsights.com	tktube.com
2	www.googletagmanager.com	tktube.com www.googletagmanager.com
1	r.trwl1.com	poweredby.jads.co
1	cdn.bncloudfl.com	tktube.com
1	stats.g.doubleclick.net	www.google-analytics.com
84	20

This site contains no links.

Subject Issuer	Validity	Valid
tktube.com GTS CA 1P5	`2023-08-07` - `2023-11-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
debtminusmaternal.com R3	`2023-07-10` - `2023-10-08`	3 months	crt.sh
Buypass Class 2 CA 5	`2023-05-31` - `2023-11-26`	6 months	crt.sh
foodowingweapon.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
simplewebanalysis.com Amazon RSA 2048 M01	`2023-03-02` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sheethoneymoon.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2022-12-26` - `2024-01-26`	a year	crt.sh
r.trwl1.com R3	`2023-07-16` - `2023-10-14`	3 months	crt.sh
lamesinging.com R3	`2023-08-17` - `2023-11-15`	3 months	crt.sh
1079288232.rsc.cdn77.org R3	`2023-07-21` - `2023-10-19`	3 months	crt.sh
creative-bars1.com GTS CA 1P5	`2023-06-25` - `2023-09-23`	3 months	crt.sh
*.unseenreport.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://tktube.com/embed/160096
Frame ID: E2FDBF5E14993AC8BFA0467D58E32C99
Requests: 39 HTTP requests in this frame

Frame: https://tktube.com/player/html.php?aid=start_html&video_id=160096&cs_id=&category_ids=9&embed=true&referer=&rnd=1692603333675
Frame ID: 48703B465560F413AE0009C2C07BBF68
Requests: 29 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/c80/ad6/a7d/c80ad6a7d31ab26c8c31fcb7c98cfb9cd1a140fe.gif
Frame ID: A16EBD21D7A4D998999536E4CA0CF121
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1004867
Frame ID: 70FD49D1FFCA86A3927553C713715A55
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=1004867
Frame ID: E75F8D3E118DEA9E95D25AA211A298D5
Requests: 1 HTTP requests in this frame

Frame: https://r.trwl1.com/s1/668ab773-1ab8-41e7-b575-42f0c8f2868c?externalId=remnant
Frame ID: D68FA2B76930A11A67FD450B1CFD4D07
Requests: 1 HTTP requests in this frame

Frame: https://static.javhdhello.com/h5/files/16291/300x250.html?targetUrl=http%3A%2F%2Fr.trwl1.com%2Fc1%2Fa1366e5e-edc5-4db5-aeb2-3684128d575b%3FexternalId%3Dremnant%26p%3DeyJiIjoyNzc5NDUsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjEsInAiOjEsInMiOjIxNjUzfQ
Frame ID: 24BC0AD0C0197B5EBDA5027F41A46D8D
Requests: 8 HTTP requests in this frame

Frame: https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/overlay/1/img/fine.png
Frame ID: 97108D3D70B572869D3C4DA1034E5D0E
Requests: 3 HTTP requests in this frame

Frame: https://cdn.creative-bars1.com/sb/notifications/software/multi/flashplayer/overlay/1/img/fine.png
Frame ID: A2D275FCD1B2C60183F671A9FAA6FACF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【モザイク破壊】IPX-843 美乳おっぱい丸出しエステティシャンの小悪魔射精コントロール宮西ひかる

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

98 %
HTTPS

0 %
IPv6

20
Domains

20
Subdomains

20
IPs

6
Countries

1662 kB
Transfer

3014 kB
Size

35
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

84 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 160096 Show response
tktube.com/embed/ 9 KB
4 KB 1016ms
604ms Document
text/html 172.64.167.10
CLOUDFLARENET

General

Domain/Path	Expires	Name / Value
.tktube.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: hp5dm78gj86v54t7hadcph61cr
.tktube.com/	1970-01-20 14:11:29	Name: kt_vast_585561 Value: c72c849bedf723888d0386a69e76decc
.tktube.com/	1970-01-20 14:11:29	Name: kt_ips Value: 217.178.72.159
.tktube.com/	1970-01-20 23:46:03	Name: _ga_R6X849L82V Value: GS1.1.1692603334.1.0.1692603334.0.0.0
.tktube.com/	1970-01-20 23:46:03	Name: _ga Value: GA1.2.372677240.1692603334
.tktube.com/	1970-01-20 14:11:29	Name: _gid Value: GA1.2.412089727.1692603335
.tktube.com/	1970-01-20 14:10:03	Name: _gat_gtag_UA_36407794_11 Value: 1
lby2kd27c.com/	1970-01-20 23:44:36	Name: UID Value: 2308210235b0e1c4fadfed44f3a3a1d521b2
lby2kd27c.com/	1970-01-20 23:44:36	Name: CHCK Value: 1
tktube.com/	1969-12-31 23:59:59	Name: bnState_1991459 Value: {"impressions":1,"delayStarted":0}
tktube.com/	1969-12-31 23:59:59	Name: bnState Value: {"impressions":1,"delayStarted":0}
tktube.com/	1970-01-20 14:10:06	Name: ppu_main_1c7e2f1280cb5040773607debbc5e1dc Value: 1
simplewebanalysis.com/	1970-01-20 23:46:03	Name: uid_id2 Value: 37f979b2-7f35-459a-8366-6b62d08128be:2:1
tktube.com/	1970-01-20 14:20:08	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 37f979b2-7f35-459a-8366-6b62d08128be%3A2%3A1
lby2kd27c.com/	1970-01-20 14:53:15	Name: OAICAP Value: AC2hhAAAAAAAAAAB
lby2kd27c.com/	1970-01-20 14:53:15	Name: OAIBLOCK Value: AC2hhAAAAABk4u9Q
lby2kd27c.com/	1970-01-20 14:53:15	Name: OACICAP Value: ACHmMAAAAAAAAAAB
lby2kd27c.com/	1970-01-20 14:53:15	Name: OACIBLOCK Value: ACHmMAAAAABk4u9Q
iezxmddndn.com/	1970-01-20 23:44:36	Name: CHCK Value: 1
iezxmddndn.com/	1970-01-20 23:44:36	Name: UID Value: 230821023594cebf0cedd8403ca754892781
tktube.com/	1970-01-20 14:10:06	Name: sb_main_1386c4c2d5bd4dbf489d6fbbb684d313 Value: 1
tktube.com/	1970-01-20 14:10:06	Name: sb_page_1386c4c2d5bd4dbf489d6fbbb684d313 Value: 2
.jads.co/	1970-01-20 22:55:39	Name: surferid Value: 50960e563a97a600bfe9a0bba4a77ba4
.jads.co/	1970-01-20 14:14:22	Name: juicy_data_1 Value: YTowOnt9
.jads.co/	1970-01-20 14:14:22	Name: juicy_data Value: YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
tktube.com/	1970-01-20 14:10:06	Name: sb_count_1386c4c2d5bd4dbf489d6fbbb684d313 Value: 2
tktube.com/	1969-12-31 23:59:59	Name: sb_onpage_1386c4c2d5bd4dbf489d6fbbb684d313 Value: 2
sheethoneymoon.com/	1970-01-20 14:11:29	Name: u_pl Value: 17245274
sheethoneymoon.com/	1970-01-20 14:20:08	Name: uid_id2 Value: 37f979b2-7f35-459a-8366-6b62d08128be:2:1
sheethoneymoon.com/	1970-01-20 14:11:29	Name: pdhtkv Value: true
sheethoneymoon.com/	1970-01-20 14:11:29	Name: uncs Value: 1
sheethoneymoon.com/	1970-01-20 14:11:29	Name: pdhtkv29 Value: true
sheethoneymoon.com/	1970-01-20 14:11:29	Name: uncs29 Value: 1
sheethoneymoon.com/	1970-01-20 14:10:03	Name: slec1386c4c2d5bd4dbf489d6fbbb684d313 Value: [4482679]
tktube.com/	1970-01-20 14:10:03	Name: pbpr0tpuw4isk85t8yg3jb2lj5vqf Value: sheethoneymoon.com

tktube.com Open in urlscan Pro 172.64.167.10 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

98 %HTTPS

0 %IPv6

20 Domains

20 Subdomains

20 IPs

6 Countries

1662 kBTransfer

3014 kBSize

35 Cookies

0 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tktube.com Open in urlscan Pro
172.64.167.10 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

98 %
HTTPS

0 %
IPv6

20
Domains

20
Subdomains

20
IPs

6
Countries

1662 kB
Transfer

3014 kB
Size

35
Cookies

84 HTTP transactions
3 data transactions