twitch.viwap.com Open in urlscan Pro
51.254.229.32 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://twitch.viwap.com/tiktok
Submission: On April 08 via manual (April 8th 2023, 4:53:35 am UTC) from RU — Scanned from FR

Summary HTTP 57 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 12 domains to perform 57 HTTP transactions. The main IP is 51.254.229.32, located in Quincy-sous-Senart, France and belongs to OVH, FR. The main domain is twitch.viwap.com.

This is the only time twitch.viwap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.254.229.32 51.254.229.32	16276 (OVH) (OVH)
3	93.93.51.191 93.93.51.191	34655 (DOCLER-AS) (DOCLER-AS)
1 2	2a00:1178:1:4... 2a00:1178:1:4b::f	35415 (WEBZILLA) (WEBZILLA)
25	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:6528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
6	172.247.80.179 172.247.80.179	40065 (CNSERVERS) (CNSERVERS)
3	2600:9000:225... 2600:9000:2250:600:1f:3552:bdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:225... 2600:9000:225e:9000:3:1fbb:780:93a1	16509 (AMAZON-02) (AMAZON-02)
4	93.93.51.200 93.93.51.200	34655 (DOCLER-AS) (DOCLER-AS)
4	2a03:9c40::4a... 2a03:9c40::4a53:0:0:190	() ()
1	93.93.51.225 93.93.51.225	() ()
1	2a00:1450:400... 2a00:1450:4001:831::200e	() ()
57	14

1 51.254.229.32 (Quincy-sous-Senart, France)

ASN16276 (OVH, FR)
PTR: ns1.wap4.co

twitch.viwap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.93.51.191 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

ptwmemd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt.ctsdwm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::f (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

fagywalu.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tk18.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6528 (United States)

ASN13335 (CLOUDFLARENET, US)

chaturbate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.247.80.179 (United States)

ASN40065 (CNSERVERS, US)

webapi.693f50a0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2250:600:1f:3552:bdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.693f50a0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:9000:3:1fbb:780:93a1 (United States)

ASN16509 (AMAZON-02, US)

oumeicdn.693f50a0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 93.93.51.200 (Luxembourg)

ASN34655 (DOCLER-AS, LU)

pt-static1.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static2.ptwmstcnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:9c40::4a53:0:0:190 (None, )

ASN- ()

galleryn12.awemdia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
galleryn11.awemdia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.93.51.225 (None, )

ASN- ()

api-protected.protoawegw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	tk18.me tk18.me	615 KB
12	693f50a0.com webapi.693f50a0.com — Cisco Umbrella Rank: 975889 video.693f50a0.com — Cisco Umbrella Rank: 654983 oumeicdn.693f50a0.com — Cisco Umbrella Rank: 589548	115 KB
4	awemdia.com galleryn12.awemdia.com galleryn11.awemdia.com	57 KB
4	ptwmstcnt.com pt-static1.ptwmstcnt.com — Cisco Umbrella Rank: 120973 pt-static3.ptwmstcnt.com — Cisco Umbrella Rank: 291876 pt-static2.ptwmstcnt.com — Cisco Umbrella Rank: 152172	126 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	264 KB
2	ctsdwm.com pt.ctsdwm.com — Cisco Umbrella Rank: 103065	7 KB
2	fagywalu.pro 1 redirects fagywalu.pro	810 B
1	google-analytics.com www.google-analytics.com	20 KB
1	protoawegw.com api-protected.protoawegw.com	1 KB
1	chaturbate.com chaturbate.com — Cisco Umbrella Rank: 13695
1	ptwmemd.com ptwmemd.com — Cisco Umbrella Rank: 172049	6 KB
1	viwap.com twitch.viwap.com	1 KB
57	12

	Domain	Requested by
25	tk18.me	twitch.viwap.com tk18.me
6	webapi.693f50a0.com	tk18.me
4	www.googletagmanager.com	tk18.me www.googletagmanager.com pt.ctsdwm.com
3	galleryn11.awemdia.com	pt.ctsdwm.com
3	oumeicdn.693f50a0.com	tk18.me
3	video.693f50a0.com	tk18.me
2	pt-static1.ptwmstcnt.com	pt.ctsdwm.com
2	pt.ctsdwm.com	ptwmemd.com
2	fagywalu.pro	1 redirects twitch.viwap.com
1	www.google-analytics.com	www.googletagmanager.com
1	api-protected.protoawegw.com	pt-static2.ptwmstcnt.com
1	galleryn12.awemdia.com	pt.ctsdwm.com
1	pt-static2.ptwmstcnt.com	pt.ctsdwm.com
1	pt-static3.ptwmstcnt.com	pt.ctsdwm.com
1	chaturbate.com	twitch.viwap.com
1	ptwmemd.com	twitch.viwap.com
1	twitch.viwap.com
57	17

This site contains links to these domains. Also see Links.

Domain
cpmlink.net

Subject Issuer	Validity	Valid
*.tk18.me GTS CA 1P5	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.highwebmedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-03` - `2023-10-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
webapi.693f50a0.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
video.693f50a0.com Amazon RSA 2048 M02	`2022-11-01` - `2023-12-01`	a year	crt.sh
oumeicdn.693f50a0.com Amazon RSA 2048 M02	`2023-02-01` - `2024-03-02`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://twitch.viwap.com/tiktok
Frame ID: 43D5981FEBC9A219E5C62C18C705022B
Requests: 3 HTTP requests in this frame

Frame: https://tk18.me/
Frame ID: 011FF877917BB7449FA745059D7E4861
Requests: 40 HTTP requests in this frame

Frame: https://chaturbate.com/in/?track=embed&tour=dTm0&campaign=ldZ4M&disable_sound=1&mobileRedirect=auto&embed_video_only=1
Frame ID: 55925C4093D981953009F096C4D22275
Requests: 1 HTTP requests in this frame

Frame: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
Frame ID: 2226A987F7F05DECE6A801C75350DF61
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

tiktok 18+ mp4

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

57
Requests

75 %
HTTPS

62 %
IPv6

12
Domains

17
Subdomains

14
IPs

5
Countries

1240 kB
Transfer

9461 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://cpmlink.net/qnBtAQ
Title: Azian Idol video

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T HTTP 301
https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T

57 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request tiktok Show response
twitch.viwap.com/ 2 KB
1 KB 56ms
22ms Document
text/html 51.254.229.32
OVH

General

Check archive.org

Show headers Download Go to

Full URL

http://twitch.viwap.com/tiktok

Protocol

HTTP/1.1

Server

51.254.229.32 Quincy-sous-Senart, France, ASN16276 (OVH, FR),

Reverse DNS

ns1.wap4.co

Software

Resource Hash

6c73735523e651639f05442450743e848603303cad971475f8eacf1369d18e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 1272
Content-Type: text/html; charset=UTF-8
Date: Sat, 08 Apr 2023 05:07:16 GMT
Strict-Transport-Security: max-age=15768000
Vary: Accept-Encoding
X-XSS-Protection: 0

GET
H/1.1 200
OK fk Show response
ptwmemd.com/embed/ 6 KB
6 KB 66ms
37ms Script
application/javascript 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ptwmemd.com/embed/fk?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&category=celebrity&vp[showChat]=true&vp[chatAutoHide]=true&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&ms_notrack=1&subAffId={SUBAFFID}
Requested by: Host: twitch.viwap.com
URL: http://twitch.viwap.com/tiktok
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 959f11906b9352314dd69dcdeea2caeff1c35f6f9a10a3f6fd8fe32189254e6c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://twitch.viwap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 04:53:21 GMT
Cache-Control: no-cache
Server: unknown
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2

200

1T Show response
fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/
Redirect Chain

http://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T

0
450 B

89ms
42ms

Script
application/javascript

2a00:1178:1:4b::f
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T

Requested by

Host: twitch.viwap.com
URL: http://twitch.viwap.com/tiktok

Protocol

Server

2a00:1178:1:4b::f , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://twitch.viwap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 Apr 2023 04:53:21 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT

Redirect headers

Date: Sat, 08 Apr 2023 04:53:21 GMT
X-Content-Type-Options: nosniff
Server: nginx
Content-Type: text/html
Location: https://fagywalu.pro/cHDj9.6tbF2i5HlVS/W_QW9QNjD_MYzXMXj/Ma4KNjCP0/0WMEzeM/ydMCzPg/1T
Cache-Control: max-age=315360000
Connection: keep-alive
Content-Length: 162
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
tk18.me/ Frame 011F 226 KB
65 KB 746ms
662ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/
Requested by: Host: twitch.viwap.com
URL: http://twitch.viwap.com/tiktok
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd1864acc92730d58a7d0de91d3caaf10ad2212d1b2008f113d779ddb1a2580e

Request headers

Referer: http://twitch.viwap.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b47e7f97e4b2a68-CDG
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 08 Apr 2023 04:53:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYtw85vaopw8kXOoaml77hE2ncJrRv55Y97HEjeO%2B6Ddq8iAmqA1WmsG3PLN12tpgbCa5kn0ZVno209F%2FKpwhlPs1thxtm4T%2F%2FRU4gJ7VJkAxpTG1Vr2blRSNTSgm8ZPzbglLULe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 403 /
chaturbate.com/in/ Frame 5592 0
0 79ms
28ms Document
text/html 2606:4700::6812:6528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://chaturbate.com/in/?track=embed&tour=dTm0&campaign=ldZ4M&disable_sound=1&mobileRedirect=auto&embed_video_only=1

Requested by

Host: twitch.viwap.com
URL: http://twitch.viwap.com/tiktok

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://twitch.viwap.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7b47e7f998ed2a1b-CDG
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Sat, 08 Apr 2023 04:53:21 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2F9BToRpgFP0jy7yGzD6lFqP8VQbKxZTvDpyjUn4momthw6oQt7YPbZauCIamc0mBpDyGjoxgAcyWNHE2EoeWhx2x7inCrkkv5CJZ6h7HkanYIz%2FSGRW%2BxjYv5KN8n7jZAnacSKFRfJCCkA2"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 011F 113 KB
44 KB 100ms
40ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2M475F&l=dataLayer

Requested by

Host: tk18.me
URL: https://tk18.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e9bcfc104927d6ab6e6d6016491f7781815057a979e7167f48f39fef1f6a573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44642
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Apr 2023 04:53:22 GMT

GET
H2 200 517ae26.js Show response
tk18.me/_nuxt/ Frame 011F 3 KB
2 KB 32ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/517ae26.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19081321412cfead373ef08590b4a734e75aa32f54f6d460a647322971b3487e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 148433
etag: W/"a92-1872bf27d45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbKABvd5BYlPPYENJn6z8RB38FMrYfNMfrknEZEw6izzfSoRFfbTkjFnvWkrqeDqYY5Nn9OLdbE9U11%2F9MDgZoS59rmILrirbYVIj4CBMfw%2B13ASjzqqKe37pLHyFr1HHR8YKkSf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafb92a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 d64967d.js Show response
tk18.me/_nuxt/ Frame 011F 223 KB
78 KB 48ms
46ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/d64967d.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fc710abf566b75760cb698afbb5f36fd1c6e660a68a05e0e4c7a1e08823fa4b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 859451
etag: W/"37c89-1872bf27d4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WiTMyOQb0xo8YTVDUHKmMexypjIjeK8Pw91U2E5TrT1l7n7wbLM11oZMKf2pNDTN8fCSFGWDzhCwdihJuc5Ztbslju2yMI6GTCWxKYE3BIvScigpHkvBGPKzczdi6ipmeVLQn7a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafba2a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 b5d81d9.js Show response
tk18.me/_nuxt/ Frame 011F 1 MB
309 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/b5d81d9.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddc25611e98e45385bd1a9343ebd4faf9fb44815026df870dd538e2430a3135e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 859451
etag: W/"113abf-1872bf27d4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kv%2FPCjnpwb0yOYO3MkfTW2HQMxuL0V9CvapL95SJNCbP1oyVJpq1zbIZuaA0WnWLgQfe8f0F6Le69oxfOENeQAWYwJgcgdxBtU%2BX3JaxuunIB6Cpb92u2iWNXr%2B1PD2TAcNjazbi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafbb2a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fd9be49.js Show response
tk18.me/_nuxt/ Frame 011F 73 KB
21 KB 32ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/fd9be49.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc669a79e6674f36c0a2a04af0ff2d3acf9573b34a4d364079b3bd5810ec8b1f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 148433
etag: W/"1220c-1872bf27d4d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGlsJEiZIJPJX78J220v4mTcWt9gLlq0HWWUXpfWRG7O8hGuiXYPaB5KSQMwl%2FKIV2V7LYS5fEKg6l%2BsbuVdrLFQqKwMooVJp3jyqvcJBQy%2BfPiYgincKi4eOh%2BBfkWzBsc4zeX5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafbc2a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 75ec266.js Show response
tk18.me/_nuxt/ Frame 011F 71 KB
15 KB 28ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/75ec266.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c7e5250fe5bba416e2e956e0a8c344f59f53c9e78b40da76c44eb609d03c517

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 859451
etag: W/"11d07-1872bf27d45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZQiyP4Neg4CfhtDZ%2BimE5hCBhBMr%2BE%2FUyEFyme4E%2BpfxxpP%2Bm5557yP7GY5z0QuPMTfbWNqsR%2BQAUMFhXD%2BLSCWqqcwHdb7jU0FUecqE%2BGMfW85DwfgslEddLxFUFiM8QX2cOEa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafbd2a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 7c2ddc4.js Show response
tk18.me/_nuxt/ Frame 011F 20 KB
7 KB 27ms
26ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/7c2ddc4.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ff24c2b8b18098fa086de3ef4e380cf3152327a6b0d93018455a7bfeec0562

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 859451
etag: W/"4f6c-1872bf27d46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQo4jVECmE2w6hyPKoXXUX54DJhaD8FtjtaYnDtpELaq1Bgy8M%2F2AsknW8ontuR5CXdwuFLtltqFl7Wo56f6pS6SPXOk9qJMVT8Pi4WTsukswhXNh1x%2FS70YoutNHJAfrPLVhrq2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafbe2a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 286e51f.js Show response
tk18.me/_nuxt/ Frame 011F 38 KB
11 KB 46ms
45ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/286e51f.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b52d5ea4b679e9b0e3945142385ba1bb7a7608a4db85218daf52144dfd94bf0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 148433
etag: W/"961b-1872bf27d45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inAb4RzjUw10kmzY4Zpacyh2uac9NO%2BQpR6ChMEaXVTZRI7V8wMjBsBcwcmt%2FZ9%2FTMPlmw0nN%2Bak%2FHrabMwBHYLJeshurB38VgVoHrsBHYIaRx%2B9%2FVcutcLmuZPBGrJ4nCXsYCPZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafbf2a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 c8c1d9a.js Show response
tk18.me/_nuxt/ Frame 011F 19 KB
5 KB 31ms
30ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/c8c1d9a.js
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17bbefc15f2122e5f3e3546ed0c6114babf365ed238cce79677262db0d5a3af6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 859450
etag: W/"4bf9-1872bf27d4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ipl20gG6wMVfPgEBNm%2FuFR4G14FiHAx%2F9Iq%2FsZSLtQPw88%2F71pWm6fn%2Bnq9WMxBUE9b78WliB7iGuAV5v90mHG2gP2GO3DrsYHNS0Z5XIu5Iex0WmdshtAU7BuzBi3PBfRWO%2Btci"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e7fdafc02a68-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 204 list
webapi.693f50a0.com/v1/basic/popup/ Frame 0
0 692ms
142ms Preflight 172.247.80.179
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.693f50a0.com/v1/basic/popup/list
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.80.179 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,noencrypt,notsign
Access-Control-Request-Method: POST
Origin: https://tk18.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, noencrypt, notsign
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range
access-control-max-age: 1728000
content-length: 0
date: Sat, 08 Apr 2023 04:53:23 GMT
server: qq.com
x-cache-status: MISS

OPTIONS
H2 204 index
webapi.693f50a0.com/v1/recommend/ Frame 0
0 691ms
143ms Preflight 172.247.80.179
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.693f50a0.com/v1/recommend/index
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.80.179 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,noencrypt,notsign
Access-Control-Request-Method: POST
Origin: https://tk18.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, noencrypt, notsign
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range
access-control-max-age: 1728000
content-length: 0
date: Sat, 08 Apr 2023 04:53:23 GMT
server: qq.com
x-cache-status: MISS

OPTIONS
H2 204 appGlobal
webapi.693f50a0.com/v1/config/ Frame 0
0 691ms
143ms Preflight 172.247.80.179
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.693f50a0.com/v1/config/appGlobal
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.80.179 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,noencrypt,notsign
Access-Control-Request-Method: POST
Origin: https://tk18.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, noencrypt, notsign
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Range
access-control-max-age: 1728000
content-length: 0
date: Sat, 08 Apr 2023 04:53:23 GMT
server: qq.com
x-cache-status: MISS

GET
H3 200 a58e4b4.js Show response
tk18.me/_nuxt/ Frame 011F 5 KB
3 KB 616ms
616ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tk18.me/_nuxt/a58e4b4.js
Requested by: Host: tk18.me
URL: https://tk18.me/_nuxt/517ae26.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e5098158534cdc62e117612c4096bd0452d06ca81279f8916725157999f044

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 05:58:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1485-1872bf27d46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIBouu5MNjHyGWhwwne8TzGvYCXIzzzvQBYShV6sTD136rVO0dQ7esZ3gXQ%2FEstN6q6%2Fs%2FiagNVsnneGMCIlrseSzZvmR473wAKm8tfkN%2F8O7oCmKncE05KguZ7Cllcs8v7faNbc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7b47e802e9ffd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 header_upload.png
tk18.me/images/home/ Frame 011F 794 B
1 KB 649ms
648ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/header_upload.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbd085e07feb2399f8c6ee9ae1121827cf914a412c45665e8bbf607373b72b21

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31a-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAZqNtgkDf5RRSpm9Hkj3sjbK8kcWEWJOjRBviikKLi6XJ8MTk05LgSjdC9Rz0rbK6ANWGPMXRBc2s8WqtCgETfWIdBiadukwpndba6%2Bk%2Fm5%2F%2BWqQ%2ByicvHBAQR5sCmZcwUeRtTn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e8032a36d2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 794

GET
H3 200 tab_icon_1.png
tk18.me/images/home/ Frame 011F 602 B
1 KB 652ms
651ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/tab_icon_1.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd6e1c0412b7216b3cc6bb6f359c2ee187a0a0f5d405c30035b6a3b49f4f277

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"25a-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yf0HSTvmFGUICHpOZrssr6keSQEic9ltsoms7cx4cRxcPib57syraf1JcWgN3gms3bHEAvl1OwZjT5HwHcTYixp2pTipVexqFBBbKcM06jOHTZ8Af%2F2LiB%2BoOz9wnZUCyhp%2FACl1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e8032a38d2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 602

GET
H3 200 tab_icon_2.png
tk18.me/images/home/ Frame 011F 848 B
1 KB 610ms
609ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/tab_icon_2.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa7939f2221d2a84b8eb87dccb7538cef7f56cb05db003d797a8370e2454ce2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"350-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDNY1%2Bdn5ytV3xlyPPkqaPbXWHKrnkBNkJbsJuk0nUjJNvxxyqwgf9Ga%2B%2FvNwlmqmdaM2JScNjmFcpUn9ygvzN8yhLQzDfQX2AQ%2B4axFF%2FDpHVZk8HOitNBoyLHjtoWxZ0nmvjuf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e8032a3bd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 848

GET
H3 200 tab_icon_3.png
tk18.me/images/home/ Frame 011F 772 B
1 KB 608ms
608ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/tab_icon_3.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f732c5208fc3ec0686d18afa2f431d418a25adb36434a549fbf32e609c0ced10

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"304-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXkjPYdYXltri4t1Swb7HuYGoW3PT%2BCxoc6WemDH%2BzdwpnTnaJD%2FRRW1HWa4s%2F3bHbp98rIR69cZlC8adiMtRJG6EL07uy7rVzMXHEqh3sodv98RgO2v7yN%2BaKh3e7B1bfKRfUR1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e8032a3dd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772

GET
H3 200 tab_icon_4.png
tk18.me/images/home/ Frame 011F 708 B
1 KB 600ms
600ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/tab_icon_4.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 797f574ac3c9875ef6f54f8e0b9384a617773c4ac23076b97128d8c07ce4a2f6

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c4-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwiFpROqt%2FP%2FzgBX9mMg59D6aSoAujemjyIRt9kj%2B4VTaqZKBxeEadh%2BO%2FkNHu0pWLrEqmUto6MAygXLlUH2CuDUGB%2FI36Icn2DS%2FxoK7VqVMr3UFUXD91vmoqge62pEJLoFFoaw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e8032a3ed2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 708

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 011F 222 KB
78 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GZ5KH73P39&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2M475F&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf12015a90ae421c1352ef660e37811128cda2df0a65f59cc26789caea2da2be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 04:53:23 GMT

GET
H3 200 tiktok-logo.8432dc4.png
tk18.me/_nuxt/img/ Frame 011F 15 KB
15 KB 641ms
641ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/_nuxt/img/tiktok-logo.8432dc4.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b630825e43f05c3ea87b947d3bbb61767a5e2cda2ee8f3f8593b77dc49f63f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 15 Feb 2023 09:25:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b13-1865464e86c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BgLdaXT4k%2FEslH1LQ60LGouNkhpPaF668k%2FP6X2KyEHx2oDJwMtf4cgE6gnRGQrzYvQ2N7s2ZkyyRqSIL8ZYldRo1lV%2B5f5%2FiyB5ti7VsS3nj6pFyHqqWu50bwWm3P33UpQQyzA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7b47e8036aa2d2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 011F 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 200 list Show response
webapi.693f50a0.com/v1/basic/popup/ Frame 011F 692 B
806 B 180ms
179ms XHR
application/json 172.247.80.179
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.693f50a0.com/v1/basic/popup/list
Requested by: Host: tk18.me
URL: https://tk18.me/_nuxt/d64967d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.80.179 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: e854d06be01711b8c002fc784328fc0648d76f991c4dc3f16c12921e00dfc04d

Request headers

Accept: application/json, text/plain, */*
noencrypt: 1
Referer
notsign: 1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
content-encoding: gzip
server: qq.com
x-cache-status: MISS
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
traceid: Tl68v7N758
access-control-expose-headers: Content-Length, Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, noencrypt, notsign
content-length: 411

POST
H2 200 index Show response
webapi.693f50a0.com/v1/recommend/ Frame 011F 22 KB
4 KB 269ms
269ms XHR
application/json 172.247.80.179
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.693f50a0.com/v1/recommend/index
Requested by: Host: tk18.me
URL: https://tk18.me/_nuxt/d64967d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.80.179 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: 4693dea8fff2894ff736b259122c48116421f12a02befa5fb203c0e6255ab3b5

Request headers

Accept: application/json, text/plain, */*
noencrypt: 1
Referer
notsign: 1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
content-encoding: gzip
server: qq.com
x-cache-status: MISS
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
traceid: hfHqZmCVaV
access-control-expose-headers: Content-Length, Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, noencrypt, notsign

POST
H2 200 appGlobal Show response
webapi.693f50a0.com/v1/config/ Frame 011F 2 KB
1 KB 175ms
175ms XHR
application/json 172.247.80.179
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://webapi.693f50a0.com/v1/config/appGlobal
Requested by: Host: tk18.me
URL: https://tk18.me/_nuxt/d64967d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.80.179 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: 26f7570619998071a671c03ad87ede0fb459177e12c2f9c6654cc05dab68910c

Request headers

Accept: application/json, text/plain, */*
noencrypt: 1
Referer
notsign: 1
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
content-encoding: gzip
server: qq.com
x-cache-status: MISS
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
traceid: ETx8DR2obK
access-control-expose-headers: Content-Length, Content-Range
access-control-allow-credentials: true
access-control-allow-headers: DNT, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, noencrypt, notsign
content-length: 747

GET
H3 200 frame.png
tk18.me/images/home/ Frame 011F 2 KB
2 KB 643ms
642ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/frame.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd385a76d676aeedacca2f7c9834d40cc353e092c47ac0eb6d1b63fa0d645ad3

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Fri, 20 Jan 2023 06:10:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65b-185cdcc81b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BABxYuH1FoPRYXFHhN5clNwwFOfS945PEP%2BIyWeDAZxSIG8xbzCdV%2F0kyXml657p7hDTlu2%2FLlDN9PVMyXh0pyWipBC%2FkKzcSXVGQwrIP8gozL2WsvoNwczLcLNl%2FFuXn11%2FCON2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
cf-ray: 7b47e8039aced2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 18_icon.png
tk18.me/images/home/ Frame 011F 3 KB
3 KB 641ms
640ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/18_icon.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb86414168aa0c3f26a7843a5f29e4a45b5c0dc5bfe4efaf83658f9dd088d2a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Mar 2023 08:27:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b56-1869c48be4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3mU8Y3kSx51XoZj%2FAlFZcK72tnyHKBZaf3gXYCGi9ANxCNh1mq9XUCjhOwHL8dHxWU5DnioGMh4y6Nyf%2FO8NlRYGHAr73mR4IVDHsMkX5qzHZxAf%2FbFTvVxHdpHrROSk47GByKt"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
cf-ray: 7b47e8039acfd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 enter_button.png
tk18.me/images/home/ Frame 011F 58 KB
59 KB 1076ms
1075ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/enter_button.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909643b36f0a850019a33522d21310df8ea69ffdfdc21352cd79b6373bacc358

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:24 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Mar 2023 09:51:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e8ab-186caeedaf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28M4JVcisAqO9L6J5O9rV3MYqVDX5buyYKT57qJaMOkwasFO7F5PwMW4HsAuNpJ3rKyIf80dDXr2tWYBd0qJ%2FAjrmjCr%2Bh9xSv9LBX0oGkq6H88avC3vGAekSa9Y9DsLxZ8PBi98"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
cf-ray: 7b47e8039ad4d2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cancel_button.png
tk18.me/images/home/ Frame 011F 4 KB
4 KB 627ms
626ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/cancel_button.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f24a6bb292b93ad811e697828919fc6a9c6f5703d949f10d3be7ca2f1c6271f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:23 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Mar 2023 08:27:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ffe-1869c48be4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohhvfgRflCVONAo1aqQPHVszB8JpQ4od%2F98VtsBhGQQhGuWknuWVYSWe%2BJQ5uESc66Zpqf%2F%2Bt9e3rkFCYMsDIApEcQ49E%2FGrhmuUmq%2BZgFy8X9LfUKICsV2ns5V4LySVSEbm4YFT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
cf-ray: 7b47e8039ad6d2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 011F 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d59d107166241069ca3e1fbb36bb6e7cbfa66a583d367d9ebc97ed4882004be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 be32eb0c50496b495c59.png
video.693f50a0.com/app/2023-03/ Frame 011F 8 KB
8 KB 125ms
26ms Image
image/jpeg 2600:9000:2250:600:1f:3552:bdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.693f50a0.com/app/2023-03/be32eb0c50496b495c59.png

Requested by

Host: tk18.me
URL: https://tk18.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:600:1f:3552:bdc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1f25d440387d3ce84caaf82480d09333191d7b07cae1598a34ea7f339de809f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
date: Thu, 06 Apr 2023 12:22:56 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 145828
x-cache: Hit from cloudfront
content-length: 7946
last-modified: Thu, 23 Mar 2023 06:31:42 GMT
etag: "2399dff7e075c8ecfecd0e312afd2ca4"
vary: Accept-Encoding
x-hw: 1680410674.dop007.fr8.t,1680410674.cds137.fr8.c
content-type: image/jpeg
cache-control: max-age=373094
x-rgw-object-type: Normal
accept-ranges: bytes
x-amz-cf-id: V2nCv8UftpkRrJNq-_JQhs0F0n2tAQ-NjhC1W7B0JEvNR23xFfbUFw==

GET
H3 200 close.png
tk18.me/images/home/ Frame 011F 761 B
1 KB 656ms
656ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/close.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abbc33125a7fb9973f74fb47b2a2e635db23c6e9b9d241b3cffa5593edf8d1a7

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:24 GMT
cf-cache-status: MISS
last-modified: Sat, 25 Feb 2023 05:54:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2f9-1868722a91e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQekE1WtZ53bL%2BYc58dOl%2F8zNrNIny25mYZD71xjGegkob%2FfHYyTmsjZstvZZa%2F%2BvK93YpOU8MJc6jdSPOQdv9pHrE3vyrn7bZeTCpcLcic4dn7D70UdnUdmOvb2Ovadb%2FvR83zi"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e809084dd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 761

GET
H3 200 ih_zan.png
tk18.me/images/home/ Frame 011F 1 KB
2 KB 603ms
603ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/ih_zan.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7375b446355c4c3401b087eb5525e5f5833df7dfc6f438895bf99e3ed572524

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:24 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"503-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOfKxtV0iVJUSMjKegCbNBOU5DhMuOkbOEWeFHz7JYdD2pzVccGYXwhagq0NgK%2BBLAt3WoXQVgvYo1uZbYjufDqyWtit5D3FdMCjr4uayPIQA9yWbtsNMyYXMeeLBXUWZRaqkxAw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
cf-ray: 7b47e809f8ddd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 commet_icon.png
tk18.me/images/home/ Frame 011F 938 B
1 KB 616ms
615ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/commet_icon.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70a587e90a8804790107172645292844784704e7b2524cb0b039421ba5d1dfff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:24 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aa-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzxm8UGuKL77RkkECi%2BjdUW7GAER2f0b0GNKNLIsNjx7RXW%2FxUsLB6il5Bos27rT6DIqQiksdYLnCfybZ4IIVkPb%2B%2B6e2fUGV3wn0eUZ2uIuN3QwqwN8qLq3UAVogfuuagk4ZRb2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e809f8ded2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938

GET
H3 200 share_icon.png
tk18.me/images/home/ Frame 011F 782 B
1 KB 618ms
617ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/images/home/share_icon.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36c852c66fbee06a7baff70c11b35733e7a659611462f4a428ff5fdc0ca904da

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tk18.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:24 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30e-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VR0WIArUuSGfHR7eFKj7%2F2s4NV624QKGwS8ryKocVVL6YX%2F7oju0ZpOdGX2YJDo89fjT5wz4wKHE4D7QYCFNwhuRL8iKSA2P%2Bp%2BWctwFjNbZAbkR%2F%2BwQmYUQRhlR%2BnQ9sWwf%2FmW6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7b47e809f8dfd2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 782

GET
DATA 200
OK truncated
/ Frame 011F 23 KB
23 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c660f9252dfe12a6072fb38088fd444df33cc01094ccf547ce99b32b98e4b0a

Request headers

Referer
Origin: https://tk18.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 011F 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://tk18.me
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 54d9614348427036243e456cf696bdbe.jpg
oumeicdn.693f50a0.com/cover/20220422/ Frame 011F 14 KB
14 KB 129ms
28ms Image
image/jpeg 2600:9000:225e:9000:3:1fbb:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oumeicdn.693f50a0.com/cover/20220422/54d9614348427036243e456cf696bdbe.jpg
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9000:3:1fbb:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1fd6af2da849a1fa6054e96a7e1af3b909d269f212f38d41e385b9d3e32d8d5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:24:50 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Wed, 02 Nov 2022 14:44:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 2746
etag: "9062db41c5ba9a4cae4eed4d25f55a28"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 14045
x-amz-cf-id: 14rr9yq296P1UicvfaDL8nvlJYQafkohFPcADi6k1E13tIEDsdm2Qw==

GET
H2 403 /
video.693f50a0.com/ Frame 011F 0
0 52ms
51ms Image
application/xml 2600:9000:2250:600:1f:3552:bdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.693f50a0.com/
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:600:1f:3552:bdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 4b15b1aaf20503222669b50700321156.jpg
oumeicdn.693f50a0.com/cover/20230124/ Frame 011F 19 KB
20 KB 145ms
44ms Image
image/jpeg 2600:9000:225e:9000:3:1fbb:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oumeicdn.693f50a0.com/cover/20230124/4b15b1aaf20503222669b50700321156.jpg
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9000:3:1fbb:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d673c99e735e17a9788b9d66b01a10053901dd7865282e58136ea6ece6df5eab

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:08:05 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Wed, 01 Feb 2023 22:03:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 4057
x-amz-server-side-encryption: AES256
etag: "7eb496e20322148f3592fb9c75050691"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 19597
x-amz-cf-id: EhOEDK41qgAMFn0UFp6FU5adCOYCwGPC2XlMFSeEy3YpDfj2GuvJCQ==

GET
H2 200 ea505f03c3de751be5c6eb57cd7cc320.png
video.693f50a0.com/user/20230113/ Frame 011F 67 KB
67 KB 32ms
32ms Image
image/jpeg 2600:9000:2250:600:1f:3552:bdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.693f50a0.com/user/20230113/ea505f03c3de751be5c6eb57cd7cc320.png

Requested by

Host: tk18.me
URL: https://tk18.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2250:600:1f:3552:bdc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

639df136c66415bad69f85d60cdf5318f69700ab58caf01cbf184697c969bab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 02 Apr 2023 03:35:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
last-modified: Fri, 13 Jan 2023 03:59:20 GMT
x-amz-cf-pop: FRA60-P2
age: 523050
etag: "609d50bcd2aa49d9dff2310a7c0aab2c"
x-hw: 1680406554.dop142.fr8.t,1680406554.cds287.fr8.c
content-type: image/jpeg
x-cache: Hit from cloudfront
cache-control: max-age=572958
x-rgw-object-type: Normal
accept-ranges: bytes
content-length: 68220
x-amz-cf-id: Pcn124K048M_Lu_e3m_yYfpO9nuElERI2IwFSt2tKX47IK-kbdDz3g==

GET
H2 206 0a32dbb77d70cc2dfd79d28181228d51.mp4
oumeicdn.693f50a0.com/video/20220422/ Frame 011F 3 MB
0 133ms
51ms Media
video/mp4 2600:9000:225e:9000:3:1fbb:780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://oumeicdn.693f50a0.com/video/20220422/0a32dbb77d70cc2dfd79d28181228d51.mp4
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:9000:3:1fbb:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 07 Apr 2023 08:47:24 GMT
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Fri, 30 Dec 2022 12:07:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 72361
etag: "22d49afa92ea741694e2a5b15fcab580"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-8900721/8900722
accept-ranges: bytes
x-amz-cf-id: C3xGVQhZli0jC97_wLNcG0sOP3SdbHPxf-zyekpO5GfHBMx8KC1GEA==
Content-Length: 8900722

GET
H3 200 icon_head.f207f4f.png
tk18.me/_nuxt/img/ Frame 011F 3 KB
3 KB 613ms
610ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk18.me/_nuxt/img/icon_head.f207f4f.png
Requested by: Host: tk18.me
URL: https://tk18.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 502ce7ecb77723dd5663de6e15b8fdf8c524986717e633df842a6a17384874b0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:24 GMT
cf-cache-status: MISS
last-modified: Wed, 14 Dec 2022 07:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a00-1850f9b2158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2C0YmG2rvuoIqzqeHufqxlmKypM%2F2eEP2VsibDkRmaooT9tS%2BtCN1OhMjguKugtCJSR8W6mfeQpxkyRg7NvCjYDdr85aC8rg0slkfbfqmGI5zFB3vQCNJG0iFU9by1izEOYlSJ%2F%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31536000
cf-ray: 7b47e80a9921d2b3-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK / Show response
pt.ctsdwm.com/live-feed/fk/ Frame 2226 21 KB
6 KB 123ms
93ms Document
text/html 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
Requested by: Host: ptwmemd.com
URL: http://ptwmemd.com/embed/fk?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&category=celebrity&vp[showChat]=true&vp[chatAutoHide]=true&vp[showCallToAction]=false&vp[showPerformerName]=false&vp[showPerformerStatus]=false&ms_notrack=1&subAffId={SUBAFFID}
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 37d0181a4736d1e05df9e70ee0547205910841adad80d54baa58e3fadfc0fe45

Request headers

Referer: http://twitch.viwap.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 08 Apr 2023 04:53:24 GMT
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK di.min-v218268.js Show response
pt-static1.ptwmstcnt.com/npe/_common/script/incognito/ Frame 2226 3 KB
2 KB 43ms
19ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static1.ptwmstcnt.com/npe/_common/script/incognito/di.min-v218268.js
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 08 Apr 2023 04:53:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 14:15:05 GMT
Server: unknown
ETag: W/"642d8269-d47"
X-Cache-Status: R-HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H/1.1 200
OK advertisement-v218268.js Show response
pt-static3.ptwmstcnt.com/npe/_common/script/adblock/ Frame 2226 21 B
411 B 44ms
19ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static3.ptwmstcnt.com/npe/_common/script/adblock/advertisement-v218268.js
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 08 Apr 2023 04:53:25 GMT
Last-Modified: Wed, 05 Apr 2023 14:15:05 GMT
Server: unknown
ETag: "642d8269-15"
X-Cache-Status: R-HIT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H/1.1 200
OK fk.lf-v218268.js Show response
pt-static2.ptwmstcnt.com/npe/ba/fklf/script/ Frame 2226 322 KB
116 KB 45ms
20ms Script
application/javascript 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pt-static2.ptwmstcnt.com/npe/ba/fklf/script/fk.lf-v218268.js
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: dae9f986a42a799d6f9e7421eaf7389ad627c69c29aa6a0d720148f9d49aacff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 08 Apr 2023 04:53:25 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Apr 2023 14:15:05 GMT
Server: unknown
ETag: W/"642d8269-507c8"
X-Cache-Status: R-HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2226 198 KB
67 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Requested by

Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9a49902d03b8cf1171bac2880cca0da637feb7eb5eeff4b9bf2c1488ec2efc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68377
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 Apr 2023 04:53:25 GMT

GET
H/1.1 200
OK smilies_ex.png
pt-static1.ptwmstcnt.com/npe/image/ Frame 2226 8 KB
9 KB 19ms
18ms Image
image/png 93.93.51.200
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt-static1.ptwmstcnt.com/npe/image/smilies_ex.png
Requested by: Host: pt.ctsdwm.com
URL: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
Protocol: HTTP/1.1
Server: 93.93.51.200 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Cdn-Node: frpar
Date: Sat, 08 Apr 2023 04:53:25 GMT
Last-Modified: Tue, 14 Mar 2023 11:38:44 GMT
Server: unknown
ETag: "64105cc4-2155"
X-Cache-Status: R-HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8533
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H/1.1 200
OK b8b1067c1be0d055f2003ff28bd1b1d5_glamour_896x504.jpg
galleryn12.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/ Frame 2226 57 KB
57 KB 43ms
19ms Image
image/jpeg 2a03:9c40::4a53:0:0:190

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://galleryn12.awemdia.com/ff268cab8d9fbae1ed7506f97496274f1b/b8b1067c1be0d055f2003ff28bd1b1d5_glamour_896x504.jpg

Requested by

Protocol

HTTP/1.1

Server

2a03:9c40::4a53:0:0:190 -, , ASN (),

Reverse DNS

Software

unknown /

Resource Hash

1bd719b6abfe27f07af298130c00ad2932452b8bedeaeee3982ecd8edb000cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 04:53:25 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Connection: keep-alive
Content-Length: 58250
X-Cdn-Node: frpar
Last-Modified: Wed, 05 Apr 2023 05:40:42 GMT
Server: unknown
ETag: "c851ee01be3e1ca38c72e4f6d7fff739"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Accept-Ranges: bytes
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H/1.1 206
Partial Content 36c3a8c1fab5ab0b53d3301f3a48e649.mp4
galleryn11.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/ Frame 2226 130 KB
0 44ms
19ms Media
video/mp4 2a03:9c40::4a53:0:0:190

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn11.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/36c3a8c1fab5ab0b53d3301f3a48e649.mp4?pstool=319_1&psid=djsilver&hi=1c480ca307a2cc767c853d15bfb7e99f

Requested by

Protocol

HTTP/1.1

Server

2a03:9c40::4a53:0:0:190 -, , ASN (),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pt.ctsdwm.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 08 Apr 2023 04:53:25 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Content-Range: bytes 0-2820214/2820215
Connection: keep-alive
Content-Length: 2820215
X-Cdn-Node: frpar
Last-Modified: Wed, 05 Apr 2023 05:29:02 GMT
Server: unknown
ETag: "48be7dd843ff0e24fbc97eacad75a2a2"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H/1.1 200
OK get Show response
api-protected.protoawegw.com/v2/player/performer/ Frame 2226 905 B
1 KB 127ms
97ms Fetch
application/json 93.93.51.225

General

Check archive.org

Show headers Download Go to

Full URL: http://api-protected.protoawegw.com/v2/player/performer/get?noRedirect=1&mitigable=1&includeTestAccounts=0&product=livejasmin&presets=&certified=0&hotDeal=0&preVipShow=0&ngs=1&pstool=319_1&psid=djsilver&streamType=rtmp&category=celebrity&performerIds[]=b2a260c0-b73e-4e8c-93ba-543a84cb46bd
Requested by: Host: pt-static2.ptwmstcnt.com
URL: http://pt-static2.ptwmstcnt.com/npe/ba/fklf/script/fk.lf-v218268.js
Protocol: HTTP/1.1
Server: 93.93.51.225 -, , ASN (),
Reverse DNS
Software: unknown /
Resource Hash: f45c7d6c522580aef438cf75d7ef39fa7f6111024d6c5c231eaa1ba01549d272

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 04:53:25 GMT
Content-Encoding: gzip
Server: unknown
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
DATA 200
OK truncated
/ Frame 2226 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 206
Partial Content 36c3a8c1fab5ab0b53d3301f3a48e649.mp4
galleryn11.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/ Frame 2226 437 KB
0 37ms
18ms Media
video/mp4 2a03:9c40::4a53:0:0:190

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn11.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/36c3a8c1fab5ab0b53d3301f3a48e649.mp4?pstool=319_1&psid=djsilver&hi=1c480ca307a2cc767c853d15bfb7e99f

Protocol

HTTP/1.1

Server

2a03:9c40::4a53:0:0:190 -, , ASN (),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pt.ctsdwm.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=131072-

Response headers

Date: Sat, 08 Apr 2023 04:53:25 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Content-Range: bytes 131072-2820214/2820215
Connection: keep-alive
Content-Length: 2689143
X-Cdn-Node: frpar
Last-Modified: Wed, 05 Apr 2023 05:29:02 GMT
Server: unknown
ETag: "48be7dd843ff0e24fbc97eacad75a2a2"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Expires: Sat, 22 Apr 2023 04:53:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 2226 49 KB
20 KB 96ms
25ms Script
text/javascript 2a00:1450:4001:831::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 08 Apr 2023 04:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2893
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 08 Apr 2023 06:05:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2226 216 KB
75 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H7LMNP6Q9N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXTGF28

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

389982105d18e9d641f94e21cb6701b739a525c0a8a53c1c5ba09d1932ca04ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 04:53:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 08 Apr 2023 04:53:25 GMT

GET
H/1.1 200
OK X9r.gif
pt.ctsdwm.com/1V09u/ Frame 2226 43 B
447 B 29ms
29ms Image
image/gif 93.93.51.191
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pt.ctsdwm.com/1V09u/X9r.gif?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com&im=0
Protocol: HTTP/1.1
Server: 93.93.51.191 , Luxembourg, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://pt.ctsdwm.com/live-feed/fk/?c=object_container&site=wl3&cobrandId=246032&psid=djsilver&pstool=319_1&psprogram=cbrnd&campaign_id=&vp%5BshowChat%5D=true&vp%5BchatAutoHide%5D=true&vp%5BshowCallToAction%5D=false&vp%5BshowPerformerName%5D=false&vp%5BshowPerformerStatus%5D=false&subAffId=%7BSUBAFFID%7D&categoryName=celebrity&embedTool=1&origin=twitch.viwap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Sat, 08 Apr 2023 04:53:25 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: unknown
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sat, 08 Apr 2023 04:53:24 GMT

GET
H/1.1 206
Partial Content 36c3a8c1fab5ab0b53d3301f3a48e649.mp4
galleryn11.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/ Frame 2226 2 MB
0 38ms
19ms Media
video/mp4 2a03:9c40::4a53:0:0:190

General

Check archive.org

Show headers Download Go to

Full URL

http://galleryn11.awemdia.com/f8d2e11bd6c43618af00d6f28c91232a1d/36c3a8c1fab5ab0b53d3301f3a48e649.mp4?pstool=319_1&psid=djsilver&hi=1c480ca307a2cc767c853d15bfb7e99f

Protocol

HTTP/1.1

Server

2a03:9c40::4a53:0:0:190 -, , ASN (),

Reverse DNS

Software

unknown /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://pt.ctsdwm.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range: bytes=557056-

Response headers

Date: Sat, 08 Apr 2023 04:53:25 GMT
X-Content-Type-Options: nosniff
X-Cache-Status: R-HIT
X-Cache-Source: Origin
Content-Range: bytes 557056-2820214/2820215
Connection: keep-alive
Content-Length: 2263159
X-Cdn-Node: frpar
Last-Modified: Wed, 05 Apr 2023 05:29:02 GMT
Server: unknown
ETag: "48be7dd843ff0e24fbc97eacad75a2a2"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Cache-Control: max-age=1209600
X-Real-Source: -
Expires: Sat, 22 Apr 2023 04:53:25 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.chaturbate.com/	1970-01-20 10:55:31	Name: __cf_bm Value: GPR3Nlavp3a2562LaZI6bK_F5iMjKN.uDbwu8zVsxNw-1680929601-0-AXNVZ9b/RliaIaXKVItMVPUI6HjREUG1ToAgS6UHUzWEBeXde4M8R9JtIj+QPt24yykfpe2ZECkNzHvtr8TwJ2A=

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://twitch.viwap.com/tiktok(Line 13) Message: Unrecognized feature: 'web-share'.
network	error	URL: chrome-error://chromewebdata/ Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://chaturbate.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network	error	URL: https://video.693f50a0.com/ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-protected.protoawegw.com
chaturbate.com
fagywalu.pro
galleryn11.awemdia.com
galleryn12.awemdia.com
oumeicdn.693f50a0.com
pt-static1.ptwmstcnt.com
pt-static2.ptwmstcnt.com
pt-static3.ptwmstcnt.com
pt.ctsdwm.com
ptwmemd.com
tk18.me
twitch.viwap.com
video.693f50a0.com
webapi.693f50a0.com
www.google-analytics.com
www.googletagmanager.com
172.247.80.179
2600:9000:2250:600:1f:3552:bdc0:93a1
2600:9000:225e:9000:3:1fbb:780:93a1
2606:4700::6812:6528
2a00:1178:1:4b::f
2a00:1450:4001:831::2008
2a00:1450:4001:831::200e
2a03:9c40::4a53:0:0:190
2a06:98c1:3120::3
51.254.229.32
93.93.51.191
93.93.51.200
93.93.51.225
17bbefc15f2122e5f3e3546ed0c6114babf365ed238cce79677262db0d5a3af6
18ff24c2b8b18098fa086de3ef4e380cf3152327a6b0d93018455a7bfeec0562
19081321412cfead373ef08590b4a734e75aa32f54f6d460a647322971b3487e
1aa7939f2221d2a84b8eb87dccb7538cef7f56cb05db003d797a8370e2454ce2
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1bd719b6abfe27f07af298130c00ad2932452b8bedeaeee3982ecd8edb000cca
1c7e5250fe5bba416e2e956e0a8c344f59f53c9e78b40da76c44eb609d03c517
1f25d440387d3ce84caaf82480d09333191d7b07cae1598a34ea7f339de809f9
26f7570619998071a671c03ad87ede0fb459177e12c2f9c6654cc05dab68910c
30b630825e43f05c3ea87b947d3bbb61767a5e2cda2ee8f3f8593b77dc49f63f
36c852c66fbee06a7baff70c11b35733e7a659611462f4a428ff5fdc0ca904da
37d0181a4736d1e05df9e70ee0547205910841adad80d54baa58e3fadfc0fe45
389982105d18e9d641f94e21cb6701b739a525c0a8a53c1c5ba09d1932ca04ae
4693dea8fff2894ff736b259122c48116421f12a02befa5fb203c0e6255ab3b5
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4fc710abf566b75760cb698afbb5f36fd1c6e660a68a05e0e4c7a1e08823fa4b
502ce7ecb77723dd5663de6e15b8fdf8c524986717e633df842a6a17384874b0
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b52d5ea4b679e9b0e3945142385ba1bb7a7608a4db85218daf52144dfd94bf0
5f24a6bb292b93ad811e697828919fc6a9c6f5703d949f10d3be7ca2f1c6271f
5fd6e1c0412b7216b3cc6bb6f359c2ee187a0a0f5d405c30035b6a3b49f4f277
63526a6642f64fadb44cd33d634bb626f8e96af3f850215cfdd78a9c609fc85c
639df136c66415bad69f85d60cdf5318f69700ab58caf01cbf184697c969bab0
6c73735523e651639f05442450743e848603303cad971475f8eacf1369d18e64
70a587e90a8804790107172645292844784704e7b2524cb0b039421ba5d1dfff
797f574ac3c9875ef6f54f8e0b9384a617773c4ac23076b97128d8c07ce4a2f6
7d71a852775aba4b8dc1944e102cb58b344c544fe55e69da4caa73e8ccc1d2cb
7e9bcfc104927d6ab6e6d6016491f7781815057a979e7167f48f39fef1f6a573
909643b36f0a850019a33522d21310df8ea69ffdfdc21352cd79b6373bacc358
959f11906b9352314dd69dcdeea2caeff1c35f6f9a10a3f6fd8fe32189254e6c
9c660f9252dfe12a6072fb38088fd444df33cc01094ccf547ce99b32b98e4b0a
9d59d107166241069ca3e1fbb36bb6e7cbfa66a583d367d9ebc97ed4882004be
abbc33125a7fb9973f74fb47b2a2e635db23c6e9b9d241b3cffa5593edf8d1a7
bc669a79e6674f36c0a2a04af0ff2d3acf9573b34a4d364079b3bd5810ec8b1f
beb86414168aa0c3f26a7843a5f29e4a45b5c0dc5bfe4efaf83658f9dd088d2a
c03522c836b3522deaef87958086e2750d964cf6fc4e6419b7a8245cf7a724a2
cbd085e07feb2399f8c6ee9ae1121827cf914a412c45665e8bbf607373b72b21
cf12015a90ae421c1352ef660e37811128cda2df0a65f59cc26789caea2da2be
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d673c99e735e17a9788b9d66b01a10053901dd7865282e58136ea6ece6df5eab
d7375b446355c4c3401b087eb5525e5f5833df7dfc6f438895bf99e3ed572524
dae9f986a42a799d6f9e7421eaf7389ad627c69c29aa6a0d720148f9d49aacff
dd1864acc92730d58a7d0de91d3caaf10ad2212d1b2008f113d779ddb1a2580e
dd385a76d676aeedacca2f7c9834d40cc353e092c47ac0eb6d1b63fa0d645ad3
ddc25611e98e45385bd1a9343ebd4faf9fb44815026df870dd538e2430a3135e
e0e5098158534cdc62e117612c4096bd0452d06ca81279f8916725157999f044
e1fd6af2da849a1fa6054e96a7e1af3b909d269f212f38d41e385b9d3e32d8d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e854d06be01711b8c002fc784328fc0648d76f991c4dc3f16c12921e00dfc04d
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
e9a49902d03b8cf1171bac2880cca0da637feb7eb5eeff4b9bf2c1488ec2efc0
f45c7d6c522580aef438cf75d7ef39fa7f6111024d6c5c231eaa1ba01549d272
f732c5208fc3ec0686d18afa2f431d418a25adb36434a549fbf32e609c0ced10

twitch.viwap.com Open in urlscan Pro 51.254.229.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

75 %HTTPS

62 %IPv6

12 Domains

17 Subdomains

14 IPs

5 Countries

1240 kBTransfer

9461 kBSize

1 Cookies

1 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

twitch.viwap.com Open in urlscan Pro
51.254.229.32 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

75 %
HTTPS

62 %
IPv6

12
Domains

17
Subdomains

14
IPs

5
Countries

1240 kB
Transfer

9461 kB
Size

1
Cookies

57 HTTP transactions
5 data transactions