www.thanksgivingtips.com Open in urlscan Pro
188.165.247.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.thanksgivingtips.com/
Submission: On October 18 via manual (October 18th 2020, 4:51:53 pm UTC) from US

Summary HTTP 35 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 35 HTTP transactions. The main IP is 188.165.247.197, located in France and belongs to OVH, FR. The main domain is www.thanksgivingtips.com.

This is the only time www.thanksgivingtips.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	188.165.247.197 188.165.247.197	16276 (OVH) (OVH)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	134.122.94.57 134.122.94.57	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
24	2a00:1450:400... 2a00:1450:4001:821::2016	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2 3	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
1	79.110.24.86 79.110.24.86	209813 (FASTCONTENT) (FASTCONTENT)
1	66.254.114.41 66.254.114.41	29789 (REFLECTED) (REFLECTED)
35	9

3 188.165.247.197 (France)

ASN16276 (OVH, FR)
PTR: 247.rbx.abcvg.ovh

www.thanksgivingtips.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.94.57 (United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cloud.antibot.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:821::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.110.24.86 (Haarlem, Netherlands)

ASN209813 (FASTCONTENT, DE)

yoursexual-girls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.114.41 (Waltham, United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

www.pornhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ytimg.com i.ytimg.com	504 KB
3	yadro.ru 2 redirects counter.yadro.ru	2 KB
3	bootstrapcdn.com stackpath.bootstrapcdn.com maxcdn.bootstrapcdn.com	53 KB
3	thanksgivingtips.com www.thanksgivingtips.com	40 KB
1	pornhub.com www.pornhub.com
1	yoursexual-girls.com yoursexual-girls.com
1	jquery.com code.jquery.com	82 KB
1	antibot.cloud cloud.antibot.cloud	334 B
35	8

	Domain	Requested by
24	i.ytimg.com	www.thanksgivingtips.com
3	counter.yadro.ru	2 redirects www.thanksgivingtips.com
3	www.thanksgivingtips.com	www.thanksgivingtips.com
2	maxcdn.bootstrapcdn.com	www.thanksgivingtips.com
1	www.pornhub.com	www.thanksgivingtips.com
1	yoursexual-girls.com	www.thanksgivingtips.com
1	code.jquery.com	www.thanksgivingtips.com
1	cloud.antibot.cloud	www.thanksgivingtips.com
1	stackpath.bootstrapcdn.com	www.thanksgivingtips.com
35	9

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
damtdg.work
porno.pedeaeh.com.br

Subject Issuer	Validity	Valid
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
cloud.antibot.cloud ZeroSSL RSA Domain Secure Site CA	`2020-08-21` - `2020-11-19`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
yoursexual-girls.com Let's Encrypt Authority X3	`2020-10-17` - `2021-01-15`	3 months	crt.sh
*.pornhub.com DigiCert SHA2 High Assurance Server CA	`2019-03-13` - `2021-04-30`	2 years	crt.sh

This page contains 3 frames:

Primary Page: http://www.thanksgivingtips.com/
Frame ID: 7201B01FA0624322507E45DB87662908
Requests: 33 HTTP requests in this frame

Frame: https://yoursexual-girls.com/?u=n7rwwwl&o=at3ruqf
Frame ID: E5F19BFA5E3A04E419DD785973B5D19C
Requests: 1 HTTP requests in this frame

Frame: https://www.pornhub.com/embed/fd4398cbac35e050a217
Frame ID: D826FDB8AA8A2B6CCF66B67C6E98AA96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.thanksgivingtips.com/ Page URL
http://www.thanksgivingtips.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

35
Requests

83 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

9
IPs

5
Countries

681 kB
Transfer

1128 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click;okref_ru

Search URL Search Domain Scan URL

URL: http://damtdg.work/
Title: http://damtdg.work

Search URL Search Domain Scan URL

URL: http://porno.pedeaeh.com.br/12850203.php
Title: porno.pedeaeh.com.br

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thanksgivingtips.com/ Page URL
http://www.thanksgivingtips.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

http://counter.yadro.ru/hit;okref_ru?t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0.7468154445966191 HTTP 302
https://counter.yadro.ru/hit;okref_ru?t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0.7468154445966191 HTTP 302
https://counter.yadro.ru/hit;okref_ru?q;t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0.7468154445966191

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set / Show response
www.thanksgivingtips.com/ 5 KB
6 KB 208ms
179ms Document
text/html 188.165.247.197
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.thanksgivingtips.com/
Protocol: HTTP/1.1
Server: 188.165.247.197 , France, ASN16276 (OVH, FR),
Reverse DNS: 247.rbx.abcvg.ovh
Software: nginx/1.16.1 /
Resource Hash: de4b00a8fe8c98bbe67ba85e6990f1c74a1e23f9250b79f81243a70c9fc59f7d

Request headers

Host: www.thanksgivingtips.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.16.1
Date: Sun, 18 Oct 2020 16:51:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: antibot_uid=0aa0c8015bef0240b03a28c45edab842; expires=Mon, 18-Oct-2021 16:51:36 GMT; Max-Age=31536000; path=/ antibot_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ antibot_country=DK; expires=Mon, 19-Oct-2020 16:51:36 GMT; Max-Age=86399; path=/; domain=www.thanksgivingtips.com antibot_lang=en; expires=Mon, 19-Oct-2020 16:51:36 GMT; Max-Age=86399; path=/; domain=www.thanksgivingtips.com antibot_ptr=82.102.20.235; expires=Mon, 19-Oct-2020 16:51:36 GMT; Max-Age=86399; path=/; domain=www.thanksgivingtips.com
X-Powered-CMS: AntiBot.Cloud (See: https://antibot.cloud/)
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/ 156 KB
23 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://www.thanksgivingtips.com
Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Nov 2019 17:52:46 GMT
status: 200
etag: "1574963566"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 23681

POST
H2 200 antibot7.php
cloud.antibot.cloud/ 72 B
334 B 134ms
56ms XHR
text/html 134.122.94.57
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.antibot.cloud/antibot7.php
Requested by: Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.122.94.57 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
content-encoding: gzip
server: nginx
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-headers: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.thanksgivingtips.com/ 32 KB
33 KB 268ms
267ms Document
text/html 188.165.247.197
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.thanksgivingtips.com/
Requested by: Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/
Protocol: HTTP/1.1
Server: 188.165.247.197 , France, ASN16276 (OVH, FR),
Reverse DNS: 247.rbx.abcvg.ovh
Software: nginx/1.16.1 /
Resource Hash: 24aaf88aaadb27c2d722070b2cb79afd9dcfc66a919d2b5d0c25aad13013244f

Request headers

Host: www.thanksgivingtips.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.thanksgivingtips.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: antibot_uid=0aa0c8015bef0240b03a28c45edab842; antibot_country=DK; antibot_lang=en; antibot_ptr=82.102.20.235; antibot_9fdbd1a2261e2b4d652bd6d6a9db7e44=51b9e57fb6e8b7c80cac77ada296efe9; lastcid=1603039896.9927
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.thanksgivingtips.com/

Response headers

Server: nginx/1.16.1
Date: Sun, 18 Oct 2020 16:51:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: antibot_referer=http%3A%2F%2Fwww.thanksgivingtips.com%2F; expires=Thu, 17-Dec-2020 16:51:38 GMT; Max-Age=5184000; path=/ antibot_unique_20201018=1; expires=Mon, 19-Oct-2020 16:51:38 GMT; Max-Age=86400; path=/; domain=www.thanksgivingtips.com lastcid=0; expires=Sun, 18-Oct-2020 16:49:58 GMT; Max-Age=0; path=/

GET
H/1.1 200
OK bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 27ms
6ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 16:51:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:34:07 GMT
ETag: "1544639647"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 19740

GET
H/1.1 200
OK jumbotron-narrow.css
www.thanksgivingtips.com/ 1 KB
2 KB 53ms
37ms Stylesheet
text/css 188.165.247.197
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.thanksgivingtips.com/jumbotron-narrow.css
Requested by: Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/
Protocol: HTTP/1.1
Server: 188.165.247.197 , France, ASN16276 (OVH, FR),
Reverse DNS: 247.rbx.abcvg.ovh
Software: nginx/1.16.1 /
Resource Hash: cc066a53920191c2ba4fa42f1b93934d00b0986d8246283d03673faf291b7b78

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 16:51:38 GMT
Last-Modified: Tue, 22 Sep 2020 11:43:48 GMT
Server: nginx/1.16.1
ETag: "5f69e374-583"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1411

GET
H2 404 8JPaF0ojeRc
i.ytimg.com/vi/ 1 KB
1 KB 61ms
23ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/8JPaF0ojeRc

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/jpeg
status: 404
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Sun, 18 Oct 2020 16:52:08 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/yAi-jXqY2qE/ 33 KB
33 KB 61ms
24ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/yAi-jXqY2qE/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4815f96e613770d8b5a85aab40d4f876e6fd6e0f799191508bcce18c0a59678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1557811117"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34048
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H2 404 hqdefault.jpg
i.ytimg.com/vi// 1 KB
1 KB 59ms
23ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi//hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/jpeg
status: 404
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Sun, 18 Oct 2020 16:52:08 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/jTPLpKoOJRc/ 46 KB
46 KB 54ms
18ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/jTPLpKoOJRc/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25487c2d968fb4c3a2df7354962aea0923e2293aacfe911deea3a097248ccf61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:44:10 GMT
x-content-type-options: nosniff
server: sffe
age: 448
etag: "1575751574"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46848
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:44:10 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/NCCB-uPf4Z0/ 31 KB
31 KB 48ms
12ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NCCB-uPf4Z0/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8475896fece71556876fc2df89e40bbc6fa7c1e1d1d048a44b578e306b4f6ba4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 15:16:35 GMT
x-content-type-options: nosniff
server: sffe
age: 5703
etag: "1577037644"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31684
x-xss-protection: 0
expires: Sun, 18 Oct 2020 17:16:35 GMT

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/tCQvIVfecWE/ 23 KB
23 KB 41ms
7ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/tCQvIVfecWE/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a94e79b34341054a54c1087fa8ce7a32cd4b34bf3fe823f3bea89e537ffeb01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 14:53:22 GMT
x-content-type-options: nosniff
server: sffe
age: 7096
etag: "1502647698"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23232
x-xss-protection: 0
expires: Sun, 18 Oct 2020 16:53:22 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/59YEzU1-LtE/ 10 KB
10 KB 69ms
49ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/59YEzU1-LtE/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ede0223c89427f78d1cd2f1b9f28e68c1e85c178e24338950ea064e9b113308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1567421824"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10301
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/XGWjS9o8ouc/ 24 KB
24 KB 58ms
42ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/XGWjS9o8ouc/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8683051c1d2253c1187a7dee827a5b86b314f5e271f1fa50f33775b6ab28a1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1481979218"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25039
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/ZkZuxtdVVz0/ 40 KB
40 KB 64ms
44ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ZkZuxtdVVz0/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aef1f6cb4d85199998d5c13076f50d17c4bfad10b723e28d89ee32d60e742139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1578933613"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41088
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/qmYcwh1o474/ 17 KB
17 KB 52ms
33ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/qmYcwh1o474/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07de19c4b3e28a535a7696dbda9d9d4d82e1a01f6d3f13a24385f6c94349f65e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17631
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/VvPxlTD-YyU/ 18 KB
18 KB 73ms
53ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/VvPxlTD-YyU/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

701cb0753925af7633f61ac47cd92bc50c783debba9a23449a8a63d8088ba4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18913
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 404 hqdefault.jpg
i.ytimg.com/vi/1DYcZB6YT3k/ 1 KB
1 KB 68ms
48ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1DYcZB6YT3k/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
content-type: image/jpeg
status: 404
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Sun, 18 Oct 2020 16:52:08 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/dOdf1lU5H3c/ 14 KB
14 KB 32ms
13ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dOdf1lU5H3c/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12e38ec81fcf3bb64ea52d72586093dcd297846d92cb5d78bcd1c3f61e03375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:49:50 GMT
x-content-type-options: nosniff
server: sffe
age: 108
etag: "0"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13825
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:49:50 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/1apku0pVDeE/ 26 KB
26 KB 33ms
14ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1apku0pVDeE/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bac64851247a8761d3f3a4cedcea39dcd6f9f960ccb79e056e6a2a5412708f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:33:37 GMT
x-content-type-options: nosniff
server: sffe
age: 1081
etag: "1500300030"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27013
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:33:37 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/wGF7PswOENQ/ 10 KB
10 KB 36ms
17ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wGF7PswOENQ/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b237b8b9c8e25090f4c0d431544e33436825ce2dfffb11ee85f57daa40985654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:48:11 GMT
x-content-type-options: nosniff
server: sffe
age: 207
etag: "1494859340"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9739
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:48:11 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/ByomJxNfR-Y/ 15 KB
15 KB 100ms
81ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ByomJxNfR-Y/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1f7abe2d3654b3994f7218c6bfce3e4c67cdb4c11dc3a87f194e0b34c137df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1437660613"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14906
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/6kOoq2dGjyA/ 27 KB
27 KB 61ms
45ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6kOoq2dGjyA/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a4d7837e456cdc998ef599ff7c0c496b465a09038665f7235ef569de52af05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1444797731"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27967
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/fyPEUfUjAQ8/ 32 KB
32 KB 36ms
21ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/fyPEUfUjAQ8/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6e647b1ab4ea8879c8bd4076dfe53307e5b008dd622aa2f88efcafb3995f9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:01:57 GMT
x-content-type-options: nosniff
server: sffe
age: 2981
etag: "1555522236"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32483
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:01:57 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/csQ_185TcFU/ 8 KB
8 KB 50ms
30ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/csQ_185TcFU/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

259de6a0508609b93107081448da366e39a9854aa067564f6ab59c6170566e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 15:05:36 GMT
x-content-type-options: nosniff
server: sffe
age: 6362
etag: "1550322187"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8018
x-xss-protection: 0
expires: Sun, 18 Oct 2020 17:05:36 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/gRpxZV3OJa8/ 15 KB
15 KB 106ms
86ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/gRpxZV3OJa8/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b7c8e11238c0f8dad23d2a54dc67cb6056b9ebf9b8cdf9a1abeec3f439f0b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
etag: "1555610058"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14875
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/J-FHJR98P7M/ 25 KB
25 KB 50ms
30ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/J-FHJR98P7M/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dfeb34fa73bc6e124c4cc3ae008a868216654a2045c6168504a6ee4c12a51c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:42:38 GMT
x-content-type-options: nosniff
server: sffe
age: 540
etag: "1528218743"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25739
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:42:38 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/fOT5KcLQF3U/ 35 KB
35 KB 39ms
20ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/fOT5KcLQF3U/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f86404fe5f432fe7110402c435953fd09f50b9b3a957bcc6ca14006685f9a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:47:35 GMT
x-content-type-options: nosniff
server: sffe
age: 243
etag: "1567603489"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36154
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:47:35 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/1XyqRxDIXsU/ 33 KB
33 KB 51ms
31ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/1XyqRxDIXsU/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f03b36fba366eb8de9248b9112f2ffe2ba0998d9cf812d29abe9ae55b1c667

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:49:54 GMT
x-content-type-options: nosniff
server: sffe
age: 104
etag: "1500985767"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34025
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:49:54 GMT

GET
H3-Q050 200 hqdefault.jpg
i.ytimg.com/vi/wkw-l5npEU0/ 17 KB
17 KB 59ms
40ms Image
image/jpeg 2a00:1450:4001:821::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wkw-l5npEU0/hqdefault.jpg

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e1a1a5991234a9de34b9a29fb1bcdf10c5e2e3d93662be4789c614bbc898da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 16:51:38 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1381920303"
content-type: image/jpeg
status: 200
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17365
x-xss-protection: 0
expires: Sun, 18 Oct 2020 18:51:38 GMT

GET
H/1.1 200
OK jquery.js Show response
code.jquery.com/ 276 KB
82 KB 17ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery.js
Requested by: Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 16:51:38 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Server: nginx
ETag: W/"54499a48-4508e"
Vary: Accept-Encoding
X-HW: 1603039898.dop216.fr8.t,1603039898.cds051.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83875

GET
H/1.1 200
OK bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 13ms
6ms Script
text/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 18 Oct 2020 16:51:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:33:51 GMT
ETag: "1544639631"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 9832

GET
H/1.1

200
OK

hit;okref_ru
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit;okref_ru?t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0.7...
https://counter.yadro.ru/hit;okref_ru?t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0....
https://counter.yadro.ru/hit;okref_ru?q;t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;...

362 B
816 B

78ms
78ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;okref_ru?q;t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0.7468154445966191

Requested by

Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://www.thanksgivingtips.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 18 Oct 2020 16:51:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 362
Expires: Fri, 18 Oct 2019 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 18 Oct 2020 16:51:39 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit;okref_ru?q;t52.6;rhttp%3A//www.thanksgivingtips.com/;s1600*1200*24;uhttp%3A//www.thanksgivingtips.com/;hkostenlos%20singleb%F6rse%20vergleich%20Tuln%20an%20der%20Donau;0.7468154445966191
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 18 Oct 2019 21:00:00 GMT

GET
H/1.1 200
OK Cookie set /
yoursexual-girls.com/ Frame E5F1 0
0 185ms
85ms Document
text/html 79.110.24.86
FASTCONTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://yoursexual-girls.com/?u=n7rwwwl&o=at3ruqf
Requested by: Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 79.110.24.86 Haarlem, Netherlands, ASN209813 (FASTCONTENT, DE),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash

Request headers

Host: yoursexual-girls.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.thanksgivingtips.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.thanksgivingtips.com/

Response headers

Server: nginx
Date: Sun, 18 Oct 2020 16:51:38 GMT
Content-Type: text/html
Content-Length: 6706
Connection: keep-alive
Cache-Control: private no-transform
Set-Cookie: sid=t3~gdqnzpdwqwqtsh3bhq1trmqr; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

GET
H2 200 fd4398cbac35e050a217
www.pornhub.com/embed/ Frame D826 0
0 157ms
90ms Document
text/html 66.254.114.41
REFLECTED

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pornhub.com/embed/fd4398cbac35e050a217
Requested by: Host: www.thanksgivingtips.com
URL: http://www.thanksgivingtips.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.254.114.41 Waltham, United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: openresty /
Resource Hash

Request headers

:method: GET
:authority: www.pornhub.com
:scheme: https
:path: /embed/fd4398cbac35e050a217
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.thanksgivingtips.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.thanksgivingtips.com/

Response headers

status: 200
server: openresty
date: Sun, 18 Oct 2020 16:51:38 GMT
content-type: text/html; charset=UTF-8
x-trace: 2B10B69AF60B1C679BE6B0E736A95FAE39419CF0DAE16A4D9ACF6C713600
set-cookie: ua=71ff54ebddb1e090fbf173d96e2342c8; expires=Mon, 19-Oct-2020 16:51:38 GMT; Max-Age=86400; path=/; domain=pornhub.com platform_cookie_reset=pc; expires=Tue, 17-Nov-2020 16:51:38 GMT; Max-Age=2592000; path=/; domain=pornhub.com platform=pc; expires=Sun, 25-Oct-2020 16:51:38 GMT; Max-Age=604800; path=/; domain=pornhub.com bs=a2zyeyt5u1r6mbtqctiwi9egm90i670i; expires=Wed, 16-Oct-2030 16:51:38 GMT; Max-Age=315360000; path=/; domain=pornhub.com ss=165983571580145796; expires=Mon, 18-Oct-2021 16:51:38 GMT; Max-Age=31536000; path=/; domain=pornhub.com fg_9d12f2b2865de2f8c67706feaa332230=18411.100000; expires=Tue, 17-Nov-2020 16:51:38 GMT; Max-Age=2592000; path=/; domain=pornhub.com
x-mg-s: 0
vary: User-Agent
rating: RTA-5042-1996-1400-1577-RTA
content-encoding: gzip

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.thanksgivingtips.com/	1970-01-19 13:18:46	Name: antibot_unique_20201018 Value: 1
www.thanksgivingtips.com/	1970-01-19 14:43:43	Name: antibot_referer Value: http%3A%2F%2Fwww.thanksgivingtips.com%2F
www.thanksgivingtips.com/	1970-01-19 22:02:55	Name: antibot_uid Value: 0aa0c8015bef0240b03a28c45edab842
www.thanksgivingtips.com/	1970-01-19 13:27:24	Name: antibot_9fdbd1a2261e2b4d652bd6d6a9db7e44 Value: 51b9e57fb6e8b7c80cac77ada296efe9
.www.thanksgivingtips.com/	1970-01-19 13:18:46	Name: antibot_ptr Value: 82.102.20.235
.www.thanksgivingtips.com/	1970-01-19 13:18:46	Name: antibot_lang Value: en
.www.thanksgivingtips.com/	1970-01-19 13:18:46	Name: antibot_country Value: DK

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.thanksgivingtips.com/(Line 91) Message: good: 200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cloud.antibot.cloud
code.jquery.com
counter.yadro.ru
i.ytimg.com
maxcdn.bootstrapcdn.com
stackpath.bootstrapcdn.com
www.pornhub.com
www.thanksgivingtips.com
yoursexual-girls.com
134.122.94.57
188.165.247.197
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
2a00:1450:4001:821::2016
66.254.114.41
79.110.24.86
88.212.201.204
07de19c4b3e28a535a7696dbda9d9d4d82e1a01f6d3f13a24385f6c94349f65e
1bac64851247a8761d3f3a4cedcea39dcd6f9f960ccb79e056e6a2a5412708f0
1ede0223c89427f78d1cd2f1b9f28e68c1e85c178e24338950ea064e9b113308
1f86404fe5f432fe7110402c435953fd09f50b9b3a957bcc6ca14006685f9a2a
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
20f03b36fba366eb8de9248b9112f2ffe2ba0998d9cf812d29abe9ae55b1c667
24aaf88aaadb27c2d722070b2cb79afd9dcfc66a919d2b5d0c25aad13013244f
25487c2d968fb4c3a2df7354962aea0923e2293aacfe911deea3a097248ccf61
259de6a0508609b93107081448da366e39a9854aa067564f6ab59c6170566e71
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3b7c8e11238c0f8dad23d2a54dc67cb6056b9ebf9b8cdf9a1abeec3f439f0b03
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
6a94e79b34341054a54c1087fa8ce7a32cd4b34bf3fe823f3bea89e537ffeb01
701cb0753925af7633f61ac47cd92bc50c783debba9a23449a8a63d8088ba4a1
8475896fece71556876fc2df89e40bbc6fa7c1e1d1d048a44b578e306b4f6ba4
8683051c1d2253c1187a7dee827a5b86b314f5e271f1fa50f33775b6ab28a1be
98a4d7837e456cdc998ef599ff7c0c496b465a09038665f7235ef569de52af05
a73d6739819ba98621e4bdb24bc2fbc2c88583479558b9878e5b986d3b59341d
aef1f6cb4d85199998d5c13076f50d17c4bfad10b723e28d89ee32d60e742139
b237b8b9c8e25090f4c0d431544e33436825ce2dfffb11ee85f57daa40985654
c12e38ec81fcf3bb64ea52d72586093dcd297846d92cb5d78bcd1c3f61e03375
c6e647b1ab4ea8879c8bd4076dfe53307e5b008dd622aa2f88efcafb3995f9ec
cc066a53920191c2ba4fa42f1b93934d00b0986d8246283d03673faf291b7b78
d5dfeb34fa73bc6e124c4cc3ae008a868216654a2045c6168504a6ee4c12a51c
de4b00a8fe8c98bbe67ba85e6990f1c74a1e23f9250b79f81243a70c9fc59f7d
e1f7abe2d3654b3994f7218c6bfce3e4c67cdb4c11dc3a87f194e0b34c137df7
e4815f96e613770d8b5a85aab40d4f876e6fd6e0f799191508bcce18c0a59678
f4e1a1a5991234a9de34b9a29fb1bcdf10c5e2e3d93662be4789c614bbc898da
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

www.thanksgivingtips.com Open in urlscan Pro 188.165.247.197 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

83 %HTTPS

44 %IPv6

8 Domains

9 Subdomains

9 IPs

5 Countries

681 kBTransfer

1128 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thanksgivingtips.com Open in urlscan Pro
188.165.247.197 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

83 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

9
IPs

5
Countries

681 kB
Transfer

1128 kB
Size

7
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!