URL: https://pkembed.com/rg81bizoyuiw.html
Submission: On December 05 via manual from NP — Scanned from NL

Summary

This website contacted 23 IPs in 5 countries across 22 domains to perform 66 HTTP transactions. The main IP is 5.182.210.208, located in Amsterdam, Netherlands and belongs to SKB-Enterprise SKB Enterprise B.V., NL. The main domain is pkembed.com.
TLS certificate: Issued by E5 on October 10th 2024. Valid for: 3 months.
This is the only time pkembed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 5.182.210.208 64425 (SKB-Enter...)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 23.109.170.209 7979 (SERVERS-COM)
2 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
5 62.210.38.232 12876 (AS12876 S...)
3 172.217.18.99 15169 (GOOGLE)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 172.240.253.132 7979 (SERVERS-COM)
1 2600:9000:272... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 139.45.197.168 9002 (RETN-AS R...)
3 139.45.197.242 9002 (RETN-AS R...)
1 143.204.215.95 16509 (AMAZON-02)
4 172.67.143.165 13335 (CLOUDFLAR...)
1 34.196.68.227 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 173.208.196.162 32097 (WII)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.3 15169 (GOOGLE)
1 172.217.23.98 15169 (GOOGLE)
66 23
Apex Domain
Subdomains
Transfer
18 pkembed.com
pkembed.com
377 KB
6 vkcdn5.com
pkapp.vkcdn5.com
pk2.vkcdn5.com
80 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
64 KB
4 yflexibilitukydt.com
yflexibilitukydt.com
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
21 KB
4 bidgear.com
platform.bidgear.com — Cisco Umbrella Rank: 34678
imp9.bidgear.com — Cisco Umbrella Rank: 38735
3 KB
3 oaraiwephoursou.net
oaraiwephoursou.net
36 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 506
146 KB
2 gtgtxvhamuewyo.com
gtgtxvhamuewyo.com
523 B
2 shortlyamusement.com
shortlyamusement.com — Cisco Umbrella Rank: 534795
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
180 KB
2 allvideometrika.com
allvideometrika.com — Cisco Umbrella Rank: 334252
1020 B
1 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
40 B
1 h-cdn.com
perr.h-cdn.com — Cisco Umbrella Rank: 10288
402 B
1 lansaimplemuke.com
lansaimplemuke.com
1 ukankingwithea.com
ukankingwithea.com — Cisco Umbrella Rank: 30258
101 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
960 B
1 cloudfront.net
d39xdhxlbi0rlm.cloudfront.net
68 KB
1 rafikfangas.com
zb.rafikfangas.com — Cisco Umbrella Rank: 127987
1 KB
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 17 Failed
0 facebook.com Failed
www.facebook.com Failed
0 Failed
function sub() { [native code] }. Failed
66 22
Domain Requested by
18 pkembed.com pkembed.com
5 pkapp.vkcdn5.com pkembed.com
4 yflexibilitukydt.com pkembed.com
3 oaraiwephoursou.net pkembed.com
oaraiwephoursou.net
3 www.gstatic.com pkembed.com
www.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 gtgtxvhamuewyo.com pkembed.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 imp9.bidgear.com platform.bidgear.com
2 shortlyamusement.com pkembed.com
2 platform.bidgear.com pkembed.com
2 www.googletagmanager.com pkembed.com
www.googletagmanager.com
2 allvideometrika.com pkembed.com
allvideometrika.com
1 securepubads.g.doubleclick.net imasdk.googleapis.com
1 imasdk.googleapis.com pkembed.com
1 pk2.vkcdn5.com pkembed.com
1 fonts.googleapis.com pkembed.com
1 perr.h-cdn.com pkembed.com
1 lansaimplemuke.com d39xdhxlbi0rlm.cloudfront.net
1 ukankingwithea.com d39xdhxlbi0rlm.cloudfront.net
1 my.rtmark.net oaraiwephoursou.net
1 d39xdhxlbi0rlm.cloudfront.net platform.bidgear.com
1 zb.rafikfangas.com pkembed.com
0 accounts.google.com Failed pkembed.com
0 www.facebook.com Failed pkembed.com
0 undefined Failed d39xdhxlbi0rlm.cloudfront.net
66 27

This site contains links to these domains. Also see Links.

Domain
pkspeed.net
holaspark.com
Subject Issuer Validity Valid
pkembed.com
E5
2024-10-10 -
2025-01-08
3 months crt.sh
allvideometrika.com
WE1
2024-10-17 -
2025-01-15
3 months crt.sh
zb.rafikfangas.com
R11
2024-12-02 -
2025-03-02
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
bidgear.com
WE1
2024-11-22 -
2025-02-20
3 months crt.sh
*.vkcdn5.com
GlobalSign GCC R6 AlphaSSL CA 2023
2024-03-01 -
2025-04-02
a year crt.sh
*.gstatic.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.shortlyamusement.com
R11
2024-10-06 -
2025-01-04
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
gtgtxvhamuewyo.com
R11
2024-12-04 -
2025-03-04
3 months crt.sh
oaraiwephoursou.net
R10
2024-12-03 -
2025-03-03
3 months crt.sh
my.rtmark.net
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
ukankingwithea.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh
lansaimplemuke.com
Amazon RSA 2048 M02
2024-11-13 -
2025-12-12
a year crt.sh
yflexibilitukydt.com
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
*.h-cdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-06-10 -
2025-06-10
a year crt.sh
upload.video.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh

This page contains 4 frames:

Primary Page: https://pkembed.com/rg81bizoyuiw.html
Frame ID: FC9E088B3CE92D7143D4EAB83CA3D69D
Requests: 67 HTTP requests in this frame

Frame: https://allvideometrika.com/f.php?sid=212041&ra=10000
Frame ID: E0D126004B67BE9C5A7BCE75D89D04CC
Requests: 1 HTTP requests in this frame

Frame: https://lansaimplemuke.com/YjNoSjYDUQsnCQMOCmxDEF9VbwQkFloMUlEKEC5eGl8KIwYQXwVkVQ5cHS5QEFwGPhgMVhxvBCR3Jw8DCGJbBFQrYlgmYidEBggFV3ArAg86V1gTegNxJTJwDgYSD08FZD4ZQSV5WXtUK2JdJnE3QAAOYix8CglBI3Asc1QHYgcFcCRyAxhiAXkwAngxaTpzbCtyOm8EIGU+elEje10JfgsLIANjVn4JCFUYey4ETCdwMR9hG0ArAHcSUDgPY1B2Dx9cJncDK2AheisQXSQWWghTUgISHFESFloIZRhHKwlhFmIpHG8pVQ9yRypmWHhkDHUsG344ZSAPYy9pWGdsGmJZIRNQcS0zDjVnETl0KXEYB1dTdi4YURYGPBJ0JHswMmIDSwAbeQUHHhxRDX06JHAmZSspfyhfMQFQBWIFD3AvWzsnbCBwK3p6L2EQHH1SaRAEZw4KPScHJnUGf3gBAjEBUApyAQxgCQsrJ2wgVQY+ZwZ1WAZTJ2ZaHlEJFQI5WQxDVR5UAXgkKQELfg8iXA
Frame ID: D18D123A4214049A16245EA42A282DE5
Requests: 1 HTTP requests in this frame

Frame: https://undefined/cGoxZk0RCFILchFXU0A4AgYMQ382TwMgKUNTSQIlCAZTD30CBlxILhwFRAIrAgVfEmMeD0VDfzYfZwwpRQhLAXwnKFIsDwkgVC4bOSBrAQM+PVYSJzU7WgIVJCt6JRwiDn5XGBMpST98JyhjLBgZPGggNUgseFQUST0CM2hCLGAkLjYiWCwDODx4LC42GWgnG0kYdDQ6Mj0DFQooHQQFAzEafzUYQFlyDhwxO1tfLzY7BQIXOCx8NxwYEHMzITg7dgUKKCxJUC4HPHsnfDVeYAELOylcPB0hPF0IFDEkYDUqAAdnASYWPHUoDDgrADIdQCRSPhVFAHMjYEUoclQMIzkAXhwgPAkoDBw4SyQZACFyCxcSL3A0KRMdZywONloAPg8qLXkxHDgtVgIGPzxeBR4XBWAkJgAPdwsUKjlkIwQTHWcsBTYBRjAqAy15MR8IPncRHRUrYzYeJVtDJCpWAEIJIwBXRDcJRCdYESMa
Frame ID: C16A002FB50DACA178EE01B68B0A2ACD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

pkspeed.net

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

92 %
HTTPS

32 %
IPv6

22
Domains

27
Subdomains

23
IPs

5
Countries

1086 kB
Transfer

12274 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-c_BX9qNfCFxoSXcTwR4QOfD6wirpkUvBXfOu26wLOZY-oRzwhbEwjwXdZ2g5cMlExxhFoplA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-fKmozC6U5Rm9TgXFtfJC-cdPnuhErHhuqR22mcO6g2aadqg_t5dC71cbskRGtwk8YUDjSllA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1877949332%3A1733415245580562&ddm=1
Request Chain 43
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cdRzE4Wuz-IuF_WBOouaAE_jyH_LSRAUhk3aiIJDkrc5uZ1px2uF_izAkBrHK2G_7Jm8xW2Q HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-eR1f_KnLMdHSl4UIbGYBG-Fj_l5k1wDeVdaL07m1Vd0qehmyvq_zmVFHZKkEvfRwTc9xdQmQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S33740864%3A1733415245579063&ddm=1

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request rg81bizoyuiw.html
pkembed.com/
83 KB
26 KB
Document
General
Full URL
https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
12cc44e9fbde17f1115a8a929af2ed996ece3521f7b738dc44e44f2591abfa35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Content-Encoding
gzip
Content-Length
26773
Content-Type
text/html; charset=UTF-8
Date
Thu, 05 Dec 2024 16:14:04 GMT
Expires
Wed, 04 Dec 2024 16:14:04 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Vary
Accept-Encoding
main.css
pkembed.com/css/
48 KB
11 KB
Stylesheet
General
Full URL
https://pkembed.com/css/main.css?v=1
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
43ac3865ac01e3e268b117f477e1761ec9c1675b000ece5a99db12912a506c8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"be23-597638d50ea00-gzip"
Accept-Ranges
bytes
Content-Length
10919
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:32 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
text/css
modernizr.custom.04022.js
pkembed.com/js/
7 KB
3 KB
Script
General
Full URL
https://pkembed.com/js/modernizr.custom.04022.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
956a35796f6cdde9e68964fca782f4cbec0da92c81656ef2d13714bdae6adfa6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"1b0d-597638d6f6e80-gzip"
Accept-Ranges
bytes
Content-Length
3087
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:34 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
jquery.min.js
pkembed.com/js/
94 KB
33 KB
Script
General
Full URL
https://pkembed.com/js/jquery.min.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"1762a-597638d6f6e80-gzip"
Accept-Ranges
bytes
Content-Length
33225
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:34 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
xupload.js
pkembed.com/js/
10 KB
4 KB
Script
General
Full URL
https://pkembed.com/js/xupload.js?v=3
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
f2f42bf6bd7d7ef2e610c717db7037be84a34c4085bbc299e498fe3251cd1222

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"2659-597638d6f6e80-gzip"
Accept-Ranges
bytes
Content-Length
3504
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:34 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
logo.png
pkembed.com/images/
7 KB
8 KB
Image
General
Full URL
https://pkembed.com/images/logo.png
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
d3f5662bf9dd7d3d1192cba84856d2216e366aa484e064d4c48786e0fb58e18e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Accept-Ranges
bytes
Content-Length
7431
Date
Thu, 05 Dec 2024 16:14:04 GMT
ETag
"1d07-59773c10644c0"
Last-Modified
Sat, 16 Nov 2019 09:58:19 GMT
Content-Type
image/png
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
jquery.cookie.js
pkembed.com/js/
4 KB
2 KB
Script
General
Full URL
https://pkembed.com/js/jquery.cookie.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"10eb-597638d6f6e80-gzip"
Accept-Ranges
bytes
Content-Length
1498
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:34 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
vkspeed.php
allvideometrika.com/
621 B
1020 B
Script
General
Full URL
https://allvideometrika.com/vkspeed.php
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash
f2d0d4c3c8f76a3beeb0a3ffa0ae69ed4a0308c43275864ca73ec0cdfba1aa17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2FSuKy9y6UVjRfm9xBOhWBE%2FoueDUo8RSmqYQv3ef69fsVSCwHE5jbMW1zNRwOKTilIj6aUyUPy%2Bl1%2FEgI52QQdVEiVXhdp16eQ3dFCMc8Q%2FmIZm5xdVsQyooRahIM%2BaaiepC2cN"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c07c290b70-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19899&min_rtt=15145&rtt_var=10441&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4202&recv_bytes=4443&delivery_rate=698&cwnd=12000&unsent_bytes=0&cid=a9110cb0eff11d8b&ts=110&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:04 GMT
content-type
application/javascript
x-powered-by
PHP/7.1.33
server
cloudflare
AnGAR
zb.rafikfangas.com/r7tUOuHHb0Ge3U/
0
1 KB
Script
General
Full URL
https://zb.rafikfangas.com/r7tUOuHHb0Ge3U/AnGAR
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
23.109.170.209 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Access-Control-Max-Age
600
Content-Encoding
gzip
Access-Control-Allow-Methods
GET, POST, OPTIONS
X-Content-Type-Options
nosniff
Keep-Alive
timeout=20
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Access-Control-Allow-Headers
content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=1
Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://pkembed.com
Server
nginx
js
www.googletagmanager.com/gtag/
213 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152812863-1
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dcca0231ab30226c9d90531d2000af1791a2f468801ffae6b6829185ee9be2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 05 Dec 2024 16:14:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:04 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78468
x-xss-protection
0
server
Google Tag Manager
ads.php
platform.bidgear.com/
963 B
982 B
Script
General
Full URL
https://platform.bidgear.com/ads.php?domainid=6397&sizeid=2&zoneid=6894
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c883f655a358fe62fdb9329e1d4142bf4d44d74677469c60818e6104e899f0a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=luNo2sswwRNro3DO%2FPiRrQjMHOh5xAIPY2Qq36Q%2BRsqq30qYjFn2pwgH5FskKg5fi9P96gv%2F%2F7n790t6BUTcTs7lI2YQbCdeAROcM91SWevOkFYm8PYWNY2IwYc9yILpjDRD4kIpvkcTUkh8rpOtT43e"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c0887c0bd0-AMS
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=19715&min_rtt=14590&rtt_var=11730&sent=11&recv=13&lost=0&retrans=0&sent_bytes=5171&recv_bytes=2386&delivery_rate=262285&cwnd=254&unsent_bytes=0&cid=e7353640dcc13332&ts=153&x=0"
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
application/javascript
server
cloudflare
ads.php
platform.bidgear.com/
829 B
1 KB
Script
General
Full URL
https://platform.bidgear.com/ads.php?domainid=6397&sizeid=2&zoneid=6895
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9bb9d4a65084f3d6e0f452d9d4397d7e788d2fb4a84c73018b9b75552c65b84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Feh3XyyMdXjcD2k39jZyAFbvzXwHf3ge2xWoqZ4yXbPFj1hAzKLZ3ntnLXpm9vhVICCg4clxlE193A9JtXGwttGX8lrKre8gHvlKRmpKcO3YcEcDCL9gsJzgans3qQU%2BuNLOl3Y6SVHVpTOW68hbg2Ao"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c088800bd0-AMS
expires
0
server-timing
cfL4;desc="?proto=TCP&rtt=19715&min_rtt=14590&rtt_var=11730&sent=8&recv=13&lost=0&retrans=0&sent_bytes=4025&recv_bytes=2386&delivery_rate=262285&cwnd=254&unsent_bytes=0&cid=e7353640dcc13332&ts=151&x=0"
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
application/javascript
server
cloudflare
rg81bizoyuiw.jpg
pkapp.vkcdn5.com/i/01/00005/
61 KB
61 KB
Image
General
Full URL
https://pkapp.vkcdn5.com/i/01/00005/rg81bizoyuiw.jpg
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.38.232 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),
Reverse DNS
62-210-38-232.rev.poneytelecom.eu
Software
nginx /
Resource Hash
3a52486358f73d405f00dacf847fee050a507fdb01647590fbad8c4c2f287cd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Cache-Control
max-age=1209600
ETag
"5fd9d458-f443"
Connection
keep-alive
Expires
Thu, 19 Dec 2024 16:14:04 GMT
Accept-Ranges
bytes
Content-Length
62531
Date
Thu, 05 Dec 2024 16:14:04 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 16 Dec 2020 09:33:12 GMT
Server
nginx
hola_player.js
pkembed.com/player_hola/
969 KB
245 KB
Script
General
Full URL
https://pkembed.com/player_hola/hola_player.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
14e0f11b9f8208af547b11c4ac0496bafaefa9c7d1b5fc2c22dfae0c47aeaab8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
"f2395-597638dcafc00-gzip"
Accept-Ranges
bytes
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:40 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
videojs.hotkeys.min.js
pkembed.com/player_hola/
4 KB
2 KB
Script
General
Full URL
https://pkembed.com/player_hola/videojs.hotkeys.min.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
688a19b3d27111cbd009ced47470cb943871fed095564ab3660f89d290333ae0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"10b7-597638dcafc00-gzip"
Accept-Ranges
bytes
Content-Length
1694
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:40 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
videojs-chromecast.css
pkembed.com/player_hola/
5 KB
2 KB
Stylesheet
General
Full URL
https://pkembed.com/player_hola/videojs-chromecast.css
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
79f154a16c6367baeba0eedcb8e1999a2e82742337480b8ffd24fe265dc33dc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"13f6-597638dcafc00-gzip"
Accept-Ranges
bytes
Content-Length
2063
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:40 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
text/css
videojs-chromecast.min.js
pkembed.com/player_hola/
18 KB
5 KB
Script
General
Full URL
https://pkembed.com/player_hola/videojs-chromecast.min.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
97ea5755f0133dbd54dc8424efe98b429b145efbee6b0cb3408c5c1011c3a01a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"481d-597638dcafc00-gzip"
Accept-Ranges
bytes
Content-Length
4726
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:40 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
cast_sender.js
www.gstatic.com/cv/js/sender/v1/
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
gzip
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 16:14:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:04 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="cloudview"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
accept-ranges
bytes
content-length
2007
x-xss-protection
0
server
sffe
tabber.js
pkembed.com/js/
6 KB
2 KB
Script
General
Full URL
https://pkembed.com/js/tabber.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Content-Encoding
gzip
ETag
"1803-597638d6f6e80-gzip"
Accept-Ranges
bytes
Content-Length
1936
Date
Thu, 05 Dec 2024 16:14:04 GMT
Last-Modified
Fri, 15 Nov 2019 14:38:34 GMT
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
Content-Type
application/javascript
head_bg.jpg
pkembed.com/images/
11 KB
11 KB
Image
General
Full URL
https://pkembed.com/images/head_bg.jpg
Requested by
Host: pkembed.com
URL: https://pkembed.com/css/main.css?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
3e0ded51afb722f438ca05c61eb1e8083699a5ed154eec92a665eff8a537f300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/css/main.css?v=1

Response headers

Accept-Ranges
bytes
Content-Length
11147
Date
Thu, 05 Dec 2024 16:14:04 GMT
ETag
"2b8b-597638d50ea00"
Last-Modified
Fri, 15 Nov 2019 14:38:32 GMT
Content-Type
image/jpeg
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
home.cur
pkembed.com/images/
4 KB
4 KB
Image
General
Full URL
https://pkembed.com/images/home.cur
Requested by
Host: pkembed.com
URL: https://pkembed.com/css/main.css?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
73d32ee571b934d7e52498bd60e7b7fdd7026f47f1a68eb8ce9e7b7d6243beac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/css/main.css?v=1

Response headers

Accept-Ranges
bytes
Content-Length
4286
Date
Thu, 05 Dec 2024 16:14:04 GMT
ETag
"10be-597638d50ea00"
Last-Modified
Fri, 15 Nov 2019 14:38:32 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
flags.png
pkembed.com/images/
15 KB
15 KB
Image
General
Full URL
https://pkembed.com/images/flags.png
Requested by
Host: pkembed.com
URL: https://pkembed.com/css/main.css?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/css/main.css?v=1

Response headers

Accept-Ranges
bytes
Content-Length
15180
Date
Thu, 05 Dec 2024 16:14:04 GMT
ETag
"3b4c-597638d50ea00"
Last-Modified
Fri, 15 Nov 2019 14:38:32 GMT
Content-Type
image/png
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
f.php
allvideometrika.com/ Frame E0D1
0
0
Document
General
Full URL
https://allvideometrika.com/f.php?sid=212041&ra=10000
Requested by
Host: allvideometrika.com
URL: https://allvideometrika.com/vkspeed.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.33
Resource Hash

Request headers

Referer
https://pkembed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ed553c12c3f5c47-AMS
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 05 Dec 2024 16:14:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kSI9Vn9tMusT5a4iwuHTx%2B%2BiYE6mU0LuLSxhDce1n0vPJCdH6i0Cc%2BwyoXrVIaOiMUDztrSNLiUUSwPgSEOjAlcWiVgnV0ikosr3YsWKQkkt%2Bia6IL3cT0Wbsgb4aBoMgZFqT0ge"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15389&min_rtt=15036&rtt_var=3067&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4145&recv_bytes=4506&delivery_rate=655&cwnd=12000&unsent_bytes=0&cid=0e7b56bb626c4ee2&ts=145&x=1" cfHdrFlush;dur=0
x-powered-by
PHP/7.1.33
x-robots-tag
noindex
rg81bizoyuiw.html
pkembed.com/
0
337 B
XHR
General
Full URL
https://pkembed.com/rg81bizoyuiw.html
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Expires
Wed, 04 Dec 2024 16:14:05 GMT
Content-Encoding
gzip
Content-Length
26797
Date
Thu, 05 Dec 2024 16:14:04 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
invoke.js
shortlyamusement.com/791f60ab8111269675d860b5a876b8e0/
0
0
Script
General
Full URL
https://shortlyamusement.com/791f60ab8111269675d860b5a876b8e0/invoke.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://pkembed.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
application/javascript
Host
shortlyamusement.com
Server
nginx/1.21.6
rec
imp9.bidgear.com/
0
406 B
Image
General
Full URL
https://imp9.bidgear.com/rec?t=1&z=6894&uuid=6dbb67a6f87f483c82c01810616905d8&p=36&g=NL&token=c47db93ed9&tbg=1733415244
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=6397&sizeid=2&zoneid=6894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rUMC36wC6pMD8OMleBVde2VUU7ieM1EZ7ebPAdu0nsawmdwF79c82Jja4r6wSGgt3oTz7Unem4eRHKnMmWIHRcum5llfTE2urJeD4T%2ByYoPCaMX8TDh8R3XAd4YS7TYl2sAIFc8509dCy3P1i8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c179a30bd0-AMS
server-timing
cfL4;desc="?proto=TCP&rtt=17190&min_rtt=14534&rtt_var=4405&sent=15&recv=20&lost=0&retrans=0&sent_bytes=6219&recv_bytes=2607&delivery_rate=418882&cwnd=257&unsent_bytes=0&cid=e7353640dcc13332&ts=348&x=0"
content-length
0
date
Thu, 05 Dec 2024 16:14:05 GMT
server
cloudflare
/
d39xdhxlbi0rlm.cloudfront.net/
205 KB
68 KB
Script
General
Full URL
https://d39xdhxlbi0rlm.cloudfront.net/?xhdxd=1014453
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=6397&sizeid=2&zoneid=6894
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2724:6e00:1b:4e9e:6e80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
56ffcb0115842a113ed89d26dacde3e77dea9f587eb0ebafe321c90559dfd425

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://pkembed.com/

Response headers

cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding
gzip
pragma
no-cache
via
1.1 8a7cd2920ac4cbceb2a8f9a130562a4c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
69299
x-amz-cf-id
FZ92UUw4OLwhejaWCxPoyEieHd_ZxrjEn1XHmw9KHJkIsTWDrPG9IQ==
date
Thu, 05 Dec 2024 16:14:05 GMT
x-amz-cf-pop
FRA56-P12
js
www.googletagmanager.com/gtag/
300 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9THL6SCR56&l=dataLayer&cx=c&gtm=457e4c30za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152812863-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac97412640a9817a423ff186f4a162504fdbe3e57a28ae370cf4fa8cf6bd8752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 05 Dec 2024 16:14:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104754
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152812863-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
gzip
age
5560
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 16:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 14:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9THL6SCR56&gtm=45je4c30v892325865za200&_p=1733415244981&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=2038988965.1733415245&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1733415245&sct=1&seg=0&dl=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html&dt=pkspeed.net&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=643
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9THL6SCR56&l=dataLayer&cx=c&gtm=457e4c30za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pkembed.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/
1 B
416 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=861848472&t=pageview&_s=1&dl=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html&ul=nl-nl&de=UTF-8&dt=pkspeed.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=522057813&gjid=2034062762&cid=2038988965.1733415245&tid=UA-152812863-1&_gid=143301920.1733415245&_r=1&gtm=457e4c30za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101509157~101925629~102067555~102067808~102081485&jsscut=1&npa=1&z=797793892
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://pkembed.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:05 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://pkembed.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
/
gtgtxvhamuewyo.com/
0
523 B
XHR
General
Full URL
https://gtgtxvhamuewyo.com/
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.45.197.168 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://pkembed.com/
Accept-Language
en
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/html

Response headers

access-control-expose-headers
Link, X-Application-Token, X-Application-Key, X-Tag, X-Auth-Token, X-DirectionPartner-Id, X-ZoneType-Id, X-Hostname
content-encoding
br
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
text/html
vary
Accept-Encoding, Origin
x-application-key
5583jtatzabm9hvH49aAgtepwrpw9cg
x-t30r50a16c60e59-13i50d45
c6633302ee00c433ac2d052965e3e7af
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-origin
https://pkembed.com
server
nginx
/
gtgtxvhamuewyo.com/ Frame
0
0
Preflight
General
Full URL
https://gtgtxvhamuewyo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.45.197.168 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
HEAD
Origin
https://pkembed.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pkembed.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 05 Dec 2024 16:14:05 GMT
server
nginx
5307559
oaraiwephoursou.net/5/
74 KB
33 KB
Script
General
Full URL
https://oaraiwephoursou.net/5/5307559
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
820a809ac3c16c70321556d9ef808ad14c39795e0da699375aa8a16f21adc1f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
application/javascript
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache, no-cache
access-control-allow-credentials
true
x-trace-id
b79b921696b43dbe73c38b2f1015bccd
access-control-allow-origin
*
server
nginx
gid.js
my.rtmark.net/
65 B
960 B
XHR
General
Full URL
https://my.rtmark.net/gid.js?userId=0081297cdfef49c7f6e2471a23d0cce0
Requested by
Host: oaraiwephoursou.net
URL: https://oaraiwephoursou.net/5/5307559
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b41a44265fa9e317f804114a83299ce1a94a13fd4910e78ad54cc6026c9cc6fa
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

access-control-expose-headers
Authorization
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8p3XBRK99hcxk31weRfdowkFNt98bF8WfN%2B05NQAQ9YpX4XoirL7r77glDFFH4xA04N00TJsmZW0s%2BCX9z1IIDSrj7WpSx99mWRV8ZQf%2FnC9uJR%2BF0ucq9CRwoZKDkk6"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14567&min_rtt=14409&rtt_var=3174&sent=10&recv=9&lost=0&retrans=0&sent_bytes=4095&recv_bytes=4390&delivery_rate=40460&cwnd=12000&unsent_bytes=0&cid=aa8bdfc61eeaa1f8&ts=39&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
application/json; charset=utf-8
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8ed553c3cc109712-AMS
access-control-allow-origin
https://pkembed.com
server
cloudflare
wrr
oaraiwephoursou.net/
2 B
0
Fetch
General
Full URL
https://oaraiwephoursou.net/wrr?z=5307559&p_rid=9764e384-d29d-414e-b0da-a8ebc09c2dc8&rb=XTwMPXsKZhCsbI0d7ckZN-NQBIzyDdbTy4h7MbjyQOQtZU0t3UVsJMurtRAeRNZaJKCXvaZTbu06RQzhY1yTNSp160hYDXFBeQPtB4uwIlOXn58z4ggLoz7sAAeZMdbPvhNYRsXKv3v0teAqO6Cc0rTsdrDoxmu49-jzsBQEYyk78hD_DFIV4tVzYOyAlsKmWyFgT0RP6OSZcuJrICRx4gvlpMvrrhaYmJMnMjAao55mLyySHOD67g-08dlXFdT6DeoESpcaGWi7o3xNGF7yS_WHNclWJBP90CYQq5ueRRuMqfrU2ZWbRa1fDyqvw1Ro&is_mobile=false&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=70&wy=70&cw=1600&wfc=3&pl=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&tt=4&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1021.0&navlng=nl-NL&vsbl=true&pnt=0&pnrc=0&bml=1&bmi=1&wasm=1&dmn=oaraiwephoursou.net&userId=0081297cdfef49c7f6e2471a23d0cce0
Requested by
Host: oaraiwephoursou.net
URL: https://oaraiwephoursou.net/5/5307559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
text/plain
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
519404bde68e23f910d86864c854194f
access-control-allow-origin
https://pkembed.com
content-length
2
server
nginx
/
oaraiwephoursou.net/
2 KB
3 KB
Fetch
General
Full URL
https://oaraiwephoursou.net/?rb=XTwMPXsKZhCsbI0d7ckZN-NQBIzyDdbTy4h7MbjyQOQtZU0t3UVsJMurtRAeRNZaJKCXvaZTbu06RQzhY1yTNSp160hYDXFBeQPtB4uwIlOXn58z4ggLoz7sAAeZMdbPvhNYRsXKv3v0teAqO6Cc0rTsdrDoxmu49-jzsBQEYyk78hD_DFIV4tVzYOyAlsKmWyFgT0RP6OSZcuJrICRx4gvlpMvrrhaYmJMnMjAao55mLyySHOD67g-08dlXFdT6DeoESpcaGWi7o3xNGF7yS_WHNclWJBP90CYQq5ueRRuMqfrU2ZWbRa1fDyqvw1Ro&request_ab2=0&zoneid=5307559&js_build=iclick-v1.1021.0&jsp=1&fs=0&cf=0&sw=1600&sh=1200&wih=1200&wiw=1600&ww=1600&wh=1285&sah=1200&wx=70&wy=70&cw=1600&wfc=2&pl=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&btz=Europe%2FAmsterdam&bto=-60&tt=4&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.1021.0&navlng=nl-NL&vsbl=true&pnt=0&pnrc=0&bs=9764e384-d29d-414e-b0da-a8ebc09c2dc8&wasm=1&userId=0081297cdfef49c7f6e2471a23d0cce0&is_mobile=false&m=link
Requested by
Host: oaraiwephoursou.net
URL: https://oaraiwephoursou.net/5/5307559
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.242 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5a81985e0ab04bbb82a3ad75c9da3fa1683f934dc9e99b5a28b2523d2260b6a3
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
application/json
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
06bdebd9eb72fdef641425eac5bb2ecf
access-control-allow-origin
https://pkembed.com
server
nginx
asd100.bin
ukankingwithea.com/
100 KB
101 KB
Fetch
General
Full URL
https://ukankingwithea.com/asd100.bin
Requested by
Host: d39xdhxlbi0rlm.cloudfront.net
URL: https://d39xdhxlbi0rlm.cloudfront.net/?xhdxd=1014453
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cf-cache-status
STALE
age
1315424
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yToBbZt3%2BnK%2FWpi0BSo6bbqf4sJir0Jdchqxey%2Fm7PO50DXBE57WkqiyUWrV%2BYKpER9zf2yrF%2BbpvXj6gJcmnGlismGXhko8oCe%2FWRHvIRYyVQG7PnAbBz7q50OJgMRmEXmUVmM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22020&min_rtt=16566&rtt_var=10779&sent=15&recv=14&lost=2&retrans=3&sent_bytes=4315&recv_bytes=4843&delivery_rate=691&cwnd=8400&unsent_bytes=0&cid=3be6632ad215aa67&ts=19436&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:24 GMT
content-type
binary/octet-stream
last-modified
Wed, 20 Nov 2024 10:50:40 GMT
vary
Accept-Encoding
priority
u=1,i
access-control-allow-headers
X-Requested-With, content-type
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8ed553c48e251c87-AMS
access-control-allow-origin
https://pkembed.com
server
cloudflare
/
ukankingwithea.com/
0
0

YjNoSjYDUQsnCQMOCmxDEF9VbwQkFloMUlEKEC5eGl8KIwYQXwVkVQ5cHS5QEFwGPhgMVhxvBCR3Jw8DCGJbBFQrYlgmYidEBggFV3ArAg86V1gTegNxJTJwDgYSD08FZD4ZQSV5WXtUK2JdJnE3QAAOYix8CglBI3Asc1QHYgcFcCRyAxhiAXkwAngxaTpzbCtyO...
lansaimplemuke.com/ Frame D18D
0
0
Document
General
Full URL
https://lansaimplemuke.com/YjNoSjYDUQsnCQMOCmxDEF9VbwQkFloMUlEKEC5eGl8KIwYQXwVkVQ5cHS5QEFwGPhgMVhxvBCR3Jw8DCGJbBFQrYlgmYidEBggFV3ArAg86V1gTegNxJTJwDgYSD08FZD4ZQSV5WXtUK2JdJnE3QAAOYix8CglBI3Asc1QHYgcFcCRyAxhiAXkwAngxaTpzbCtyOm8EIGU+elEje10JfgsLIANjVn4JCFUYey4ETCdwMR9hG0ArAHcSUDgPY1B2Dx9cJncDK2AheisQXSQWWghTUgISHFESFloIZRhHKwlhFmIpHG8pVQ9yRypmWHhkDHUsG344ZSAPYy9pWGdsGmJZIRNQcS0zDjVnETl0KXEYB1dTdi4YURYGPBJ0JHswMmIDSwAbeQUHHhxRDX06JHAmZSspfyhfMQFQBWIFD3AvWzsnbCBwK3p6L2EQHH1SaRAEZw4KPScHJnUGf3gBAjEBUApyAQxgCQsrJ2wgVQY+ZwZ1WAZTJ2ZaHlEJFQI5WQxDVR5UAXgkKQELfg8iXA
Requested by
Host: d39xdhxlbi0rlm.cloudfront.net
URL: https://d39xdhxlbi0rlm.cloudfront.net/?xhdxd=1014453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-95.fra53.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Referer
https://pkembed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1234
content-type
text/html
date
Thu, 05 Dec 2024 16:14:05 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
x-amz-cf-id
F5vsDILKeP0oGj8dDmZssfrdHQsYwAeZAnUhBoxWiLUeBL-u5wXk2g==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
cGoxZk0RCFILchFXU0A4AgYMQ382TwMgKUNTSQIlCAZTD30CBlxILhwFRAIrAgVfEmMeD0VDfzYfZwwpRQhLAXwnKFIsDwkgVC4bOSBrAQM+PVYSJzU7WgIVJCt6JRwiDn5XGBMpST98JyhjLBgZPGggNUgseFQUST0CM2hCLGAkLjYiWCwDODx4LC42GWgnG0kYd...
undefined/ Frame C16A
0
0

ek1mN0RVcgVEeTQFFnMJSCYgZCoVCzFADjkpN2UlOwhXTQU8JkBDLR5wVwd1TnlTBGIKJAIKdVw+ElYwDz5bBmITIwBYeVw7WwZqSXlIBHJUeUBCeUtrEkclHXBXETQOOQoKdU1+VQN1T39SAnBPdA
yflexibilitukydt.com/
0
612 B
Image
General
Full URL
https://yflexibilitukydt.com/ek1mN0RVcgVEeTQFFnMJSCYgZCoVCzFADjkpN2UlOwhXTQU8JkBDLR5wVwd1TnlTBGIKJAIKdVw+ElYwDz5bBmITIwBYeVw7WwZqSXlIBHJUeUBCeUtrEkclHXBXETQOOQoKdU1+VQN1T39SAnBPdA
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vSGKsOSxLryxG06MLOY%2FkdLdGO48XVMKH1WFakSq19VDyNVjY545slWEn4enCmXuPUxSdVUFsnSC%2BF7VPiVdCmpof4uLgGeqyG7G555xLKdZCht%2Bbb%2Bm6Z6oIhbKF6epx%2Bj0RYdXqg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c48c83a00e-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19893&min_rtt=17904&rtt_var=9006&sent=13&recv=9&lost=4&retrans=7&sent_bytes=4658&recv_bytes=4915&delivery_rate=4649&cwnd=8400&unsent_bytes=0&cid=94fd606439cc2b7a&ts=145&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:05 GMT
server
cloudflare
login.php
www.facebook.com/
0
0

identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-c_BX9qNfCFxoSXcTwR4QOfD6wirpkUvBXfOu26wLOZY-oRzwhbEwjwXdZ...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-fKmozC6U5Rm9TgXFtfJC-cdPnuhErHhuqR22mcO6g2aadqg_t5dC71cbskRGtwk8YUDjSllA&passiv...
0
0

identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-cdRzE4Wuz-IuF_WBOouaAE_jyH_LSRAUhk3aiIJDkrc5uZ1px2uF_...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-eR1f_KnLMdHSl4UIbGYBG-Fj_l5k1wDeVdaL07m1Vd0qehmyvq_zmVFHZKkEvfRwTc9xdQmQ&passi...
0
0

RFJWRDVrbTU3CCcKAAFgdGMXEH08OjAvXQcxEQoFFhcEPW93YnAwXCBvZ3QBcGdlcRM0OzJ5BHx0JTBUMCcleQRiOzgiWnl0IHkEamJ4dhtxdCN5BGImJiVSeWNwNEEwPmt1AndhYnUAdmZjcAJw
yflexibilitukydt.com/
0
570 B
Image
General
Full URL
https://yflexibilitukydt.com/RFJWRDVrbTU3CCcKAAFgdGMXEH08OjAvXQcxEQoFFhcEPW93YnAwXCBvZ3QBcGdlcRM0OzJ5BHx0JTBUMCcleQRiOzgiWnl0IHkEamJ4dhtxdCN5BGImJiVSeWNwNEEwPmt1AndhYnUAdmZjcAJw
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FQeCTlcJUxcOyB0oxlbJqdO21P6ccJKGlNQjaeltkIoxkv%2BsGt1cxZ9jFUSl1BI12xexNClltnhlK3OWG4G1N737sUHRc%2B9E89cs9QdzHWMSZ2oi1ikc5aq1TYsZBoDlyM%2BmIj8jw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c48c8ca00e-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19061&min_rtt=16317&rtt_var=6506&sent=15&recv=11&lost=4&retrans=7&sent_bytes=5321&recv_bytes=5005&delivery_rate=6250&cwnd=8400&unsent_bytes=0&cid=94fd606439cc2b7a&ts=150&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:05 GMT
server
cloudflare
invoke.js
shortlyamusement.com/ff85992c0d652506a0d772aea0bc982c/
0
0
Script
General
Full URL
https://shortlyamusement.com/ff85992c0d652506a0d772aea0bc982c/invoke.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.240.253.132 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer
https://pkembed.com/

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
application/javascript
Host
shortlyamusement.com
Server
nginx/1.21.6
rec
imp9.bidgear.com/
0
411 B
Image
General
Full URL
https://imp9.bidgear.com/rec?t=1&z=6895&uuid=610c5786ee6447b89584d06a5cfccfb2&p=36&g=NL&token=c47db93ed9&tbg=1733415244
Requested by
Host: platform.bidgear.com
URL: https://platform.bidgear.com/ads.php?domainid=6397&sizeid=2&zoneid=6895
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:36b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tr50TQ8MN%2BGnSFv7uVRU9giNdjgGfhouHvT5DbM0VJtXspvwBXCMJqJWjmHoG3wlcR%2FHIpX6QNVIxpvRytDABqv4aSkc5E6Vy7lEKMC3qp1mxTMkGQrZYinzrmkkWSuhnLddzz4nklHS2P7paWA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c45d720bd0-AMS
server-timing
cfL4;desc="?proto=TCP&rtt=22297&min_rtt=14534&rtt_var=13516&sent=17&recv=22&lost=0&retrans=0&sent_bytes=6647&recv_bytes=2728&delivery_rate=418882&cwnd=257&unsent_bytes=0&cid=e7353640dcc13332&ts=731&x=0"
content-length
0
date
Thu, 05 Dec 2024 16:14:05 GMT
server
cloudflare
license_init
perr.h-cdn.com/hola_player/
2 B
402 B
XHR
General
Full URL
https://perr.h-cdn.com/hola_player/license_init?v=1.0.165&hls=1.0.165&hosted=true&url=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html
Requested by
Host: pkembed.com
URL: https://pkembed.com/player_hola/hola_player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.68.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-68-227.compute-1.amazonaws.com
Software
nginx/1.15.9 (Ubuntu) /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Timing-Allow-Origin
*
Access-Control-Expose-Headers
Content-Range, Date, ETag, X-Cache, X-Hola-Resp, X-Date, X-Hola-Fullsize, Content-Length
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
2
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
text/plain; charset=utf-8
Server
nginx/1.15.9 (Ubuntu)
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/
35 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
gzip
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 16:14:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
cache-control
private, max-age=0
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
12197
x-xss-protection
0
server
sffe
cast_sender.js
www.gstatic.com/eureka/clank/131/
48 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/131/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f3.1e100.net
Software
sffe /
Resource Hash
b9ea7368bdeb874b872c57df21fdad4d93ce2219a6e32cb718ad1a8b9095773a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
gzip
age
26545
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
x-content-type-options
nosniff
expires
Fri, 06 Dec 2024 08:51:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 08:51:40 GMT
last-modified
Mon, 07 Oct 2024 15:05:07 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=86400
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
accept-ranges
bytes
content-length
14212
x-xss-protection
0
server
sffe
rg81bizoyuiw.jpg
pkapp.vkcdn5.com/i/01/00005/
61 KB
0
Image
General
Full URL
https://pkapp.vkcdn5.com/i/01/00005/rg81bizoyuiw.jpg
Requested by
Host: pkembed.com
URL: https://pkembed.com/player_hola/hola_player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.38.232 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),
Reverse DNS
62-210-38-232.rev.poneytelecom.eu
Software
nginx /
Resource Hash
3a52486358f73d405f00dacf847fee050a507fdb01647590fbad8c4c2f287cd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Cache-Control
max-age=1209600
ETag
"5fd9d458-f443"
Expires
Thu, 19 Dec 2024 16:14:04 GMT
Accept-Ranges
bytes
Content-Length
62531
Date
Thu, 05 Dec 2024 16:14:04 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 16 Dec 2020 09:33:12 GMT
Server
nginx
css
fonts.googleapis.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500
Requested by
Host: pkembed.com
URL: https://pkembed.com/player_hola/hola_player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 16:14:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Thu, 05 Dec 2024 15:09:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
h4wuo1ie3x68_t.jpg
pk2.vkcdn5.com/i/01/00005/
8 KB
8 KB
Image
General
Full URL
https://pk2.vkcdn5.com/i/01/00005/h4wuo1ie3x68_t.jpg
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.208.196.162 , United States, ASN32097 (WII, US),
Reverse DNS
are-opposite.craftylow.us
Software
nginx /
Resource Hash
47791f222b1a43f0fd4cc31b07381ba61e87bdd82c63e46fbdb357d7890c4e63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Cache-Control
max-age=1209600
ETag
"603d5d29-1e6a"
Connection
keep-alive
Expires
Thu, 19 Dec 2024 16:14:06 GMT
Accept-Ranges
bytes
Content-Length
7786
Date
Thu, 05 Dec 2024 16:14:06 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 01 Mar 2021 21:31:21 GMT
Server
nginx
97f2ljdy7c23_t.jpg
pkapp.vkcdn5.com/i/01/00005/
5 KB
5 KB
Image
General
Full URL
https://pkapp.vkcdn5.com/i/01/00005/97f2ljdy7c23_t.jpg
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.38.232 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),
Reverse DNS
62-210-38-232.rev.poneytelecom.eu
Software
nginx /
Resource Hash
2fcdc394f8f82f4a1f54a28ce4b936ad67d370ee4636a36e190a5ef849ef8e91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Cache-Control
max-age=1209600
ETag
"5fd9d399-1437"
Connection
keep-alive
Expires
Thu, 19 Dec 2024 16:14:05 GMT
Accept-Ranges
bytes
Content-Length
5175
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
image/jpeg
Last-Modified
Wed, 16 Dec 2020 09:30:01 GMT
Server
nginx
g35sxjfpqnza_t.jpg
pkapp.vkcdn5.com/i/01/00005/
5 KB
5 KB
Image
General
Full URL
https://pkapp.vkcdn5.com/i/01/00005/g35sxjfpqnza_t.jpg
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.38.232 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),
Reverse DNS
62-210-38-232.rev.poneytelecom.eu
Software
nginx /
Resource Hash
5b99794090e8efd43588026e15f30c05ae22d917096374fde0b46239ad852097

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

Cache-Control
max-age=1209600
ETag
"6033c1c9-1435"
Connection
keep-alive
Expires
Thu, 19 Dec 2024 16:14:05 GMT
Accept-Ranges
bytes
Content-Length
5173
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
image/jpeg
Last-Modified
Mon, 22 Feb 2021 14:38:01 GMT
Server
nginx
v.mp4
pkapp.vkcdn5.com/olaxkofnthuiolyobgn2dqr2hiafnfhwo72gebdtr4glnucy323gkqjmz2la/
9 MB
0
Media
General
Full URL
https://pkapp.vkcdn5.com/olaxkofnthuiolyobgn2dqr2hiafnfhwo72gebdtr4glnucy323gkqjmz2la/v.mp4
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.210.38.232 Paris, France, ASN12876 (AS12876 SCALEWAY S.A.S., FR),
Reverse DNS
62-210-38-232.rev.poneytelecom.eu
Software
nginx /
Resource Hash

Request headers

Referer
https://pkembed.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

ETag
"5fd9d458-3ad1efe6"
Connection
keep-alive
Content-Range
bytes 0-986836965/986836966
Content-Length
986836966
Date
Thu, 05 Dec 2024 16:14:05 GMT
Content-Type
video/mp4
Last-Modified
Wed, 16 Dec 2020 09:33:12 GMT
Server
nginx
ima3.js
imasdk.googleapis.com/js/sdkloader/
424 KB
145 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: pkembed.com
URL: https://pkembed.com/player_hola/hola_player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e37a634fc13d78f4305920ecb088bf0faf59bde98e0ca888e53cc99297d0ea46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 16:14:05 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148131
date
Thu, 05 Dec 2024 16:14:05 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
truncated
/
188 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83430139279a7c9aef5da8fe9bdf67d56350a4836deca67c90d6ad8adc309c47

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
187 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c8894ca69591424058ac956d0138b1026b38e8d8a9c3ecdde3c9fff12699b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c05bbf6195d149c1e85bb45c06beabaa8b7137190b760a9456c4a6ef71ae2100

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
hr3.gif
pkembed.com/images/
46 B
372 B
Image
General
Full URL
https://pkembed.com/images/hr3.gif
Requested by
Host: pkembed.com
URL: https://pkembed.com/css/main.css?v=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
4d1c3bcfaf5ff52230762efb499ab2ba040d3640e628f346cf9d4fe57a89ca91

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/css/main.css?v=1

Response headers

Accept-Ranges
bytes
Content-Length
46
Date
Thu, 05 Dec 2024 16:14:05 GMT
ETag
"2e-597638d50ea00"
Last-Modified
Fri, 15 Nov 2019 14:38:32 GMT
Content-Type
image/gif
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fefd5c42d249823c4ed9ad5d1a8bf05321644a1fcc4c215ce1d030b4c90aeda2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pkembed.com
Referer

Response headers

Content-Type
application/font-woff;charset=utf-8
N0Y5b1MYeVocbmN0Vl4wYCocXRFgIUEnBAQqai5jbSdcXmNxF1UEdUMvXVJiB3cNW2YEYEkGNwp3HxwnVjJMHG4EdgledV4oXwBuB3YJXnVBewhBYANoCll9A2BMUmIRMkkONAp3Hx8nQyoEXmQEdQ1eZgVyDFlmBQ
yflexibilitukydt.com/
0
569 B
Image
General
Full URL
https://yflexibilitukydt.com/N0Y5b1MYeVocbmN0Vl4wYCocXRFgIUEnBAQqai5jbSdcXmNxF1UEdUMvXVJiB3cNW2YEYEkGNwp3HxwnVjJMHG4EdgledV4oXwBuB3YJXnVBewhBYANoCll9A2BMUmIRMkkONAp3Hx8nQyoEXmQEdQ1eZgVyDFlmBQ
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=izztqbyi95oAj2iA8G4qP8B2wtJ8YF0u6dkmMNEYLB7uuOt6j3bRyS0uTMznNX8sDwpiI2jHfBju8kU%2BvPYaTLKzP2lzF8nwaNOONyDuiE33t1og7R3FiFFMgitvHhH8fWK3cYAWIw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ed553c56daaa00e-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20408&min_rtt=16317&rtt_var=6829&sent=17&recv=14&lost=4&retrans=7&sent_bytes=5937&recv_bytes=5553&delivery_rate=17521&cwnd=8400&unsent_bytes=0&cid=94fd606439cc2b7a&ts=267&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:05 GMT
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pkembed.com
Referer
https://fonts.googleapis.com/

Response headers

age
260760
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 02 Dec 2025 15:48:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Dec 2024 15:48:05 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18588
x-xss-protection
0
server
sffe
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://pkembed.com
Referer
https://fonts.googleapis.com/

Response headers

age
89642
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 15:20:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 15:20:03 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
ima_ppub_config
securepubads.g.doubleclick.net/pagead/
18 B
40 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f98.1e100.net
Software
cafe /
Resource Hash
fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 05 Dec 2024 16:14:05 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
16
date
Thu, 05 Dec 2024 16:14:05 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
popunder.gif
yflexibilitukydt.com/
35 B
719 B
Image
General
Full URL
https://yflexibilitukydt.com/popunder.gif
Requested by
Host: pkembed.com
URL: https://pkembed.com/rg81bizoyuiw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.165 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
age
255663
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s11MBAuyesjP49d3iSP%2Finj3HLgE3PBPOOGDu03ScFc1dgTD2efJwdotw%2BLCw9PjSRjvKjIoXHyUrStg03mhSzBTJknmJFvqKfEpBnTmr6e3LedWDIpgEzrSYk2WmWQbRPiATFbKNA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20852&min_rtt=16317&rtt_var=6010&sent=19&recv=16&lost=4&retrans=7&sent_bytes=6553&recv_bytes=5935&delivery_rate=12090&cwnd=8400&unsent_bytes=0&cid=94fd606439cc2b7a&ts=418&x=1", cfHdrFlush;dur=0
date
Thu, 05 Dec 2024 16:14:05 GMT
content-type
image/gif
last-modified
Mon, 02 Dec 2024 17:13:02 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
8ed553c6efa8a00e-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
58
server
cloudflare
favicon.ico
pkembed.com/
1002 B
1 KB
Other
General
Full URL
https://pkembed.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
5.182.210.208 Amsterdam, Netherlands, ASN64425 (SKB-Enterprise SKB Enterprise B.V., NL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 /
Resource Hash
5c8432b491584e8c3641d2a6e52bdbd0f700bc488ce2ab19c2a0117cdd2bffac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/rg81bizoyuiw.html

Response headers

Accept-Ranges
bytes
Content-Length
1002
Date
Thu, 05 Dec 2024 16:14:08 GMT
ETag
"3ea-530de890173c0"
Last-Modified
Tue, 19 Apr 2016 23:07:03 GMT
Content-Type
image/vnd.microsoft.icon
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9THL6SCR56&gtm=45je4c30v892325865za200&_p=1733415244981&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=2038988965.1733415245&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&_s=2&sid=1733415245&sct=1&seg=0&dl=https%3A%2F%2Fpkembed.com%2Frg81bizoyuiw.html&dt=pkspeed.net&en=scroll&epn.percent_scrolled=90&_et=3&tfd=5646
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9THL6SCR56&l=dataLayer&cx=c&gtm=457e4c30za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://pkembed.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://pkembed.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 05 Dec 2024 16:14:10 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ukankingwithea.com
URL
https://ukankingwithea.com/
Domain
undefined
URL
https://undefined/cGoxZk0RCFILchFXU0A4AgYMQ382TwMgKUNTSQIlCAZTD30CBlxILhwFRAIrAgVfEmMeD0VDfzYfZwwpRQhLAXwnKFIsDwkgVC4bOSBrAQM+PVYSJzU7WgIVJCt6JRwiDn5XGBMpST98JyhjLBgZPGggNUgseFQUST0CM2hCLGAkLjYiWCwDODx4LC42GWgnG0kYdDQ6Mj0DFQooHQQFAzEafzUYQFlyDhwxO1tfLzY7BQIXOCx8NxwYEHMzITg7dgUKKCxJUC4HPHsnfDVeYAELOylcPB0hPF0IFDEkYDUqAAdnASYWPHUoDDgrADIdQCRSPhVFAHMjYEUoclQMIzkAXhwgPAkoDBw4SyQZACFyCxcSL3A0KRMdZywONloAPg8qLXkxHDgtVgIGPzxeBR4XBWAkJgAPdwsUKjlkIwQTHWcsBTYBRjAqAy15MR8IPncRHRUrYzYeJVtDJCpWAEIJIwBXRDcJRCdYESMa
Domain
www.facebook.com
URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-fKmozC6U5Rm9TgXFtfJC-cdPnuhErHhuqR22mcO6g2aadqg_t5dC71cbskRGtwk8YUDjSllA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1877949332%3A1733415245580562&ddm=1
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-eR1f_KnLMdHSl4UIbGYBG-Fj_l5k1wDeVdaL07m1Vd0qehmyvq_zmVFHZKkEvfRwTc9xdQmQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S33740864%3A1733415245579063&ddm=1

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| html5 object| Modernizr function| yepnope function| $ function| jQuery number| show_fname_chars function| $$ function| fileSelected function| openStatusWindow function| StartUpload function| checkExt function| fixLength function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| scaleImg function| OpenWin function| player_start function| copy function| download_video function| convertSeconds function| convertSize function| SP function| progressUpdate function| encStatus object| iFrame string| k object| _bxmi93i3brd function| setImmediate function| clearImmediate object| qaedbaydgqi object| zfgformats object| zfgdlpopup function| _ddwyy function| _hiwye function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| atOptions string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| zfgstorage function| onClickTrigger object| syncCallbacks boolean| zfgonclickfirst function| _cadd6lv9tn boolean| zfgloadedpopup object| utr_1014453 number| userTrackingInterval number| _377391168 function| videojs function| Hls function| hola_player object| videojs_hotkeys object| video function| __onGCastApiAvailable function| submitCommentForm object| holaplayer object| vttjs function| WebVTT string| tab_cookie object| tabberOptions function| setCookie function| getCookie function| deleteCookie function| tabberObj function| tabberAutomatic function| tabberAutomaticOnLoad number| iinf object| cast object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ggeac object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event

24 Cookies

Domain/Path Name / Value
pkembed.com/ Name: file_id
Value: 25726
pkembed.com/ Name: aff
Value: 5
.pkembed.com/ Name: _ga_9THL6SCR56
Value: GS1.1.1733415245.1.0.1733415245.0.0.0
.pkembed.com/ Name: _ga
Value: GA1.2.2038988965.1733415245
.pkembed.com/ Name: _gid
Value: GA1.2.143301920.1733415245
.pkembed.com/ Name: _gat_gtag_UA_152812863_1
Value: 1
zb.rafikfangas.com/ Name: GL_UI4
Value: eJw9jd1Og0AQhaGwtNWCTsID%2BAhQQrWXxlvfgQzMQNfCTrNsqb69q4lenZ98OScIglX%2BAOGSbCG6Yg1PWJZ9TfhcVYeu5z3vezrWBVZ0PLz01Baw1XPjsB3ZxbCZJ7SucUsMu4ENW901nRCn8Oipv%2BZs5GZiUK1FQymoyRNjCuvWym1mm0cQG5wYkreTFa9qwg%2BxEJVV6b023ocFrGTOo%2BwO1Ls2189slwRZlgRwfxnR9WKnRpOParBIDOErbDp0PIj9gjXxfHZyAZCRmn%2F%2B91ONP2uQEC%2B681Hcie03KUxO%2BA%3D%3D
zb.rafikfangas.com/ Name: GL_GI10
Value: eJwVyb0OgjAUBtDeO2BI%2FMkXeQCeoKGgT6ADg2FQJzcCjZBg27RXn9%2BwnOUopbjYgueAfWN0XZ20OVfamBr0Bnc38OBweE627KxMNi69GxMogl8tODrsHv4rU9n6ZS3QgPzuRWwc%2Bw9oxmZurtpZAbuE%2FOJj8LEXCwoZgcWvprFQoF92%2FAMrVSIJ
.thursday18237.videocdnmetrika13.com/ Name: cookieEnab
Value: 1
oaraiwephoursou.net/ Name: OAID
Value: 0081297cdfef49c7f6e2471a23d0cce0
oaraiwephoursou.net/ Name: oaidts
Value: 1733415245
.videocdnmetrika13.com/ Name: _ym_uid
Value: 1733415245983408204
.videocdnmetrika13.com/ Name: _ym_d
Value: 1733415245
my.rtmark.net/ Name: ID
Value: 0081297cdfef49c7f6e2471a23d0cce0
pkembed.com/ Name: prefetchAd_5307559
Value: true
oaraiwephoursou.net/ Name: syncedCookie
Value: true
mc.yandex.ru/ Name: yabs-sid
Value: 1761307051733415245
.yandex.ru/ Name: yuidss
Value: 4241193351733415245
.yandex.ru/ Name: ymex
Value: 1764951245.yrts.1733415245#1764951245.yrtsi.1733415245
.yandex.ru/ Name: bh
Value: EkEiR29vZ2xlIENocm9tZSI7dj0iMTMxIiwgIkNocm9taXVtIjt2PSIxMzEiLCAiTm90X0EgQnJhbmQiO3Y9IjI0IioCPzA6ByJMaW51eCJgzaLHugY=
.yandex.ru/ Name: i
Value: ZfrhrQYDIIiB5u2P3goj8KjbBCn+32ZCW0YqB1hhGjv6MSlujHEq8jtLmTL/XZAYSDfDtK5Iz/u3YqJQvXUastReReU=
.yandex.ru/ Name: yandexuid
Value: 1843738011733415245
.yandex.ru/ Name: yashr
Value: 6583884421733415245
.videocdnmetrika13.com/ Name: _ym_isad
Value: 2

9 Console Messages

Source Level URL
Text
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://shortlyamusement.com/791f60ab8111269675d860b5a876b8e0/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://shortlyamusement.com/791f60ab8111269675d860b5a876b8e0/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://platform.bidgear.com/ads.php?domainid=6397&sizeid=2&zoneid=6894
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://d39xdhxlbi0rlm.cloudfront.net/?xhdxd=1014453, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering warning URL: https://pkembed.com/rg81bizoyuiw.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0005D03D40D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://pkembed.com/rg81bizoyuiw.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070C002D40D0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
network error URL: https://shortlyamusement.com/791f60ab8111269675d860b5a876b8e0/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://shortlyamusement.com/ff85992c0d652506a0d772aea0bc982c/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://shortlyamusement.com/ff85992c0d652506a0d772aea0bc982c/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://shortlyamusement.com/ff85992c0d652506a0d772aea0bc982c/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
allvideometrika.com
d39xdhxlbi0rlm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gtgtxvhamuewyo.com
imasdk.googleapis.com
imp9.bidgear.com
lansaimplemuke.com
my.rtmark.net
oaraiwephoursou.net
perr.h-cdn.com
pk2.vkcdn5.com
pkapp.vkcdn5.com
pkembed.com
platform.bidgear.com
region1.google-analytics.com
securepubads.g.doubleclick.net
shortlyamusement.com
ukankingwithea.com
undefined
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
yflexibilitukydt.com
zb.rafikfangas.com
accounts.google.com
ukankingwithea.com
undefined
www.facebook.com
139.45.197.168
139.45.197.242
143.204.215.95
172.217.18.3
172.217.18.99
172.217.23.98
172.240.253.132
172.67.143.165
173.208.196.162
188.114.96.3
188.114.97.3
2001:4860:4802:32::36
23.109.170.209
2600:9000:2724:6e00:1b:4e9e:6e80:21
2606:4700:20::681a:36b
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
34.196.68.227
5.182.210.208
62.210.38.232
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
08c8894ca69591424058ac956d0138b1026b38e8d8a9c3ecdde3c9fff12699b0
12cc44e9fbde17f1115a8a929af2ed996ece3521f7b738dc44e44f2591abfa35
14e0f11b9f8208af547b11c4ac0496bafaefa9c7d1b5fc2c22dfae0c47aeaab8
2fcdc394f8f82f4a1f54a28ce4b936ad67d370ee4636a36e190a5ef849ef8e91
3a52486358f73d405f00dacf847fee050a507fdb01647590fbad8c4c2f287cd9
3e0ded51afb722f438ca05c61eb1e8083699a5ed154eec92a665eff8a537f300
43ac3865ac01e3e268b117f477e1761ec9c1675b000ece5a99db12912a506c8b
47791f222b1a43f0fd4cc31b07381ba61e87bdd82c63e46fbdb357d7890c4e63
4d1c3bcfaf5ff52230762efb499ab2ba040d3640e628f346cf9d4fe57a89ca91
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ffcb0115842a113ed89d26dacde3e77dea9f587eb0ebafe321c90559dfd425
5a81985e0ab04bbb82a3ad75c9da3fa1683f934dc9e99b5a28b2523d2260b6a3
5b99794090e8efd43588026e15f30c05ae22d917096374fde0b46239ad852097
5c8432b491584e8c3641d2a6e52bdbd0f700bc488ce2ab19c2a0117cdd2bffac
688a19b3d27111cbd009ced47470cb943871fed095564ab3660f89d290333ae0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
73d32ee571b934d7e52498bd60e7b7fdd7026f47f1a68eb8ce9e7b7d6243beac
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc
79f154a16c6367baeba0eedcb8e1999a2e82742337480b8ffd24fe265dc33dc3
820a809ac3c16c70321556d9ef808ad14c39795e0da699375aa8a16f21adc1f1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83430139279a7c9aef5da8fe9bdf67d56350a4836deca67c90d6ad8adc309c47
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
956a35796f6cdde9e68964fca782f4cbec0da92c81656ef2d13714bdae6adfa6
97ea5755f0133dbd54dc8424efe98b429b145efbee6b0cb3408c5c1011c3a01a
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
ac97412640a9817a423ff186f4a162504fdbe3e57a28ae370cf4fa8cf6bd8752
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
b41a44265fa9e317f804114a83299ce1a94a13fd4910e78ad54cc6026c9cc6fa
b9bb9d4a65084f3d6e0f452d9d4397d7e788d2fb4a84c73018b9b75552c65b84
b9ea7368bdeb874b872c57df21fdad4d93ce2219a6e32cb718ad1a8b9095773a
c05bbf6195d149c1e85bb45c06beabaa8b7137190b760a9456c4a6ef71ae2100
c883f655a358fe62fdb9329e1d4142bf4d44d74677469c60818e6104e899f0a5
c8a84372ece060ed361527a4517edace8aff92d6288323c52c8333500e1ae70a
d3f5662bf9dd7d3d1192cba84856d2216e366aa484e064d4c48786e0fb58e18e
d95ef68aba30eecf80756ae2645af00669c14c2def73eb5d528a5f767e3392d0
dcca0231ab30226c9d90531d2000af1791a2f468801ffae6b6829185ee9be2b9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e37a634fc13d78f4305920ecb088bf0faf59bde98e0ca888e53cc99297d0ea46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
f2d0d4c3c8f76a3beeb0a3ffa0ae69ed4a0308c43275864ca73ec0cdfba1aa17
f2f42bf6bd7d7ef2e610c717db7037be84a34c4085bbc299e498fe3251cd1222
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fb4ce9bca5bdc15e76e3f7ad190a83bca6a0b499257acc7281c31231697da075
fefd5c42d249823c4ed9ad5d1a8bf05321644a1fcc4c215ce1d030b4c90aeda2