| zerossl.ocsp.sectigo.com/ | 172.64.149.23 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP172.64.149.23:0
Hash6b57c4e1dea2440ef319f7220c65327a 8ca7ab715790c71d8b936e292b92dae3fc71aec4 8a31f7014782173885ccc6190f2d4a9c9fb6f49b14ac2ce4ac4039f0be1ba2b5
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:11:44 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 07 May 2024 20:50:16 GMT
Expires: Tue, 14 May 2024 20:50:15 GMT
Etag: "8ca7ab715790c71d8b936e292b92dae3fc71aec4"
Cache-Control: max-age=404910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 88171644fb00569a-OSL
|
|
| cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs | 142.250.74.97 | 200 OK | 2.4 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (6424) Hash6393ac9e45a6d5ee654a34f6ba21346b cd1759dcc2a949065a147713082633f001936a8c c6f280bdfc06eec42043941739af8a31aa38b39ca3b21b504cb25109e7ef96d1
GET /v0/amp-install-serviceworker-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2378
date: Fri, 10 May 2024 04:11:45 GMT
expires: Fri, 10 May 2024 04:11:45 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "208b2d71b5f5387f"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-accordion-0.1.mjs | 142.250.74.97 | 200 OK | 4.9 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-accordion-0.1.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (14003) Hash36980fdb6d2307e4eb6562124f8ab4f3 22e265cd2eda37f8693457ac9aefc62d862732fd 052209734e60bc5b7001e8818479fed02b002f51acfc16fc0cd1df60ba99dc04
GET /v0/amp-accordion-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 4863
date: Fri, 10 May 2024 04:11:45 GMT
expires: Fri, 10 May 2024 04:11:45 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "565a523971137f69"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0.mjs | 142.250.74.97 | 200 OK | 64 kB |
URL GET HTTP/2cdn.ampproject.org/v0.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64648) Hash0dbe8940ca4584f3da3e3e1755a367c8 2ece8eb5b80622b901a3ea4389f6fc513cb41ebe 9b78f7ecb5e7fe1f36b2c9b47a1ed0c19d965538f8938e82a9975569a3786ee9
GET /v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 63653
date: Fri, 10 May 2024 04:11:45 GMT
expires: Fri, 10 May 2024 04:11:45 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "efb34de1383110f4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-youtube-0.1.mjs | 142.250.74.97 | 200 OK | 10 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-youtube-0.1.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (31465) Hash81317ef3ef0e1705180baf1dacae8da7 836e53405bc4e3b3f792a45d8ad08ea1c41c4d3f b29653165df69a4495c2d02cc56575e237daf775d83f9f69d1e6c1a3085a2954
GET /v0/amp-youtube-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 10320
date: Fri, 10 May 2024 04:11:45 GMT
expires: Fri, 10 May 2024 04:11:45 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "3236f36cbf57fae7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 159.223.44.40/?clickid=812646710978289664 | 159.223.44.40 | 200 OK | 61 kB |
URL User Request GET HTTP/1.1159.223.44.40/?clickid=812646710978289664 IP159.223.44.40:443 ASN#14061 DIGITALOCEAN-ASN
CertificateIssuerZeroSSL Subject159.223.44.40 Fingerprint27:BB:20:81:29:6D:CB:50:CB:AA:A3:2B:58:C6:EF:6B:4B:A8:4D:78 ValidityWed, 17 Apr 2024 00:00:00 GMT - Tue, 16 Jul 2024 23:59:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hashda11edc440cff784a2f67fb1dc41d900 93676c5161086988259aac5efa59806805f7e60e 33d5dcde428e950a9feda06547ad179866758295276dd28541901c046451673a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?clickid=812646710978289664 HTTP/1.1
Host: 159.223.44.40
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:11:45 GMT
Server: Apache/2.4.52 (Ubuntu)
Last-Modified: Fri, 26 Apr 2024 08:18:57 GMT
ETag: "edd0-616fb8e1d96d6"
Accept-Ranges: bytes
Content-Length: 60880
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
|
|
| kilat.digital/images/2023/12/13/fc60389f1f23bd5e0c1f38b1bf684ee1.jpg | 188.114.97.1 | 200 OK | 239 kB |
URL GET HTTP/2kilat.digital/images/2023/12/13/fc60389f1f23bd5e0c1f38b1bf684ee1.jpg IP188.114.97.1:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerLet's Encrypt Subjectkilat.digital Fingerprint71:56:AC:43:F6:D9:0E:08:A9:5E:B1:75:DB:31:20:3F:64:9E:B4:62 ValiditySat, 30 Mar 2024 15:47:11 GMT - Fri, 28 Jun 2024 15:47:10 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 840x473, components 3 Size239 kB (239324 bytes) Hashf61d1816d5cc3038eda9d032f66ae8e4 0389c55a00f60c96ce45a13f4d074199e06ddd99 e81b545f61c89dc4f7d6291c4cf12a7b1848090afb0e71c66ddf4f9de735b097
GET /images/2023/12/13/fc60389f1f23bd5e0c1f38b1bf684ee1.jpg HTTP/1.1
Host: kilat.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:11:46 GMT
content-type: image/jpeg
content-length: 239324
last-modified: Wed, 13 Dec 2023 10:37:27 GMT
etag: "3a6dc-60c61c0dd9ab1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W8F5H4x4kpl09I9SkqAJ8o4TXKZC8dI1VcDU9jQo2%2BIdNa4oKUghJjQRWNIYqBKowVa%2BFFZR88sDbBSXvDVSY2LgFxz%2BcnwH01vdWcDcHTVoh0Q%2Fjp3ubfKn6nHjIbG1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817164a8b7b5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-carousel-0.1.mjs | 142.250.74.97 | 200 OK | 10 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-carousel-0.1.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (33077) Hash647bf23e12e7808177b6f43575b067cf d62bd58e9a2daaea29749569380a9833342ee1cf 8fbcfd57f065026a325d3b5b08fe51816f2ba244803b4570f11d1e9f03ea78ca
GET /v0/amp-carousel-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 10069
date: Fri, 10 May 2024 04:11:46 GMT
expires: Fri, 10 May 2024 04:11:46 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "34fcf349ffb79ba7"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.mjs | 142.250.74.97 | 200 OK | 2.8 kB |
URL GET HTTP/2cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (6972) Hashc57851f4bdd29b3f6689f178bb91ac6c fd5b8a32b2aa6d83b0da8f073c90502c6ebf61ff bd5f3eb4618c257dd64e0cc90f8a301b3054ef92185df773cfd4d84f477ac7cf
GET /rtv/012404230718000/v0/amp-auto-lightbox-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2820
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 09:50:13 GMT
expires: Thu, 08 May 2025 09:50:13 GMT
cache-control: public, max-age=31536000
etag: "5d3abb36a59e6e7c"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 152494
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.mjs | 142.250.74.97 | 200 OK | 3.9 kB |
URL GET HTTP/2cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.mjs IP142.250.74.97:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (12245) Hash31786eb0ff286ddec54caef27539e872 f3ef1463183e4e88a267a06524738906beed907e 4feb9b704a2d054c4987cb8124ee7b0a9dfcc9aa1a2aefc3e43e675bd9116603
GET /rtv/012404230718000/v0/amp-loader-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://159.223.44.40
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 3916
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 09:50:27 GMT
expires: Thu, 08 May 2025 09:50:27 GMT
cache-control: public, max-age=31536000
etag: "982d4e70a527be43"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 152480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dmwl0ca1bvnm.cloudfront.net/499/logo/logo.png | 54.230.241.13 | 200 OK | 38 kB |
URL GET HTTP/2dmwl0ca1bvnm.cloudfront.net/499/logo/logo.png IP54.230.241.13:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typePNG image data, 408 x 108, 8-bit/color RGBA, non-interlaced Hashbc1f1eddef7ae28d4ee132908a4e92c6 51a6bb7901ebdf94a45b2101a8ac23c4e629d043 5e63acfefeb0bda162ce3def07d33f454d6a6e4af9ae300fed4a26754d2e2e2a
GET /499/logo/logo.png HTTP/1.1
Host: dmwl0ca1bvnm.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 37697
last-modified: Fri, 23 Jun 2023 08:17:38 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Fri, 10 May 2024 04:11:47 GMT
etag: "bc1f1eddef7ae28d4ee132908a4e92c6"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FJ2AxnNu5Lq0Kgjcb5wrKkoLhkrnf_jefKu-cRne1DE1s8QDRMlgzA==
age: 84078
X-Firefox-Spdy: h2
|
|
| kilat.digital/images/2024/01/20/2f67caf0c609a9cca17553633ada5cac.png | 188.114.97.1 | 200 OK | 1.4 MB |
URL GET HTTP/3kilat.digital/images/2024/01/20/2f67caf0c609a9cca17553633ada5cac.png IP188.114.97.1:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerLet's Encrypt Subjectkilat.digital Fingerprint71:56:AC:43:F6:D9:0E:08:A9:5E:B1:75:DB:31:20:3F:64:9E:B4:62 ValiditySat, 30 Mar 2024 15:47:11 GMT - Fri, 28 Jun 2024 15:47:10 GMT
File typePNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced Size1.4 MB (1407106 bytes) Hash1c56ee9c8a6ad5da140b2c07c3ea4159 3bbd4351eba852cd364320f0485732bd79f7ed22 c1caf1ec4172bbd512e60dbc79f422dc0df497a8fcdbb90bde337af2293997da
GET /images/2024/01/20/2f67caf0c609a9cca17553633ada5cac.png HTTP/1.1
Host: kilat.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:11:47 GMT
content-type: image/png
content-length: 1407106
last-modified: Sat, 20 Jan 2024 08:33:49 GMT
etag: "157882-60f5c74b2a826"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=haAO6AbWYZKEF2RTgh2xaIAaFPqkC%2ByE0%2FKAMxF2clZwcH6FMFyD0ai5kEMFBf%2FWWJmjs43jkZONMZmPn%2FJwZL5WCtx%2FoHI0E0rFFZWmLM%2BK9pJj%2BWrvNBkY72WSqlF3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88171652def05684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| kilat.digital/images/2024/02/16/ece776d73109899ba5d920fd29c11791.png | 188.114.97.1 | 200 OK | 13 kB |
URL GET HTTP/3kilat.digital/images/2024/02/16/ece776d73109899ba5d920fd29c11791.png IP188.114.97.1:443
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerLet's Encrypt Subjectkilat.digital Fingerprint71:56:AC:43:F6:D9:0E:08:A9:5E:B1:75:DB:31:20:3F:64:9E:B4:62 ValiditySat, 30 Mar 2024 15:47:11 GMT - Fri, 28 Jun 2024 15:47:10 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hash2cf9b9f3daf3a08d37c546bb1d61ea6f ceb97ba547422428fad4ef4b2c9abd77e67b8f20 3ff86ed00dbeba4fd2f5f0e2ff64b5e46f89151cfb2027f23f52edc3ec84c733
GET /images/2024/02/16/ece776d73109899ba5d920fd29c11791.png HTTP/1.1
Host: kilat.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:11:47 GMT
content-type: image/png
content-length: 12817
last-modified: Fri, 16 Feb 2024 11:03:00 GMT
etag: "3211-6117dafe75120"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aL0WmeV7GCGjkej2Lbe49kO271aViIQqxMhkL0gJcBnWmbJB3RlirSu7c12GsnZE%2B5rRUvlBxNCAztlfIE919bVU7fxWeopxlqI5c8w0SChGlolK2ZigdPxQkIcV%2FleN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881716547fb05684-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sgp1.digitaloceanspaces.com/colokimage/IOS/GIF/GIF%20IOS.gif | 103.253.144.208 | 200 OK | 2.9 MB |
URL GET HTTP/2sgp1.digitaloceanspaces.com/colokimage/IOS/GIF/GIF%20IOS.gif IP103.253.144.208:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://159.223.44.40/?clickid=812646710978289664 CertificateIssuerDigiCert Inc Subject*.sgp1.digitaloceanspaces.com FingerprintA8:92:F3:D1:4B:84:DB:36:4C:05:F4:43:5A:A4:13:0B:34:0E:47:00 ValidityFri, 01 Dec 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
File typeGIF image data, version 89a, 842 x 112 Size2.9 MB (2897557 bytes) Hash4f28cf8550a913d909f183ed45df9ef4 eb5c9a654d96e9b72395470b5431b782940557ce c81358d509118f416148b6cb1c2d205d4a070e236df6a7e52e08d161027f9c70
GET /colokimage/IOS/GIF/GIF%20IOS.gif HTTP/1.1
Host: sgp1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://159.223.44.40/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 2897557
accept-ranges: bytes
last-modified: Wed, 13 Dec 2023 01:51:13 GMT
x-rgw-object-type: Normal
etag: "4f28cf8550a913d909f183ed45df9ef4"
x-amz-request-id: tx00000cbf49f3a22341675-00663d9e83-3bfb880d-sgp1b
content-type: image/gif
date: Fri, 10 May 2024 04:11:47 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|