| zerossl.ocsp.sectigo.com/ | 104.18.38.233 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP104.18.38.233:0
Hash28a5d71ae3f41abfad49bb97d77dc0be 0bb3cb1718f8cfeb1870e365a717c1f616ef28a8 08daf73ddb2f10d218c89866b4930d51a2530fcaa918120ab331fb4a18cc5ca3
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:44:01 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 07 May 2024 10:55:36 GMT
Expires: Tue, 14 May 2024 10:55:35 GMT
Etag: "0bb3cb1718f8cfeb1870e365a717c1f616ef28a8"
Cache-Control: max-age=367293,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8817458debed0b45-OSL
|
|
| zerossl.ocsp.sectigo.com/ | 104.18.38.233 | | 728 B |
URL zerossl.ocsp.sectigo.com/ IP104.18.38.233:0
Hash28a5d71ae3f41abfad49bb97d77dc0be 0bb3cb1718f8cfeb1870e365a717c1f616ef28a8 08daf73ddb2f10d218c89866b4930d51a2530fcaa918120ab331fb4a18cc5ca3
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:44:01 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Tue, 07 May 2024 10:55:36 GMT
Expires: Tue, 14 May 2024 10:55:35 GMT
Etag: "0bb3cb1718f8cfeb1870e365a717c1f616ef28a8"
Cache-Control: max-age=367293,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8817458d3c0a0b4d-OSL
|
|
| 149.28.129.126/?clickid=812657657654546433 | 149.28.129.126 | 200 OK | 5.6 kB |
URL User Request GET HTTP/1.1149.28.129.126/?clickid=812657657654546433 IP149.28.129.126:443
CertificateIssuerZeroSSL Subject149.28.129.126 Fingerprint87:A1:F8:3A:D7:63:5A:B5:4F:BD:5F:72:3F:A0:0B:AF:A0:AE:C8:67 ValiditySun, 18 Feb 2024 00:00:00 GMT - Sat, 18 May 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash4779496ea76b646b6d51807365b506d2 dba36d7983e5b2bda3ee356fa40df8e4ea946a3e 41c3fc66e9cad345c0e52e20049399e23b1468712fe0b67e59ea56d4f849ecb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?clickid=812657657654546433 HTTP/1.1
Host: 149.28.129.126
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 10 May 2024 04:44:01 GMT
Server: Apache/2.4.52 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5630
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| cdn.ampproject.org/v0/amp-sidebar-0.1.js | 142.250.74.65 | 200 OK | 9.6 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-sidebar-0.1.js IP142.250.74.65:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (31247) Hashe60142d9cc427304f82966ffdfe50f04 f74f873a42a95ae0f6fc4326ec84591f55e024d6 7c7c3c41459bb5e0deed5ebc2f12aea19f4fcf93a726c5b6d944e1dd25731667
GET /v0/amp-sidebar-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 9643
date: Fri, 10 May 2024 04:44:02 GMT
expires: Fri, 10 May 2024 04:44:02 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "0b2bf20751623deb"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0/amp-carousel-0.1.js | 142.250.74.65 | 200 OK | 12 kB |
URL GET HTTP/2cdn.ampproject.org/v0/amp-carousel-0.1.js IP142.250.74.65:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (38603) Hash640ab8f635029094c2584b3ae31cc5d7 ebac76ee7f4dc9e1b339ef4fd82ca840e5969c6f 46e5eac6994328262c48e1b72b4c8d0345cb0d0474fd0847a16f3bb0581a3dcd
GET /v0/amp-carousel-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 11509
date: Fri, 10 May 2024 04:44:02 GMT
expires: Fri, 10 May 2024 04:44:02 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "9abb8b5869db859a"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/v0.js | 142.250.74.65 | 200 OK | 73 kB |
IP142.250.74.65:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64654) Hash3b2111f019d104164d5a800eeae7abf9 019b3e772fada2bb1772df0f8ff3de71ccf392aa b3d6c26e864ccd4da281f37b50f9acf8508c504780be13a0e8094ae3e557ac8a
GET /v0.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 73084
date: Fri, 10 May 2024 04:44:02 GMT
expires: Fri, 10 May 2024 04:44:02 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "5fd6afb7d4b2d5d6"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| res.cloudinary.com/dvolqga8x/raw/upload/v1588537654/GoertekVariableGX_v2-909498a32ac8ab65d6c9cebcf0a633d3.woff2 | 104.19.166.65 | 200 OK | 20 kB |
URL GET HTTP/2res.cloudinary.com/dvolqga8x/raw/upload/v1588537654/GoertekVariableGX_v2-909498a32ac8ab65d6c9cebcf0a633d3.woff2 IP104.19.166.65:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerGoDaddy.com, Inc. Subject*.cloudinary.com FingerprintF8:54:70:A6:3D:D6:0A:BD:5E:7A:14:E6:56:4C:42:23:56:BB:E6:7C ValidityThu, 14 Dec 2023 11:11:09 GMT - Sat, 22 Jun 2024 11:52:01 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 20340, version 1.0 Hash909498a32ac8ab65d6c9cebcf0a633d3 f00fa06c0dfbdf57eca4b511af854dfebfd4a8c3 357539f916b3a1a99cefe59be70d328339bfec5a29ebf8fd32aa0ba6f05ab23f
GET /dvolqga8x/raw/upload/v1588537654/GoertekVariableGX_v2-909498a32ac8ab65d6c9cebcf0a633d3.woff2 HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://149.28.129.126
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:44:02 GMT
content-type: application/octet-stream
content-length: 20340
cf-ray: 88174591bd790b49-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
content-disposition: attachment; filename="GoertekVariableGX_v2-909498a32ac8ab65d6c9cebcf0a633d3.woff2"
etag: "909498a32ac8ab65d6c9cebcf0a633d3"
last-modified: Sun, 03 May 2020 20:27:35 GMT
strict-transport-security: max-age=604800
vary: Accept-Encoding
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary
server-timing: cld-cloudflare;dur=318;start=2024-05-10T04:44:02.204Z;desc=miss,rtt;dur=1;cloudinary;dur=30;start=2024-05-10T04:44:02.431Z
timing-allow-origin: *
server: cloudflare
X-Firefox-Spdy: h2
|
|
| kilat.digital/images/2024/02/16/ece776d73109899ba5d920fd29c11791.png | 172.67.147.100 | 200 OK | 13 kB |
URL GET HTTP/2kilat.digital/images/2024/02/16/ece776d73109899ba5d920fd29c11791.png IP172.67.147.100:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerLet's Encrypt Subjectkilat.digital Fingerprint71:56:AC:43:F6:D9:0E:08:A9:5E:B1:75:DB:31:20:3F:64:9E:B4:62 ValiditySat, 30 Mar 2024 15:47:11 GMT - Fri, 28 Jun 2024 15:47:10 GMT
File typePNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced Hash2cf9b9f3daf3a08d37c546bb1d61ea6f ceb97ba547422428fad4ef4b2c9abd77e67b8f20 3ff86ed00dbeba4fd2f5f0e2ff64b5e46f89151cfb2027f23f52edc3ec84c733
GET /images/2024/02/16/ece776d73109899ba5d920fd29c11791.png HTTP/1.1
Host: kilat.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 04:44:03 GMT
content-type: image/png
content-length: 12817
last-modified: Fri, 16 Feb 2024 11:03:00 GMT
etag: "3211-6117dafe75120"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1936
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NAEKdgzFaC6RK7oR8r2xcGMLTfi0maM9pjgRpTMU%2B97F8WI38s8ApqTVq7zqzAMzMbWTsZx1PLfkPiSyGDpx4P0GdqHCZn9DZR%2FvfUtLarnLEZPn8uIMSWgFad5vvNvN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8817459758a4b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.js | 142.250.74.65 | 200 OK | 3.9 kB |
URL GET HTTP/3cdn.ampproject.org/rtv/012404230718000/v0/amp-loader-0.1.js IP142.250.74.65:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (12614) Hashcf5f4ddf071061f97a5a0927e8a22805 c1bf10e02fbb346cbb15faac3e1af0e673c60553 be188de16847f6e9ef2bf1094104cb640cc096212c148a11392616ce5f6b6526
GET /rtv/012404230718000/v0/amp-loader-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://149.28.129.126
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 3943
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 09:50:15 GMT
expires: Thu, 08 May 2025 09:50:15 GMT
cache-control: public, max-age=31536000
etag: "a77c6c3a9a5cff47"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 154428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js | 142.250.74.65 | 200 OK | 3.0 kB |
URL GET HTTP/3cdn.ampproject.org/rtv/012404230718000/v0/amp-auto-lightbox-0.1.js IP142.250.74.65:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.google.com Fingerprint15:D1:F9:FD:F4:47:59:FF:66:C1:EB:18:18:71:8F:7D:9A:38:20:14 ValidityTue, 16 Apr 2024 03:24:35 GMT - Tue, 09 Jul 2024 03:24:34 GMT
File typeJavaScript source, ASCII text, with very long lines (7690) Hash2f5409797573545ef00da57189731689 20ac241032e56151958c680707209c9c298868e3 9c2ac126d439f7e51f5ab6961f5a4d567bcad323ee2450998df29515cf0ad765
GET /rtv/012404230718000/v0/amp-auto-lightbox-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://149.28.129.126
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2976
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 May 2024 09:50:15 GMT
expires: Thu, 08 May 2025 09:50:15 GMT
cache-control: public, max-age=31536000
etag: "7e4a961a3c2d0fa7"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 154428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| kilat.digital/images/2024/02/16/957eb5c0c4ef9b3a2852b822da4b60d2.gif | 172.67.147.100 | 200 OK | 265 kB |
URL GET HTTP/3kilat.digital/images/2024/02/16/957eb5c0c4ef9b3a2852b822da4b60d2.gif IP172.67.147.100:443
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerLet's Encrypt Subjectkilat.digital Fingerprint71:56:AC:43:F6:D9:0E:08:A9:5E:B1:75:DB:31:20:3F:64:9E:B4:62 ValiditySat, 30 Mar 2024 15:47:11 GMT - Fri, 28 Jun 2024 15:47:10 GMT
File typeGIF image data, version 89a, 600 x 187 Size265 kB (265442 bytes) Hash33c7a4af4630ff1fc9062ddecb0bdd75 c8af844337c4a72ccf22d21af9b2438bf9998443 8b5b74435a280c934764f0d625c1497d1f00dd70bec237105f72e258a7204575
GET /images/2024/02/16/957eb5c0c4ef9b3a2852b822da4b60d2.gif HTTP/1.1
Host: kilat.digital
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 04:44:03 GMT
content-type: image/gif
content-length: 265442
last-modified: Fri, 16 Feb 2024 09:16:40 GMT
etag: "40ce2-6117c33a9fcd2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guGt5c1qcgDmDrDtoL%2BBOv35lS%2FH%2FozKZzPfPrEkowM6MpnJ7uLNZ9NG7Metb4p3SdSCP4LgPHecVu%2FmHIxYcfX1WWES%2FO3xxUZVHZqMFpnKPawP0gq7QxmnZxLm6IS7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88174597c83a5695-OSL
alt-svc: h3=":443"; ma=86400
|
|
| sgp1.digitaloceanspaces.com/colokimage/IOS/bannerlppromoiosbet-ezgif.com-png-to-webp-converter.webp | 103.253.144.208 | 200 OK | 177 kB |
URL GET HTTP/2sgp1.digitaloceanspaces.com/colokimage/IOS/bannerlppromoiosbet-ezgif.com-png-to-webp-converter.webp IP103.253.144.208:443 ASN#14061 DIGITALOCEAN-ASN
Requested byhttps://149.28.129.126/?clickid=812657657654546433 CertificateIssuerDigiCert Inc Subject*.sgp1.digitaloceanspaces.com FingerprintA8:92:F3:D1:4B:84:DB:36:4C:05:F4:43:5A:A4:13:0B:34:0E:47:00 ValidityFri, 01 Dec 2023 00:00:00 GMT - Tue, 17 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 2334x1167, Scaling: [none]x[none], YUV color, decoders should clamp Size177 kB (176670 bytes) Hash6249aa9a0bafdeb6631a7c931b93611d ab884457bdecdea64a6a08498e6d33107d5f3b65 2f0c52a5839c6b78edf31f0b67df57fec88059a5c7f42f1bb0aad661e3d8ec4f
GET /colokimage/IOS/bannerlppromoiosbet-ezgif.com-png-to-webp-converter.webp HTTP/1.1
Host: sgp1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://149.28.129.126/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 176670
accept-ranges: bytes
last-modified: Fri, 16 Feb 2024 07:53:31 GMT
x-rgw-object-type: Normal
etag: "6249aa9a0bafdeb6631a7c931b93611d"
x-amz-request-id: tx00000c042833f1c6682e8-00663da614-3bfb881c-sgp1b
content-type: image/webp
date: Fri, 10 May 2024 04:44:04 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-envoy-upstream-healthchecked-cluster:
X-Firefox-Spdy: h2
|
|