Report - salingsilang1.com/

Report Overview

Submitted URL
salingsilang1.com/
IP
151.139.128.10
ASN
#20446 STACKPATH-CDN
Submitted
2022-09-25 12:36:20
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.161.6.128
unphionetor.com	54035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	139.45.197.236
secure.livechatinc.com	6541	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	572 B	2.1 kB	23.36.79.16
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	4.9 kB	142.250.74.3
img.pay4d.info	93767	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	19 kB	848 kB	104.21.16.186
api.livechatinc.com	5353	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	7.3 kB	23.36.79.16
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	428 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	12 kB	151.101.85.229
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	31 kB	69.16.175.10
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	1.9 kB	104.18.20.226
cdn.livechatinc.com	6288	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	356 B	26 kB	23.36.79.16
accounts.livechatinc.com	7698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480 B	1.6 kB	23.36.79.16
propeller-tracking.com	187053	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	728 B	139.45.197.240
salingsilang1.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	2.5 MB	151.139.128.10
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.1 kB	93.184.220.29
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	143 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-25	medium	unphionetor.com	Sinkholed
2022-09-25	medium	unphionetor.com	Sinkholed
2022-09-25	medium	unphionetor.com	Sinkholed

Files detected

URL
unphionetor.com/vbl?t=87390&bid=undefined&aid=undefined
IP
139.45.197.236
ASN
#9002 RETN Limited

File type
gzip compressed data, max compression\012- data
Size
685 B (685 bytes)
Hash
a54b71532876597bb65061aa11ba5743
14760a347784b270fafb7eaf4c44df2f06155327
cdf3283edfd5b818b387c722844d2aadd769549634a3d308c2f853d1d351b1ae

Detections

Analyzer	Verdict	Alert
VirusTotal	0/0

JavaScript (21)

	URL	Size	First Seen	Last Seen
	salingsilang1.com/	64 B	2023-03-07	2023-04-20
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2023-04-20 04:38:05 Times Seen45 Hash 7008b4cf27e5df1c0e715885bb4dcd72 8aff2414558b1345a6f67d1783d73116d5de566e 03e31cacefb756fe9eba705d8b69db35e9e63c86ea4ff74cbe99c10a8663af03 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0	105 B	2023-03-07	2023-04-05
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-04-05 02:06:41 Times Seen330 Hash d30bfddcdb3764a782b7c8584021d1d6 64ed02149d0db57e6c1d68992361d7c1330a663a 5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623 Loading...

	salingsilang1.com/js/jquery.pause.min.js	1.7 kB	2023-03-07	2024-01-09
Pretty URL salingsilang1.com/js/jquery.pause.min.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-01-09 19:36:30 Times Seen48 Hash 17e6addbebb0c8408de8629c8cd5ac46 a9a7d181c4361235077b4ecb8f73bcd90d2bdbc2 201542af15d8f2840e6e0ed30a359092760f6a394a3e1dbecf61b5ffbd5bdbe1 Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12338346&url=https%3A%2F%2Fsalingsilang1.com%2F&channel_type=code&jsonp=__z7gijwv1x	261 B	2023-03-08	2023-03-08
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12338346&url=https%3A%2F%2Fsalingsilang1.com%2F&channel_type=code&jsonp=__z7gijwv1x IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:02:12 Last Seen2023-03-08 01:02:12 Times Seen1 Hash 34358063f226311bdcbeb38120deb8bd d0d01385dd2ba39e0f4eeba9425c390750658233 a49cd7f2ac58e327d76b0f48fa21bdc5145ac1fcb31f657aef259de34705d678 Loading...

	unknown	0 B	2023-03-07	2024-04-18
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-18 12:23:46 Times Seen36938499 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.livechatinc.com/widget/static/js/2.a65e7be1.chunk.js	336 kB	2023-03-07	2023-03-08
Pretty URL cdn.livechatinc.com/widget/static/js/2.a65e7be1.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:13:30 Last Seen2023-03-08 02:57:21 Times Seen1 Hash 4a3412eb638f4f47764705ca249f34e6 e81543406b38371e7cf9af420925c53ed734ce8b bfc25bb4376d7095f56f84bcb96d28ff99b04161b73d2abd81d3484f71a21048 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0	2.4 kB	2023-03-07	2023-03-08
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0 IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:11:42 Last Seen2023-03-08 02:57:21 Times Seen1 Hash 45dff58acb9a7e1fe4901ef60cb0e0c6 fd2a1659f38c2570f95b79d57e922659810dc5d2 f2f42d2177510d2baf4e859e7901fffe84f2c9e82435d677c0c84a40923a4653 Loading...

	salingsilang1.com/js/webduo35.js	28 kB	2023-03-08	2023-04-20
Pretty URL salingsilang1.com/js/webduo35.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:02:12 Last Seen2023-04-20 04:38:05 Times Seen58 Hash 03202158f907e827e9eca32f48e68d7a af1ce4eb09aff731dcb5b60220efb67b955048a1 de786ed07d8d63eb4363dab605cf35309cba929aac48c02f00a9f3697c4a9f77 Loading...

	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-18 12:05:41 Times Seen259649 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	propeller-tracking.com/fv.js?t=87390	5.2 kB	2023-03-07	2024-04-18
Pretty URL propeller-tracking.com/fv.js?t=87390 IP 139.45.197.240 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-18 08:55:45 Times Seen2352 Hash 563d777535ce88943a94a6be86f378c8 8753745424d367275e3fe55a5661fe51b1e1fb72 0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a Loading...

	salingsilang1.com/	90 B	2023-03-07	2024-04-18
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-04-18 12:05:46 Times Seen867 Hash cc3c144b883a3abdbbe71701ebb0e66b 9a6863582eebab6a5c00391ef8a37b3afa855945 26ded8f2b1b53d104c738332e3ede0dc27518fe9aba6ecb67be692592f02e88a Loading...

	salingsilang1.com/	131 B	2023-03-08	2023-03-08
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:02:12 Last Seen2023-03-08 01:02:12 Times Seen1 Hash e59dc2efb46cbc48761cb3103de56896 f83cc2aab2b4b2f88be1b2619e14c4abf5d72609 a853784375440ab26182c20472008826bc94447629d580ef4792abb48bcfa100 Loading...

	salingsilang1.com/	169 B	2023-03-07	2024-02-20
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-02-20 23:26:03 Times Seen244 Hash b21e43c0570e9fc4f8205b825bb547ec b5246ed21fcc5fa2a3dc128e2054c77eadf2bc8d dc768117ef69bdcdd52eaad2b2207c142fcf34775e10165ef4f6d42a611cb69c Loading...

	cdn.livechatinc.com/tracking.js	86 kB	2023-03-07	2023-03-08
Pretty URL cdn.livechatinc.com/tracking.js IP 23.36.79.16 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:10:53 Last Seen2023-03-08 02:57:21 Times Seen1 Hash 08c0746873a649a99ee8d47403496ba9 0898abc4749fe16ccf7bbadb716dc633da0a7b1c b9607866e99d4ec34da03476799ffbc3c0435a9cd2786482d4c16626c36495a1 Loading...

	salingsilang1.com/js/jquery.marquee.min.js	9.1 kB	2023-03-07	2024-02-16
Pretty URL salingsilang1.com/js/jquery.marquee.min.js IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2024-02-16 12:33:21 Times Seen73 Hash fb33cf2aed11f9e6d82f325e3a59aeaa 23269fefa9d4c96301289553b145f6cf2224dc5b 98e6d279e0a953b3aed10af732b0144fac9ec784a386750259b6b03eb3f26d93 Loading...

	cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-18
Pretty URL cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js IP 151.101.85.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 12:09:17 Times Seen12106 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	salingsilang1.com/	22 B	2023-03-07	2023-04-20
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2023-04-20 04:38:05 Times Seen45 Hash 6382d7fb0376e831649246353e4d1c72 f710ee7a7b67204ec04c159ff2c233487cd3d1af f6ec71fffc73475ba11ca4ddcff8b317f4a53b164575728e6b804eba990fe4d8 Loading...

	salingsilang1.com/	299 B	2023-03-07	2023-04-20
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:03:32 Last Seen2023-04-20 04:38:05 Times Seen46 Hash 1ad30f8431977e691204a8e80ea23ca1 7b73359f36d3fe2dcad66fd4486469a5a88c3053 9bd444d31d819741ad3c625ccef43571313e7370ab16642ec4a0fe78d741aaf9 Loading...

	salingsilang1.com/	747 B	2023-03-08	2023-03-10
Pretty URL salingsilang1.com/ IP 151.139.128.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:02:12 Last Seen2023-03-10 18:47:46 Times Seen1 Hash 6f84aaa3a55d62afbc22c49dca8d599e 25ab1a81fc5d891bfb81d24ca3d97a501f97ecdb 271e873f44fe4332e624ff33bf57597fdd7059614c6ef951c58895f4a45a6055 Loading...

	cdn.livechatinc.com/widget/static/js/iframe.ded6051a.chunk.js	456 kB	2023-03-07	2023-03-08
Pretty URL cdn.livechatinc.com/widget/static/js/iframe.ded6051a.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:13:30 Last Seen2023-03-08 02:57:21 Times Seen1 Hash 2e8c291599908b1794e098530f0794c8 81ad98636ea05739ba5d0dc2bbfd8bf49211613e 1be4b3702ceb3da4d84e70dd015000dcb64aca1c737f607368ecbe41dc5265cc Loading...

		Size	First Seen	Last Seen
	#1 Write - cf2800b9fe6904e573108bd81feb82bd	6.4 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 01:02:12 Last Seen2023-03-08 01:02:12 Times Seen1 Hash cf2800b9fe6904e573108bd81feb82bd bfbd540b1f4f29c2fd3d9774c1ebbf57c375d01c c3b5a6b4886c740d6904ca3ba4c81d2a498f025e15ed6cf014f2876e08632c5d Loading...

HTTP Transactions (135)

URL IP Response Size

salingsilang1.com/

151.139.128.10

301 Moved Permanently

0 B

URL HTTP/1.1
salingsilang1.com/
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 25 Sep 2022 12:36:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://salingsilang1.com/
X-HW: 1664109368.cds072.sk1.h2,1664109368.cds015.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 12:14:56 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 19nrDYrTqZIUeIwwqsh2Bwkcw5YnAZvGG-xLh7l46H_QUA_Tm_qhlA==
Age: 1272

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11768
Expires: Sun, 25 Sep 2022 15:52:17 GMT
Date: Sun, 25 Sep 2022 12:36:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lOseDEq-BPO2czn5DfrTekKGdz39xyEvVymb5VWRbmAY9VKunAKW-Q==
age: 28855
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 12:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 12:14:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PeUFoDg4z1aihL98psgHkmBxqK_Y8NpktaLOdLSMrWKdqlZqH4UCkw==
Age: 1912

salingsilang1.com/js/jquery.marquee.min.js

151.139.128.10

200 OK

2.4 kB

URL HTTP/2
salingsilang1.com/js/jquery.marquee.min.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (1219)
Size
2.4 kB (2400 bytes)
Hash
987016506912abc9454e75abf4f6a90e
8e16e257e3664ef63f5823332e84920a0dc04bb9
0d7b78b5d87fd06ee3620491ab569d4bfed6f043821e2a9b06e1dab71254d4fb

HTTP Headers

GET /js/jquery.marquee.min.js HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
etag: "1613377389"
cache-control: max-age=2811
content-encoding: gzip
content-length: 2400
content-type: application/javascript
last-modified: Mon, 15 Feb 2021 08:23:09 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds232.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/js/jquery.pause.min.js

151.139.128.10

200 OK

870 B

URL HTTP/2
salingsilang1.com/js/jquery.pause.min.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (762)
Size
870 B (870 bytes)
Hash
81c62fc185800b2b39185caaaaf0778d
e6ce709ce12fb92b0af00e7d90ae178c56b68076
3a38a819e0d00bc695624e1991fd25f70b4fd644ea08fd3108dd0b41cc7ecb67

HTTP Headers

GET /js/jquery.pause.min.js HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
etag: "1613377389"
cache-control: max-age=2814
content-encoding: gzip
content-length: 870
content-type: application/javascript
last-modified: Mon, 15 Feb 2021 08:23:09 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds247.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/js/webduo35.js

151.139.128.10

200 OK

4.6 kB

URL HTTP/2
salingsilang1.com/js/webduo35.js
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
4.6 kB (4562 bytes)
Hash
d867abc52913e0d7169f71ede1f337e3
d41b3120017ec99363ceebd4e9f76aa3c907c821
be0e32719a66a371074c3d7611333dc9bb40ca5dd288b5b7f0bb538f2dc29c1a

HTTP Headers

GET /js/webduo35.js HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
etag: "1663822253"
cache-control: max-age=2818
content-encoding: gzip
content-length: 4562
content-type: application/javascript
last-modified: Thu, 22 Sep 2022 04:50:53 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds066.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6454
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Last-Modified: Sun, 25 Sep 2022 10:48:35 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
122d884b95ca3991591845904bdfdc51
20c07df8dcf3e79988d0f6cd935f3ad3b42bb571
fcccfed7fb51c90fd92de4d3136d3d90369af2ecf0feb644b30643c748da3080

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Server: ECS (amb/6B8A)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
122d884b95ca3991591845904bdfdc51
20c07df8dcf3e79988d0f6cd935f3ad3b42bb571
fcccfed7fb51c90fd92de4d3136d3d90369af2ecf0feb644b30643c748da3080

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Server: ECS (amb/6B96)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
122d884b95ca3991591845904bdfdc51
20c07df8dcf3e79988d0f6cd935f3ad3b42bb571
fcccfed7fb51c90fd92de4d3136d3d90369af2ecf0feb644b30643c748da3080

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Server: ECS (amb/6BBE)
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
122d884b95ca3991591845904bdfdc51
20c07df8dcf3e79988d0f6cd935f3ad3b42bb571
fcccfed7fb51c90fd92de4d3136d3d90369af2ecf0feb644b30643c748da3080

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Last-Modified: Sun, 25 Sep 2022 12:36:09 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
122d884b95ca3991591845904bdfdc51
20c07df8dcf3e79988d0f6cd935f3ad3b42bb571
fcccfed7fb51c90fd92de4d3136d3d90369af2ecf0feb644b30643c748da3080

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Server: ECS (amb/6BBB)
Content-Length: 279

img.pay4d.info/icon-promo.png

104.21.16.186

200 OK

15 kB

URL HTTP/2
img.pay4d.info/icon-promo.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
15 kB (15448 bytes)
Hash
11a8e2c003ba77a68232b9d691a26bec
44a0551575e11d99ba5af824dffa53da30ae290c
e5090f48858bf3a2ffc2caf8463340102846ca61ebeced2378f1749525e3be52

HTTP Headers

GET /icon-promo.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 15448
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=35857
content-disposition: inline; filename="icon-promo.webp"
last-modified: Fri, 13 Nov 2020 07:11:14 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6Lg7hrX7J%2FJes%2FoZlpyIOaWeSTJ8%2F7uFyhdGch1SZmzh5TPOVs%2BVt9wf7Z6CeHVsCeEMy8Q5YHz8gQC6aY0Eh0MbhJPsp1TfG2i44vHeCu9TPIISlWezcInw9KBGeUK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffc7b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/icon-kontak.png

104.21.16.186

200 OK

13 kB

URL HTTP/2
img.pay4d.info/icon-kontak.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
13 kB (12922 bytes)
Hash
03428e550c367a0b470f6fe70d6d55c0
80b591a03333d4bec9e5ab54a0c3f4c1ed45367e
277e7027c4afd477229e58b7a992d3c43ec2b1406693a3283a8d5a59ceb09b1a

HTTP Headers

GET /icon-kontak.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 12922
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=28713
content-disposition: inline; filename="icon-kontak.webp"
last-modified: Fri, 13 Nov 2020 07:38:15 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FulWziaFLh0ISPWFQMP4FKN5NGcGsZa6JwFNRKxHYdMSLweETlmaPUk19gZZW%2FBSqRWCHid%2BZaXIchoSPvnbwrlaxtpEHFZcW5cg1xOHtrGYi4%2B%2B%2BY7DcnHh5wzCPpr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffc8b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/kontak/sms.png

104.21.16.186

200 OK

414 B

URL HTTP/2
img.pay4d.info/kontak/sms.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
414 B (414 bytes)
Hash
ab01bf284d3245dad051381855a39f35
51de83afc1fe4a2cba4aeb647d260a7e3fa32001
ab5418701d478deee3c36600c7d7101b44d902461008cecd4eef93d882eca238

HTTP Headers

GET /kontak/sms.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 414
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3655
content-disposition: inline; filename="sms.webp"
last-modified: Mon, 09 Sep 2019 19:19:33 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6757
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9%2Fny6G0%2F6iaSSI0yxUvahQTtB%2F4wEDjmJd4I%2BEy%2B4xEWysbZ0yWjsQEb1lKTTNU3RI9lUed%2Bcv6ng%2BI9gHLNv7ivhi%2FxTbZV4h1ArTO2%2BzQPMHLZY1P8VFzPfU4Gfx6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffcab515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-pg.png

104.21.16.186

200 OK

1.7 kB

URL HTTP/2
img.pay4d.info/slot-pg.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.7 kB (1740 bytes)
Hash
86ec152055228538f1a8f8943f179a97
ef30830c693272695c7cf5f2ac12679c75a2db18
a643c08a5d025958c4499731c62c3cc78663aa9c6bd2d567bbff38b4637b339b

HTTP Headers

GET /slot-pg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1740
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5084
content-disposition: inline; filename="slot-pg.webp"
last-modified: Tue, 08 Jun 2021 09:18:38 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytcjRD7utQbL7FpF%2BzZvTWYF1GfuJC96fGfj6Ux%2FpzoBQamElyqLv2lHpZPDylYkJZWOP%2BTtfKJtXz%2B2SqTy91udkPqKsLpieK4Lfd77eOnWHqucVjfm%2F8b3hQSSCL3F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffcdb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-prag.png

104.21.16.186

200 OK

1.4 kB

URL HTTP/2
img.pay4d.info/slot-prag.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.4 kB (1416 bytes)
Hash
8e7ecdf154298edbc92186de70734ff7
10402bf0a46147d1b1e6e41ded452c24faa6dce6
b13a36e2d82b2cd019af41f40af642d37641573770e11980ecc12e2dce55d713

HTTP Headers

GET /slot-prag.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1416
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5251
content-disposition: inline; filename="slot-prag.webp"
last-modified: Wed, 18 Dec 2019 05:38:15 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98CJRz7ADO3EGzN0pQiZ143glwjXg3dac1T%2Fn2Opf03TmkGKGim3vIXtc%2B8PuTjvodo%2BpFvbiuDZKUV%2FodlOcus0A23%2BrsdutTlCXvau9eGpRa85PKiK46o%2FRECEew9G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffccb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/picright-b.jpg

104.21.16.186

200 OK

20 kB

URL HTTP/2
img.pay4d.info/picright-b.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (20500 bytes)
Hash
6084b4a9789ddafce74807cc04ce657a
1d7e34fa0187413b841e06ec66816732e82bbe69
3758fb1ff8db5e58343f27e256f83a5a5cc1b9d3c79befd3570b741b66c0ac44

HTTP Headers

GET /picright-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 20500
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=31540
content-disposition: inline; filename="picright-b.webp"
last-modified: Sat, 30 Jan 2021 11:16:22 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSJ0ahaPTHH7ubsQ1IgMeiLE8sFgJOCb2VPuNJVNKClChDhfdfiZJPK9fW%2Flzk0zIQlw24%2FqnCrTIlIfTfBlGiWDPAW2MZlWaKEam44aQhMuhr5dobXl2rEyjCYDx49p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffc6b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-cq9.png

104.21.16.186

200 OK

1.2 kB

URL HTTP/2
img.pay4d.info/slot-cq9.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.2 kB (1182 bytes)
Hash
c1a383f5c29c2a1abb0146f00f976edd
d044fc1b18c28a0129ef1ffbeba52166614d057e
cef9e6fabf6bc11ddbe76f0abec0e0f7106ba78a0b5499c3c640d82c8a7d6701

HTTP Headers

GET /slot-cq9.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1182
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4157
content-disposition: inline; filename="slot-cq9.webp"
last-modified: Wed, 10 Nov 2021 17:01:06 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTtkt7jSTCQvI8EovHXbpPMYa6Zlh4DvFs7cAYhsNvsB3%2Bn8%2FWdbZ07HMLBNp91mMaCy0QMXDU4a2XeIrVKD%2FBS1Z%2BivuYH0qWp%2Fxh0ax911sdB46MilagocCvALAXyF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffcfb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-spad.png

104.21.16.186

200 OK

1.3 kB

URL HTTP/2
img.pay4d.info/slot-spad.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1258 bytes)
Hash
d6290e499ede13e741045d26dfbd95bf
73a41f0d753bb0843be9bfb147e1999ced0e30d5
ccdb75fdea9558a8454442831c45017f205cd8729bc2f0399b91e1fb2473cd89

HTTP Headers

GET /slot-spad.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1258
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4945
content-disposition: inline; filename="slot-spad.webp"
last-modified: Wed, 18 Dec 2019 05:38:16 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2oFR5A6AwzryFQv54opzfLwysY%2Fq1VHABtfrJxYoh5gYpf%2BFynE3YElxwHcLhh8CpZBcaWXsLxLJnaXHTZzvpRhydnsQ1Mw9r9puycrlsgNBvyfboIcS3tG9%2FJ7dRn0t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd0b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/kontak/wa.png

104.21.16.186

200 OK

378 B

URL HTTP/2
img.pay4d.info/kontak/wa.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
378 B (378 bytes)
Hash
18d9883e1a072905361ca73d34a57734
c9dcf63a7866cd530f7615bd220e7ce4e81aad0d
a06f5509e0ed17a2901ee5d71717a549f53e66dbec7607e3944cb418c60688c5

HTTP Headers

GET /kontak/wa.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 378
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=1628
content-disposition: inline; filename="wa.webp"
last-modified: Mon, 09 Sep 2019 19:19:48 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzXz41HUlJExtNOXMfZF3tQdzRufXOKSfcfBz%2B%2FoTEzhi0qshAU2wrsY4WfGwCGiV3%2BS%2BhRZiOycc1donRqBUxQ%2BVzX0cseLS3is%2BoMYt2E9VSVa%2FE2ysnVS2FZDea5t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffc9b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/mobile-casino.png

104.21.16.186

200 OK

4.0 kB

URL HTTP/2
img.pay4d.info/mobile-casino.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.0 kB (3982 bytes)
Hash
a4ec13dedac773682a95ad0357c883d9
ac08067b8b14c320590fd8e0d9f46fee95c98064
34d33f63decd18d046d7ce1eaa41df45fd546a36c020d1aa2460c68d4e382a05

HTTP Headers

GET /mobile-casino.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 3982
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8816
content-disposition: inline; filename="mobile-casino.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czDeWVJ18TtKXpIBT5HtQEm1glzLK7oWEBPO8GmORIpBX1mTnDqF0mydX9rFL7vOojYHrLkJUHryQYrGKXG1XqQ4mIXTc3rPJ%2BwZpxdZZWuU%2B3FdAHKY3omCAmndSHfY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd2b515-OSL
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js

151.101.85.229

200 OK

11 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@3.4.1/dist/js/bootstrap.min.js
IP
151.101.85.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (39553)
Size
11 kB (10942 bytes)
Hash
3d7736f3e0093bfcece832c8a1dced40
4421527237d7cf60ab3a8605e131d90370d59f8e
9bfb0fe335300ad7521ccc87e8a1d7be601958e3a9b9f0ea8f98cc7fa3946e70

HTTP Headers

GET /npm/bootstrap@3.4.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.4.1
x-jsd-version-type: version
etag: W/"9b00-sW/YImvWv7COVo8bHQoh1gJHzvs"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Sep 2022 12:36:09 GMT
age: 11971646
x-served-by: cache-fra19167-FRA, cache-bma1625-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10942
X-Firefox-Spdy: h2

img.pay4d.info/mobile-slot.png

104.21.16.186

200 OK

3.0 kB

URL HTTP/2
img.pay4d.info/mobile-slot.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.0 kB (3002 bytes)
Hash
bd496c55acc5fdb1ebe53c18e7b78a2e
256827a0c6474898129d22b1cfa7fadc88d96b70
414beef5dd52d21ddb304d58eedf9a6503a42523de9f54922c76f567343cdfc3

HTTP Headers

GET /mobile-slot.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 3002
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="mobile-slot.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2Bl8YREk90QmFYYMBbkBKGrvtFQN%2BuKmdg%2FiGuG5eNKxD5yoYs6p%2FBCmFgxenuH%2BDJbmZaHvF109iYaOi1Yq1mhoR0h23DSxt8h6GKCWituuynC%2FvGLhFtc6xbpzplis"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd1b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-jok.png

104.21.16.186

200 OK

2.0 kB

URL HTTP/2
img.pay4d.info/slot-jok.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.0 kB (2000 bytes)
Hash
c3d6ce73337d8098402370b95ce184d6
f82824809e6fc6b5bc0696c7dce5942ab17abac5
21cd86f323c17093d4d78ba1e98352a00c8459cb70d1135006cf1de90b0388b3

HTTP Headers

GET /slot-jok.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2000
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7983
content-disposition: inline; filename="slot-jok.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITB5IKoWllP%2B2Dq13CDnzJZHhFEcCS61MG1NK6P20oZExZM%2BtmZnbhnSuQLipv7yJ9DR%2F%2BF%2F7cIi07tbbLPUeU0ILEjbKRh8QDBdTPH2nQphdGAFFrrDDdoQe4lN7cxq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd7b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/mobile-tembakikan.png

104.21.16.186

200 OK

2.1 kB

URL HTTP/2
img.pay4d.info/mobile-tembakikan.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.1 kB (2106 bytes)
Hash
bfdeefb05e569edf1028afb65895653c
97478d745112e48f9400eaeab7e84c41c60ceec2
02f0b6b2e6ee24f5bf2774b69109e9f1f0c5d1deafda081ed4c48d62b90ab9dd

HTTP Headers

GET /mobile-tembakikan.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2106
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5201
content-disposition: inline; filename="mobile-tembakikan.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BgbDhO9uRVJ6hE38VTVnvv1AhrDg3cUzi%2Bvq6gjnmp1%2BGnzSVHcQDXm4FI3%2BwqdPj3e9eTsUH1Rb6Zm0ll%2FWemrQoNaEGQ0vA1kxHWlZJG5PFdaNfV%2Ff0cD0RXepkYZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd4b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-mg.png

104.21.16.186

200 OK

1.1 kB

URL HTTP/2
img.pay4d.info/slot-mg.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.1 kB (1092 bytes)
Hash
ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72

HTTP Headers

GET /slot-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="slot-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:42 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVTIx40Iu43cbO9yNVG8Fghux9yKf6OFr0znnOob%2Bjcag58gDJ7yfM9A1lLURALL6c4PnEFPoQsltNUtcx6LVt7691ctTB4ZRCTlDMMUfz8N4POt9NrX6G3Sgo4cb5pH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd5b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-ttg.png

104.21.16.186

200 OK

356 B

URL HTTP/2
img.pay4d.info/slot-ttg.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
356 B (356 bytes)
Hash
3ce52bfdf47ac5aeec429c7d844f8309
20ecca3cdae26598825aca9d3180721585936d76
574449c76cb20fb822d17cec93a25ed069371c78d8f6e9efb0daa4924a411a56

HTTP Headers

GET /slot-ttg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 356
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2467
content-disposition: inline; filename="slot-ttg.webp"
last-modified: Sat, 14 Mar 2020 09:33:42 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wxd3axr%2BQIEztnT%2FYEV30%2F36Pd%2FlIiZ0bZ%2F3w3Gu3skTzgDTnZX5hFCBwFLLdHnooKU%2Fi0FGHAuDHPVmrrjXkfDjGGkvxbkkyVzeWUdjpxMD2RTgUHjGfT89Q3WxxDeU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd8b515-OSL
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

69.16.175.10

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664109369.dop002.sk1.t,1664109369.cds209.sk1.hn,1664109369.cds210.sk1.c
X-Firefox-Spdy: h2

img.pay4d.info/live-sg.png

104.21.16.186

200 OK

2.8 kB

URL HTTP/2
img.pay4d.info/live-sg.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.8 kB (2814 bytes)
Hash
5fde10bbbfdf170112f4bc9859955ed5
e73a68c4221288b52a848a67801f9bcd387ba2ea
60bb4f59c40e9ef9f1d2be56a2a7324a8750e339de1efb9b96840314b8581628

HTTP Headers

GET /live-sg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2814
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=11259
content-disposition: inline; filename="live-sg.webp"
last-modified: Thu, 10 Dec 2020 08:44:39 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTxF9c8JA0ecOJUVjGAiozRAUIgX8rU2u4OAX2L8KGmNcwdkaZiXFlQrDv6StkFP1xSzp5V7hAImzbimV%2FQnk%2BWsSd4q4YwK7oWkbJHkLYD8TJqcctxdsO%2BUDvJ1MBfF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffdeb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/live-pp.png

104.21.16.186

200 OK

1.4 kB

URL HTTP/2
img.pay4d.info/live-pp.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.4 kB (1418 bytes)
Hash
1f1aa38c5a91ca20b6bfdee9245eebc2
5f00a7a39257fc368e3fcaaf0b923f6a9fd49bcf
57d9d0b26be6a4ea6d8894ff8dab03ea2c4400155146d5380281f4a589966e65

HTTP Headers

GET /live-pp.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1418
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=7765
content-disposition: inline; filename="live-pp.webp"
last-modified: Fri, 26 Jun 2020 07:51:40 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PODc3aluWebtq8bm%2BJpDFyJTJpjyTnkhMDO1%2BsRlP%2ByCLy9f7dHZag83mZhV1CoUUpfUWXkISKg5MKb5GO90%2BoC3SdmYN0PqCwtGF1VfgnB8%2FnDLke3AlHUhI3N0%2Fx%2Bj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd9b515-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img.pay4d.info/live-opus.png

104.21.16.186

200 OK

1.3 kB

URL HTTP/2
img.pay4d.info/live-opus.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.3 kB (1330 bytes)
Hash
ff58f7baf1903414b9e121fa194c01a0
9686d2811e39d923e00d3573d187e84dda29fdba
d68d2439ada8dcdb278433a33da32e2659f34ce90cc7c9023180bbd3dd92f54a

HTTP Headers

GET /live-opus.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1330
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4303
content-disposition: inline; filename="live-opus.webp"
last-modified: Fri, 26 Aug 2022 10:55:33 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQPIZmktECSZQmKTSexdSid1K9URPwP8ga9rzgZstVW1yp%2FEx%2FWKt6seXkJ8TQ2w63VrxwOKktP3f2ehFu8%2Bh6MKmfBHpR7thRxb%2B%2FjDghyqd7quIHj4L6sAqHOE1CoJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffdcb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/live-ion.png

104.21.16.186

200 OK

2.4 kB

URL HTTP/2
img.pay4d.info/live-ion.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.4 kB (2434 bytes)
Hash
1a48e4a72414e5587b22eb4ac4ae959b
a3ac92a04917abab71a98503dcfff52be3af7cdb
e48ccb777ed57ca1eee701da53a8fa2d85b64639d0b8210e3160678e1753b144

HTTP Headers

GET /live-ion.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2434
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6674
content-disposition: inline; filename="live-ion.webp"
last-modified: Fri, 26 Jun 2020 07:51:41 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8JsfM0vfykdAkbhkbjWPBQg5DFqLjcHwbVJi1io9QRC3GUOJKGfJYnD6k5s648FApIM%2FAQwBUmMsQw%2Bl0EwpoKZFvQXMwtbQOtdS3ZjdGl%2BAnMayCwxHLvgd0CdFzm0j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffdab515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/pop/mobile-opus.jpg

104.21.16.186

200 OK

33 kB

URL HTTP/2
img.pay4d.info/pop/mobile-opus.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x200, components 3\012- data
Size
33 kB (33440 bytes)
Hash
1a741b1e66e6b8a399d778a7ebc2581c
1b4fc2b3eda9edef9b20a61aca4abf7b4af807ea
2ecda10bf93da77ae1b209875f35a6ca4469653b76d14192236fed3b143fbb88

HTTP Headers

GET /pop/mobile-opus.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/jpeg
content-length: 33440
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=52978, status=webp_bigger
last-modified: Fri, 26 Aug 2022 10:37:26 GMT
cache-control: max-age=7200
cf-cache-status: HIT
age: 6966
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyxokD%2FrhC5FceFjU2%2BriHuvCEoQSXbCuxfPAXOi5R3pi%2Fra1oPWZJMitCo1iAtfbzoitia0%2FiRSL1Wj4Xqu6Q0N4rXF3qoi8M64IoG401omMSe79qO%2B13Cjl0iIC1Im"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7503cdc9ffcbb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/live-mg.png

104.21.16.186

200 OK

1.1 kB

URL HTTP/2
img.pay4d.info/live-mg.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.1 kB (1092 bytes)
Hash
ab217824849c8bc2f05240458ef55574
06b015108c8fc22469d8e5a4c371e6d05c04b624
326039e01fe95c632ec94f34f39b85e61715f2a5abcdb555d937ec140574aa72

HTTP Headers

GET /live-mg.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1092
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=4064
content-disposition: inline; filename="live-mg.webp"
last-modified: Tue, 15 Mar 2022 06:24:43 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRkzR8sb2rGUkBw8TEsR7r6wxgmsy4BwBX2QWzdQBQQLARZtKZY5LuE7LEeKhxpmOBIOhaaujFdetfS0erStbhP%2FAAsOjLUYb5NSeVJ%2BQupSIJND6wb%2F2oXr1KvZGZ0z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffdbb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/slot-hab.png

104.21.16.186

200 OK

1.9 kB

URL HTTP/2
img.pay4d.info/slot-hab.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.9 kB (1888 bytes)
Hash
158c1eeabbd166126f46035ec5e6d457
83fa7159d10da9989fc9853ee6f96ab57b065e83
11bd40a973e0e088856ced2e923bb0badeb4291c9ea0d11386d9a469817eeda0

HTTP Headers

GET /slot-hab.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1888
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5768
content-disposition: inline; filename="slot-hab.webp"
last-modified: Wed, 18 Dec 2019 05:38:14 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQxXzUPyMQpHblxt2kD3pX%2Ft71Z89RMKQj6kBm5%2F4gHkZk1SoDrY0xddhCoXFGqOV8qLx6Gj5ujpbwTqFhuTyrYOZ7Y3V4uumiKgaRjrO%2FHm%2B%2BwEgSxRmucg37J2O%2Bxd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffceb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-fishing-war.png

104.21.16.186

200 OK

4.2 kB

URL HTTP/2
img.pay4d.info/fish-fishing-war.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.2 kB (4158 bytes)
Hash
5de4388ad28949bab321d81e8afd639b
320c986e3c630e937333639364dcf80ef7dc19a2
54d4dfa543f1b8e4c544ce229b644b2671722eca476c6b8cb9df759e2375561f

HTTP Headers

GET /fish-fishing-war.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 4158
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=10616
content-disposition: inline; filename="fish-fishing-war.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipGfMJ2k1ySDR3HSYuQzOiBcTFMysiqRLiXpasOqqV70zQeX2WDbzGAw85raCY5LSaHcBENtGfwS6LFoYgCUWrEBXl1VHQ%2F4qGV1LcbY6LXUaeKZQiO2GBLKwHewxINf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe6b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-king.png

104.21.16.186

200 OK

5.3 kB

URL HTTP/2
img.pay4d.info/fish-king.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.3 kB (5344 bytes)
Hash
bfe8d34599427bd62add24c264452020
8bd6a830e79b10a7370b3fd5312fe9aa7f372e5b
c9269a68bb0f2890eeaa50f7c4b4bbe99f75859430ff9dc6804e5ba39158661f

HTTP Headers

GET /fish-king.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 5344
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=13656
content-disposition: inline; filename="fish-king.webp"
last-modified: Thu, 29 Apr 2021 07:07:05 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7I6vIy5sD2fL%2Bzfkm5iY%2BmUbezvD3ie4ed4gtnSI2tiOYB3YRrBIbCVlu3anej5EAM%2BATPtYHdIWuaXH4dhexNZHYEX95HZhcdnSKMtwvxIgR6fVdz9scz65aSWIPfx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe1b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-fortune.png

104.21.16.186

200 OK

7.2 kB

URL HTTP/2
img.pay4d.info/fish-fortune.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
7.2 kB (7152 bytes)
Hash
e6712920f5eed30570d08ae1a1ecd4a6
afb7a56d3271ecdacd214f5fe6300c68ef6d869a
2bb1a8652afbd37ffd177c8fce3952e1378c13576f2515f934385c6936c1c501

HTTP Headers

GET /fish-fortune.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 7152
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=15591
content-disposition: inline; filename="fish-fortune.webp"
last-modified: Thu, 29 Apr 2021 07:07:05 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kRC3EWoVeoX7pMt92Wz61SlsD6as%2FYehu%2FeDz4XcRcgXXB5EOlHZ7LRf%2Fpc26lbcdIDICge5lLvmgaDrZX%2BH5NZKRHhXz8OpRgS7saCMZKFG144pitkLwkayLK6L7Y4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe3b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/informasi.png

104.21.16.186

200 OK

496 B

URL HTTP/2
img.pay4d.info/informasi.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
496 B (496 bytes)
Hash
55734ca433dd15622f992f24a3750a77
625812100e07a5b85b1dca90d622c0deafa3410d
0b31e72e9209648652af2a9e36541fb4ca4015cdbca7f29ae1993824d379c395

HTTP Headers

GET /informasi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 496
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=2507
content-disposition: inline; filename="informasi.webp"
last-modified: Sat, 30 Jan 2021 10:28:59 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dahO4Vt4THTPoNpvDMlwPkg%2F8dPZ6TeG3AXr3LYtcLSy7iTgB55YrZjotIAnroo7wlfs6ZzSJ018FDKzBbK5VbcSLETRoiKHGAYjnrv1MAEDZeC9c6qhqsLNvprwPnDi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fff1b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-alien-hunter.png

104.21.16.186

200 OK

2.9 kB

URL HTTP/2
img.pay4d.info/fish-alien-hunter.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.9 kB (2884 bytes)
Hash
44ed1c2cb6486482db8d337636bd9494
7d7f1961857c405b2d72078ee512626a79ce2504
165db214f71fc24501cec62e40869ad284f2ef1fddae90933b570a605608b2a3

HTTP Headers

GET /fish-alien-hunter.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2884
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9071
content-disposition: inline; filename="fish-alien-hunter.webp"
last-modified: Wed, 07 Jul 2021 11:05:14 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Bp6QCNhTd%2FCc5fuE0Y1tUAtGeBnB9vgQPSQE5gCIYLb49p53V9i6MdvfRvEDHM4cBpFKI5Q9FmaTiRL2DRczX6HMzlxa8gSMqPnO%2FY%2FdSFPrxWechYUA4NhSOacvdI3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe7b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/sport-saba.png

104.21.16.186

200 OK

1.8 kB

URL HTTP/2
img.pay4d.info/sport-saba.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.8 kB (1770 bytes)
Hash
9dc335c8ab6468b47a49e492aa97af52
e8982a717f2557a1242a1dfd4511ceec6b47cd70
277b290785f86422c338396b72410c9dfb7f0672b608e6808f41365b3579f26f

HTTP Headers

GET /sport-saba.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 1770
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=5247
content-disposition: inline; filename="sport-saba.webp"
last-modified: Tue, 30 Mar 2021 12:17:39 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XRcXOHM4O9igIh1fGABG1sykv6bwl9PHniO5dB6W7pJSWqwySVbnm3CDWyJLNPru8dhJwL%2F5oxpPmG7xshVKOOWu5l%2BXKZ0bem5sUZaXzSeu0lLzWpJHMHdUiaq4tge%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffdfb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-monster-awaken.png

104.21.16.186

200 OK

5.7 kB

URL HTTP/2
img.pay4d.info/fish-monster-awaken.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.7 kB (5744 bytes)
Hash
17b31d7f074cbfcfd8ea279d396dbe43
1b87e34aacc5f9be358c974a2d473884659a6156
81a5cc9f4bf4c3531071881ca492945c1b294de02e3758f2418f5d0caa7c52c3

HTTP Headers

GET /fish-monster-awaken.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 5744
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=17943
content-disposition: inline; filename="fish-monster-awaken.webp"
last-modified: Tue, 18 Jan 2022 15:27:02 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0SnOzDW8kxbw3ZoR%2Bz%2BOC3CEY%2BJSfbJzQkQgQ%2BXD6SJHojY7BP5FFPPv7njBZTUIuAO641FVU1FghPqB76ZZVf3Qo%2BUHrDOlYUTZiJWHQJwmXU5odtBUMWKJZUh1Ze%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffeeb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/mobile-sport.png

104.21.16.186

200 OK

2.7 kB

URL HTTP/2
img.pay4d.info/mobile-sport.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.7 kB (2730 bytes)
Hash
02a8a80face04e69f3bfa68f686f57bb
61f8a41a95694c27a307199407af513dde0dc43e
d9cd2cc3ba7a11673f072f321e83694c7da5979c0adda00e26de15d9a1f43797

HTTP Headers

GET /mobile-sport.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2730
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6408
content-disposition: inline; filename="mobile-sport.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQDgYFQ2YU8j%2Byy7zBwT%2Fd5a1AvWowDvNqqf2zjmxXnKGZB2qno%2FzHq%2BARiEXFr1nPFIr8kG5g8T7ANtsOntHIqvu0yloxy68aa%2FcK6rMu75lqCiES%2BuG2SnBC4TufkY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffd3b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/live-all.png

104.21.16.186

200 OK

2.5 kB

URL HTTP/2
img.pay4d.info/live-all.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.5 kB (2548 bytes)
Hash
80ab66e968b68828f745dbd67b94dfc8
18d70a225ba9f5c51d79d286178312966d339f76
bf207416b528a9c36145e5943266d17c909af991f3512d62636b85eb8232ab5f

HTTP Headers

GET /live-all.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2548
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9511
content-disposition: inline; filename="live-all.webp"
last-modified: Mon, 07 Sep 2020 10:34:19 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsfirryKSDpeGsH%2FbYkktVRG6n2cKl5OGm4wtHh1gCBh4RQb4qyACnrtalIJSQCeUIaXrGGLeTTtxixiSYFOCl88sTC1yt9MMjtsFysNUYmt63M96H8c1MKLxTu9jZy5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffddb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-fish-hunter2.png

104.21.16.186

200 OK

4.3 kB

URL HTTP/2
img.pay4d.info/fish-fish-hunter2.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.3 kB (4296 bytes)
Hash
d884b811392a518d1b9c74ae0005f6a8
2c8303ecffe16b96a100ec4d080c0d35d0b689e6
56269b06be18f16df6744e4645585601cc23bbc9813f24ef45e88c2048b84518

HTTP Headers

GET /fish-fish-hunter2.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 4296
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=15002
content-disposition: inline; filename="fish-fish-hunter2.webp"
last-modified: Tue, 18 Jan 2022 15:27:02 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYHl4r4aBybmAtMsp5bmY1YiJ39eJddjrMPqQl6rk%2FvcGpJAJ7BL5wLBjddAG%2Bgjpl2g8xzK%2FRGyu5T%2BQYdCUJ7uuJhxILCUl7ACO7UWBXm6VyGi5F9kjmp4810ePxeG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe9b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-golden-toad.png

104.21.16.186

200 OK

4.8 kB

URL HTTP/2
img.pay4d.info/fish-golden-toad.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.8 kB (4784 bytes)
Hash
c7cf10646de5a7b6a8a3b4ef656a7c96
7e130235c936650bb8788cff5bc183b9ce1ba8e1
551cb6052ba704dfb0773c319672c725cf92251c173b53eb75002d996519de00

HTTP Headers

GET /fish-golden-toad.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 4784
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=16740
content-disposition: inline; filename="fish-golden-toad.webp"
last-modified: Tue, 18 Jan 2022 15:27:03 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMl6WmT2Lj2I4biMbEimkHMUK9XsRgJ2txJCyxLivOO%2Fs5TfnOyCAuRRVdfPn4sv%2FO9LzVY0TQ4weEPXvBlCymgb8Kj5Uo%2FrhF1iN9TFfCOlrX8dMPTLkIDKbToR9WWb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffecb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/buku-mimpi.png

104.21.16.186

200 OK

734 B

URL HTTP/2
img.pay4d.info/buku-mimpi.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
734 B (734 bytes)
Hash
47e11b51ac743eaa8cf239317b274ed5
2f8e7efe94b9a2bc33e4a2cfa5d56c767e53f2b6
e102b58cf346532436c7e47dc3e2e29fc53b5b550e0fcd1c4200aadce03bb7e6

HTTP Headers

GET /buku-mimpi.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 734
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3014
content-disposition: inline; filename="buku-mimpi.webp"
last-modified: Sat, 30 Jan 2021 10:28:57 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7PikAmUyX7TntLfO%2FNVCAjcQYTG%2Ftvz1FhoeayH5MofeEkd9x0zy0SncbUcwuE57K39UAYF5wfNPpqeTm3c9rNL0pVA1tyBxGu7Y8nzAE4pe7KA8z%2BjZllZoEpV06dBv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fff0b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/picleft.jpg

104.21.16.186

200 OK

22 kB

URL HTTP/2
img.pay4d.info/picleft.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
22 kB (22120 bytes)
Hash
b3c144aa8759b8944bbd3f2405c9dce9
35991125f2b8ee9ba5db1f06885e1abfed11349e
7da8bea9c11358f7c94e3e4ad00fafe4c8f0be1a5c3f98faf8e2c2ee4fbc8bdf

HTTP Headers

GET /picleft.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 22120
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=31152
content-disposition: inline; filename="picleft.webp"
last-modified: Sun, 05 Jan 2020 07:36:40 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3S4VKr8z5ph%2FFYqw%2BPKS467pMivoFiuJcpO0cb8PPm6Th3WSP%2FdjYxL2%2BXq%2F0EaAkJ6pOA6vWxlgSeeOctjG7Ux7cd180zBagVId9z7CAkP2NjF76t2f3BWB%2FMSuyQ%2B7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fff6b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-fishing-god.png

104.21.16.186

200 OK

4.1 kB

URL HTTP/2
img.pay4d.info/fish-fishing-god.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
4.1 kB (4084 bytes)
Hash
a0948f83578f51b07453a73d2e7feb0e
0e3f824762ed0f79c93200f05b8b631535e62d50
294f599a73342736676eb2d36724e27f9ace65053d1eec0d5267318608dcb49d

HTTP Headers

GET /fish-fishing-god.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 4084
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=8579
content-disposition: inline; filename="fish-fishing-god.webp"
last-modified: Tue, 30 Mar 2021 09:18:46 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjvjCsKYfwe0EjcHvG7LnpSwoWYK%2BpOKSzj%2FEwQDuh1syUecyYRJRs4Fc%2BUi%2Bv7Cbn8OaOVxGLVBFpogAd0CX40222k5uoDeogPitC7V8AKCRPWmNDGS9aaVINMhJgav"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe4b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/fish-zombie.png

104.21.16.186

200 OK

2.8 kB

URL HTTP/2
img.pay4d.info/fish-zombie.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.8 kB (2760 bytes)
Hash
88304eeaf81e9ebd296a0d0e2ddb7be2
32c2c254dfa81406883e0507339c538a4af5ce3b
fab65eee93acd119c34e221f22ca4029d06a9fa9a5d93b56be894e4247ff7d81

HTTP Headers

GET /fish-zombie.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2760
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=9384
content-disposition: inline; filename="fish-zombie.webp"
last-modified: Thu, 05 Aug 2021 09:13:00 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kEwd%2B16P9tPYuO1L45YmdTkEvgUUT3BE%2FGfVxpoNT2vChTbKJKmm98YNBaxZ7e0jQI3hl0mf9%2BGJyIYorPSfRIAqmZQyUIJaBm71n1Tsp90aqFhXFwViawH5HOLOQ%2B5r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9ffe8b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/picleft-b.jpg

104.21.16.186

200 OK

10 kB

URL HTTP/2
img.pay4d.info/picleft-b.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10300 bytes)
Hash
ffc44d96c2f70183d6dc4e7386e591ec
b98e823c37532f6f8b4edb782d59e48a9f7a0ad1
e0ed92506e36ea12b758dcb14f79c2df16e7dd8c664ed35f7848dee46cf93ff2

HTTP Headers

GET /picleft-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 10300
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=31827
content-disposition: inline; filename="picleft-b.webp"
last-modified: Sat, 20 Aug 2022 09:16:38 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEPpPRbow0NDkleIihvAyUhKIncE2ycQMUagQIcIb2tMMfR9ZThJViDIelUneQM3gJ0BUEuusqTlqoox7L1Ma4Gvq7CNMGNmD1y%2FdpIRm58TKukbRHNHu3d%2B42kbpNKP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fff8b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/mobile-togel.png

104.21.16.186

200 OK

2.8 kB

URL HTTP/2
img.pay4d.info/mobile-togel.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.8 kB (2816 bytes)
Hash
24ee8246bf5b00f82e391b3de2c9530d
44b86adefeab3260148aadfa367cf35c602b6761
04ea1ba435c65231d96bea3e735c0bc193beb05f7e921a354ef593dbfd7528fb

HTTP Headers

GET /mobile-togel.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 2816
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=6237
content-disposition: inline; filename="mobile-togel.webp"
last-modified: Mon, 01 Feb 2021 07:21:49 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rixfGkr2%2BJ8HDmXAPWl3TH8g4%2Br95Gz%2FqusC7%2Fq7HkPkOnOTlQeZGXtSDQrEA2OC5zOQQd4ulLyr0dK5XF5h7eg7m8JWLl3RnhOYctyvg0CmQ7J3TGmqtAs6o8xx64xg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fffcb515-OSL
X-Firefox-Spdy: h2

salingsilang1.com/

151.139.128.10

200 OK

30 kB

URL HTTP/2
salingsilang1.com/
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
30 kB (29821 bytes)
Hash
f19d7ff1ae857a19a4b53ca33d15dd6f
114adcff8d59af0cc1abc9aa874fe6c81d46aca7
5d8b68e2e560f067d083ab46b55355552adc98f716b818565efd94769d97e174

HTTP Headers

GET / HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
x-frame-options: Deny
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
set-cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26; path=/
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds224.sk1.sc,1664109369.cds224.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

img.pay4d.info/picrightsport-b.jpg

104.21.16.186

200 OK

8.8 kB

URL HTTP/2
img.pay4d.info/picrightsport-b.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.8 kB (8820 bytes)
Hash
c2b17bb05db41f4f1186e5d987087562
f45de0b30247203ec55d291a7d0bbae0f9868f4e
f22bd2c23b0162505984cdf986b284da94e289b1e7368b65091c101401a3f757

HTTP Headers

GET /picrightsport-b.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 8820
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=31954
content-disposition: inline; filename="picrightsport-b.webp"
last-modified: Tue, 30 Mar 2021 09:57:46 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaTOvFAPoGJCSytiALC9LraQHZbHxw2AvUQKwmrWhpP3yvS%2BvtAuOtUH3mgATSGlg%2FcrI%2BkSkDm72amJQTybj8oO4NFmIinzuVUqm14F1f64GVVIG%2BGRGP7VYNT6HlBP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9f801b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/picright.jpg

104.21.16.186

200 OK

24 kB

URL HTTP/2
img.pay4d.info/picright.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 404x194, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (23856 bytes)
Hash
5e827cb4d5be570a4f0b08ee2e753524
287a211b331af1b23d8f194a7acbcad290b6ec78
d452aa5b176108f2913088294e444e5ca9e9912e011f94bce0b292db0f20783c

HTTP Headers

GET /picright.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 23856
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=34259
content-disposition: inline; filename="picright.webp"
last-modified: Sat, 30 Jan 2021 11:16:22 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG7GF6Jy5Rrhm3tFg0b0UvN4f%2BJkUSBEte07%2BNMdhcgRrUQjejxpZQe%2BYyL4XOXEi3IXsoz58glOavdIURd7mECrYulMsllcXMguASkPUaSv31ZW0wg77g1nxMaQG2pp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9f802b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/picrightsport.jpg

104.21.16.186

200 OK

25 kB

URL HTTP/2
img.pay4d.info/picrightsport.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Size
25 kB (24993 bytes)
Hash
3b5cce490914ff389b19b9fe9196d8c9
fcac72aac93884b261ac94c36a5db3a1528a8992
df3abd207873ccb8b4a0373d6211249263910006a08b4c6b11b33eb288b6af4c

HTTP Headers

GET /picrightsport.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/jpeg
content-length: 24993
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=56663, status=webp_bigger
last-modified: Tue, 30 Mar 2021 09:57:45 GMT
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDqYENKWlrZZGaf5OVZQ3u%2FkF38k0KIb%2BzsVY%2BRldgBeY%2F%2FkZCfUgwt4CxcTY15192HqQ9covLFO%2BxNoJ1mSwkM3AZI0sQ7dSYaLk2LUULqxYHo6B4OEdNZ%2BxFptLBrE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7503cdc9fffbb515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/banner/banner-piggypp-okt.jpg

104.21.16.186

200 OK

97 kB

URL HTTP/2
img.pay4d.info/banner/banner-piggypp-okt.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], progressive, precision 8, 1900x380, components 3\012- data
Size
97 kB (97286 bytes)
Hash
8e4b9f0e80326e0d0dee0413913ca29a
971ccc8e86fbfe35779c3f454c8739578191e558
98e8f44e755093d5f04f4c6eb842916dc0ae438e4cbf310f099d259033f72156

HTTP Headers

GET /banner/banner-piggypp-okt.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/jpeg
content-length: 97286
cf-bgj: imgq:85,h2pri
cf-polished: origSize=121703, status=webp_bigger
last-modified: Fri, 26 Aug 2022 10:37:06 GMT
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0BrBv1yaCNwjbn%2FXRYypoXfidunmuKS2gAgcvb07%2F2F%2B%2FDL2CExJEGzblcn0OJiAn8lu%2B5DalkBoqVHvfCQHpr%2FNLlaYWtTH1ihUKRduHxkjoVoQhTSbFdPOr47kt07G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7503cdc9fff3b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/picmid.jpg

104.21.16.186

200 OK

33 kB

URL HTTP/2
img.pay4d.info/picmid.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 404x194, components 3\012- data
Size
33 kB (32754 bytes)
Hash
139bb87816ebf2d629d2255c272016c9
cab3abb39684b1abd96daeceed659f14da70ff6e
899795cb745f4a953666c8f6e78478c271f4a51e03746fba11d820e59c264cb2

HTTP Headers

GET /picmid.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/jpeg
content-length: 32754
cf-bgj: imgq:85,h2pri
cf-polished: degrade=85, origSize=48940, status=webp_bigger
last-modified: Sun, 05 Jan 2020 07:36:40 GMT
cache-control: max-age=7200
cf-cache-status: HIT
age: 6973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHZiP23Q8CfBmBfvTmqLHra%2BAZYQtw%2FBApDNXq5z3mHX%2B%2Bc2k%2Bx3UJBAxR2hk72IZfCG6Rz%2BC9SmtYiOvyGB2ZV9wtpnAR3tJoZ8RZPxMbg53En8KOSxvQ3qzQ28GQw8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7503cdc9fff9b515-OSL
X-Firefox-Spdy: h2

img.pay4d.info/banner/hbmg.jpg

104.21.16.186

200 OK

165 kB

URL HTTP/2
img.pay4d.info/banner/hbmg.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
165 kB (164692 bytes)
Hash
8ebd9babf7d6a6f02b3fa15fbcf565c9
cdd3721d6c63d22f6923252c3492fb855e620765
a738062c431b5f949c63cf4508dd1c3fa9e80c3b78135694c9df85af0cc46e91

HTTP Headers

GET /banner/hbmg.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 164692
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=176999
content-disposition: inline; filename="hbmg.webp"
last-modified: Thu, 15 Sep 2022 08:06:30 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6958
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZFmBbM%2FBBh7V6UPMNV4zCRlnVNqutkO%2FeBfi4e%2B3LZc559cCdyXofrtcMFakE4qygJ%2FqdkXzO5f7dyQS%2Ber2Tbz490W8oaaEXTZxVhEq4eySRVfXp4mk8chqX7mw6WE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fff5b515-OSL
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
c9e024fb907fc6893ce1ecb04b31b996
764e8a82df54754a7879973de0b9b3a891f467d8
47262071d1f16c4ae1e65fdd2fe63572d31d965c97e28cb2bd04bb90a4c2c475

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 12:36:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "CE54CFEA48ADCF62668CAB1714E76F82D9F177F6"
Expires: Sun, 25 Sep 2022 23:00:00 GMT
Last-Modified: Sun, 25 Sep 2022 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2501
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7503cdca684eb51b-OSL

img.pay4d.info/banner/sg-mar.jpg

104.21.16.186

200 OK

197 kB

URL HTTP/2
img.pay4d.info/banner/sg-mar.jpg
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1900x380, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
197 kB (197186 bytes)
Hash
7214d0345c0f6c018a89b297062eb9c5
28d9d28b373bf4505e6c07bb33c057de52cd6896
e0f82611faca6bf3234bf82ced5145329a16ccd6413da32f68a682b7c986b303

HTTP Headers

GET /banner/sg-mar.jpg HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:09 GMT
content-type: image/webp
content-length: 197186
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=919824
content-disposition: inline; filename="sg-mar.webp"
last-modified: Wed, 04 May 2022 08:32:44 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6959
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IY10wGlYuevka7cZO3UWPM4qlHLzy50nfFMbejJMI0nUqyRHTbQuEXojv9QwCcchTs8VNbdLuDeeljVadCa2wb0HC3WeD1laNyTUt%2BQLbBhPuiwTjk3WuiB5BjLu5I9a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fffdb515-OSL
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.6.128

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.6.128:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tlFlwMyGtNrTAsHwGYYq8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6mL7XU8Ie5Zy6pmzMKAeyEdGv4o=

salingsilang1.com/css/bootstrap.min.css

151.139.128.10

200 OK

22 kB

URL HTTP/2
salingsilang1.com/css/bootstrap.min.css
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65230)
Size
22 kB (21757 bytes)
Hash
99b3142abe0d7154bf83b2d69a1a23e6
aa13092a53ed3220321d7c0ee15876cb65aa17bf
1f51dcb62a711c82e3881592cd1da417108e1f909c4f818aa0a0aa2fd9d6cb06

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377361"
cache-control: max-age=3600
content-encoding: gzip
content-length: 21757
content-type: text/css
last-modified: Mon, 15 Feb 2021 08:22:41 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds225.sk1.sc,1664109370.cds225.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
55404e89e55db252fe6295c42a9d8d16
591574d6063a0b1f10fc49be998f9a09f2a2f7e4
5580e1e06865bb65bd403abcc80c153ac0849eab6553b54318d9fa1283fe6946

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 12:36:10 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 20:32:14 GMT
Expires: Sat, 01 Oct 2022 20:32:13 GMT
Etag: "591574d6063a0b1f10fc49be998f9a09f2a2f7e4"
Cache-Control: max-age=546362,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7503cdca1d340afe-OSL

salingsilang1.com/css/mediaduo.css

151.139.128.10

200 OK

2.4 kB

URL HTTP/2
salingsilang1.com/css/mediaduo.css
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
2.4 kB (2405 bytes)
Hash
cab590faa4c7bf3bbb9d9260e4b1d1a8
116c39b6e3fe28e385bdb8fc43f01f9981ab189b
b1925f374734cf2ed7fc5cd8a1b7344ba248ed7245ace6174a8d37b73ff72944

HTTP Headers

GET /css/mediaduo.css HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377362"
cache-control: max-age=3600
content-encoding: gzip
content-length: 2405
content-type: text/css
last-modified: Mon, 15 Feb 2021 08:22:42 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds205.sk1.sc,1664109370.cds205.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/css/webduo.css

151.139.128.10

200 OK

1.5 kB

URL HTTP/2
salingsilang1.com/css/webduo.css
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
1.5 kB (1473 bytes)
Hash
349a5c525451d9506eab3781302e2732
3111876bdb1f7325c1c560ef6ec9e4022153fb78
3571991343076a73f00e35f7a90541fe93f70a1f1ec402a0329582701e21ec5f

HTTP Headers

GET /css/webduo.css HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614693997"
cache-control: max-age=3600
content-encoding: gzip
content-length: 1473
content-type: text/css
last-modified: Tue, 02 Mar 2021 14:06:37 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds014.sk1.sc,1664109370.cds014.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Promo-20210302203931.jpg

151.139.128.10

200 OK

161 kB

URL HTTP/2
salingsilang1.com/images/upload-Promo-20210302203931.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:02 19:32:10], baseline, precision 8, 2000x426, components 3\012- data
Size
161 kB (161263 bytes)
Hash
808d6e7b4b9d240239bf8e9a3bd245f0
ee2ca6b35017b300c8bfad1ae4b00cac753c4da6
7b5d51f7421e7b97106ba1a742eefb6849b26d2584da325fd060d96bdb63571d

HTTP Headers

GET /images/upload-Promo-20210302203931.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614692371"
cache-control: max-age=3600
content-length: 161263
content-type: image/jpeg
last-modified: Tue, 02 Mar 2021 13:39:31 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds224.sk1.sc,1664109370.cds224.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/psr-hk.png

151.139.128.10

200 OK

5.8 kB

URL HTTP/2
salingsilang1.com/images/psr-hk.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5800 bytes)
Hash
6b33466f1596c700cabc4b5aa0fdeddc
96ca4f0aca9bc2e4d28d9e8ee94868b1413e5199
80eaeccf24ccdf4a13dc2a1c1b0780681678cee4c40e3d13bb55e9f16e8240d9

HTTP Headers

GET /images/psr-hk.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377376"
cache-control: max-age=3600
content-length: 5800
content-type: image/png
last-modified: Mon, 15 Feb 2021 08:22:56 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds214.sk1.sc,1664109370.cds214.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-SlidesMobile-20210302201613.gif

151.139.128.10

200 OK

287 kB

URL HTTP/2
salingsilang1.com/images/upload-SlidesMobile-20210302201613.gif
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
GIF image data, version 89a, 600 x 200\012- data
Size
287 kB (286766 bytes)
Hash
187d885e95baf8dda2b7f420ff9f7baf
555937aad30f9474cce08c214fb8fa48fc2d19e8
d532dcc591b47f8de525ddc0ade232362fe7866d50887225990665a9dbabbdbd

HTTP Headers

GET /images/upload-SlidesMobile-20210302201613.gif HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614690973"
cache-control: max-age=3600
content-length: 286766
content-type: image/gif
last-modified: Tue, 02 Mar 2021 13:16:13 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds202.sk1.sc,1664109370.cds202.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Promo-20210302204346.jpg

151.139.128.10

200 OK

211 kB

URL HTTP/2
salingsilang1.com/images/upload-Promo-20210302204346.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:02 19:45:44], baseline, precision 8, 2000x426, components 3\012- data
Size
211 kB (210987 bytes)
Hash
5d53efb4fe5caee35e798533cf13174d
24b2d59fd50ba62de3e746e0fda465a1743445b5
58e90d983b7c20d2302c4d2bc2233015abff32e137d9a4108968af815ccf7d83

HTTP Headers

GET /images/upload-Promo-20210302204346.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614692626"
cache-control: max-age=3600
content-length: 210987
content-type: image/jpeg
last-modified: Tue, 02 Mar 2021 13:43:46 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds239.sk1.sc,1664109370.cds239.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Promo-20210302203640.jpg

151.139.128.10

200 OK

228 kB

URL HTTP/2
salingsilang1.com/images/upload-Promo-20210302203640.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:02 20:11:08], baseline, precision 8, 2000x426, components 3\012- data
Size
228 kB (228280 bytes)
Hash
8706fef5e87792ed35cfe88b699a18dd
74c7cd5f6bb968bd0a80518a19b36d00c66af98e
794c23338c9fe80001796c91d07065d458dd479d1b4d0f6a0ded1cfeba3da00e

HTTP Headers

GET /images/upload-Promo-20210302203640.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614692200"
cache-control: max-age=3600
content-length: 228280
content-type: image/jpeg
last-modified: Tue, 02 Mar 2021 13:36:40 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds261.sk1.sc,1664109370.cds261.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/psr-sg.png

151.139.128.10

200 OK

5.8 kB

URL HTTP/2
salingsilang1.com/images/psr-sg.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 90 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5752 bytes)
Hash
62f2ba4b9e6571ffa4aaff9df88a1363
062d797e0b0e5d72fe4c67326da651e98120d997
eb3dba84673c3872ef5b868fd31ad9eff4138e566609cfd9fea427d218bb1413

HTTP Headers

GET /images/psr-sg.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377377"
cache-control: max-age=3600
content-length: 5752
content-type: image/png
last-modified: Mon, 15 Feb 2021 08:22:57 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds211.sk1.sc,1664109370.cds211.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/logo.png

151.139.128.10

200 OK

25 kB

URL HTTP/2
salingsilang1.com/images/logo.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 1181 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24672 bytes)
Hash
b8d7fb7db2d695d2d6324221a3092c22
abd8c07cb34b025782898dd066fc248ee12ee9a4
093597ddb2fe09724848cb881b000e7f7e1ba40d2f44eb34940f0f4b875c42e1

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614693712"
cache-control: max-age=3600
content-length: 24672
content-type: image/png
last-modified: Tue, 02 Mar 2021 14:01:52 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds253.sk1.sc,1664109370.cds253.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Promo-20210302204051.jpg

151.139.128.10

200 OK

214 kB

URL HTTP/2
salingsilang1.com/images/upload-Promo-20210302204051.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:02 19:16:24], baseline, precision 8, 2000x426, components 3\012- data
Size
214 kB (214427 bytes)
Hash
816518e5695400010786aa5c23c1e4b3
11c78f51a7165ae0d88ed9a6bf45419859df3be2
37474a436e62b4589f95adf6da952eeded8eb4f93ac63c390269d2e023a4ed81

HTTP Headers

GET /images/upload-Promo-20210302204051.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614692451"
cache-control: max-age=3600
content-length: 214427
content-type: image/jpeg
last-modified: Tue, 02 Mar 2021 13:40:51 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds248.sk1.sc,1664109370.cds248.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Promo-20210302203834.jpg

151.139.128.10

200 OK

197 kB

URL HTTP/2
salingsilang1.com/images/upload-Promo-20210302203834.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:02 19:01:31], baseline, precision 8, 2000x426, components 3\012- data
Size
197 kB (196804 bytes)
Hash
bac19508c3ac3ae4c2140bdf37e688f3
fd9afdaa67c5b92022374c785f53546d0dc9c593
1d7079895bf35c98ecc1aa4d0f416d5921e97a61681081c225ca56c07980be43

HTTP Headers

GET /images/upload-Promo-20210302203834.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614692314"
cache-control: max-age=3600
content-length: 196804
content-type: image/jpeg
last-modified: Tue, 02 Mar 2021 13:38:34 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds003.sk1.sc,1664109370.cds003.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/bgline3.png

151.139.128.10

200 OK

1.7 kB

URL HTTP/2
salingsilang1.com/images/bgline3.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 404 x 6, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1650 bytes)
Hash
c6eefb30805702f462803beb60a931f2
85c66a25935a7bf4dd2fd43f5bace3c2b51c0475
99f4bf4b833a13c3689036bab90cb1efc57b6375b1aa2bb70c1b7c6f1e211d12

HTTP Headers

GET /images/bgline3.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377371"
cache-control: max-age=3600
content-length: 1650
content-type: image/png
last-modified: Mon, 15 Feb 2021 08:22:51 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds015.sk1.sc,1664109370.cds015.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/logoweb.png

151.139.128.10

200 OK

25 kB

URL HTTP/2
salingsilang1.com/images/logoweb.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 1181 x 255, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24672 bytes)
Hash
b8d7fb7db2d695d2d6324221a3092c22
abd8c07cb34b025782898dd066fc248ee12ee9a4
093597ddb2fe09724848cb881b000e7f7e1ba40d2f44eb34940f0f4b875c42e1

HTTP Headers

GET /images/logoweb.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614693712"
cache-control: max-age=3600
content-length: 24672
content-type: image/png
last-modified: Tue, 02 Mar 2021 14:01:52 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds249.sk1.sc,1664109370.cds249.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Slides-20210301224815.jpg

151.139.128.10

200 OK

220 kB

URL HTTP/2
salingsilang1.com/images/upload-Slides-20210301224815.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:01 17:30:12], baseline, precision 8, 1900x380, components 3\012- data
Size
220 kB (219775 bytes)
Hash
9b6a70c87d332cfa3680901ffef8544c
cdfcbb5616b7ff61115b05f14e15ac9da4714ee5
36e56cbeaecf59e0266fedb83d19b16e79653a8c70780181c070ac55c8831471

HTTP Headers

GET /images/upload-Slides-20210301224815.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614613695"
cache-control: max-age=3600
content-length: 219775
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 15:48:15 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds257.sk1.sc,1664109370.cds257.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Slides-20210215154234.jpg

151.139.128.10

200 OK

134 kB

URL HTTP/2
salingsilang1.com/images/upload-Slides-20210215154234.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:02:15 11:58:37], baseline, precision 8, 1900x380, components 3\012- data
Size
134 kB (133505 bytes)
Hash
dfd6993bd8273e8cb19835aa4277d9ca
79887ba1bb622de57adce59cedcaddb6e3472ef6
4ce0513bd07ede70f7287bdcdacb71cc9732fbf377b55c615739781d9bc9050e

HTTP Headers

GET /images/upload-Slides-20210215154234.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613378554"
cache-control: max-age=3600
content-length: 133505
content-type: image/jpeg
last-modified: Mon, 15 Feb 2021 08:42:34 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds243.sk1.sc,1664109370.cds243.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Slides-20210302202829.jpg

151.139.128.10

200 OK

220 kB

URL HTTP/2
salingsilang1.com/images/upload-Slides-20210302202829.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:02 18:27:55], baseline, precision 8, 1900x380, components 3\012- data
Size
220 kB (220247 bytes)
Hash
e114f4ca6583dcb0c87589932d866e67
ba2b6d92253f574fc072162a0bee8a6e79319b22
ea4837cba3dcb19eae51a48619ec218c799dbacc608f53e7ed656f61cb6f3f0a

HTTP Headers

GET /images/upload-Slides-20210302202829.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614691709"
cache-control: max-age=3600
content-length: 220247
content-type: image/jpeg
last-modified: Tue, 02 Mar 2021 13:28:29 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds246.sk1.sc,1664109370.cds246.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/bgline.png

151.139.128.10

200 OK

1.6 kB

URL HTTP/2
salingsilang1.com/images/bgline.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 576 x 4, 8-bit/color RGB, non-interlaced\012- data
Size
1.6 kB (1639 bytes)
Hash
58a24c2665fb7f579df57251de917005
63c29cb772bdb913b56e8576400a07d018c34183
5f766a1fc283942a59a4587a2f01973c6cc9f90cdc7d2f0bdb4e6dfcf51c7d4f

HTTP Headers

GET /images/bgline.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377370"
cache-control: max-age=3600
content-length: 1639
content-type: image/png
last-modified: Mon, 15 Feb 2021 08:22:50 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds026.sk1.sc,1664109370.cds026.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/upload-Slides-20210301224840.jpg

151.139.128.10

200 OK

235 kB

URL HTTP/2
salingsilang1.com/images/upload-Slides-20210301224840.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, software=Adobe Photoshop CC 2019 (Windows), datetime=2021:03:01 17:49:41], baseline, precision 8, 1900x380, components 3\012- data
Size
235 kB (234571 bytes)
Hash
13883296390fc3b93015c75e917b3b43
56721dbb17a70dca23e011d5c6b69cd98ca0ed35
3e8ddec910649e1ad7dd18fc1eda4c93ddc20c59d0ed98c196ae3a4ef3e1bf55

HTTP Headers

GET /images/upload-Slides-20210301224840.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1614613720"
cache-control: max-age=3600
content-length: 234571
content-type: image/jpeg
last-modified: Mon, 01 Mar 2021 15:48:40 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds224.sk1.sc,1664109370.cds224.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/bgline2.png

151.139.128.10

200 OK

1.7 kB

URL HTTP/2
salingsilang1.com/images/bgline2.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 1228 x 6, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1665 bytes)
Hash
eed67f036988558aaaf8e2ae9ed465bd
8c6b2f9c51f0b075f99e46c9c0332b4c39b5dc4e
752c98325eb5abcf72e8f075b3190f1d165b36635c0d0de9640598f8cae4d4ac

HTTP Headers

GET /images/bgline2.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377370"
cache-control: max-age=3600
content-length: 1665
content-type: image/png
last-modified: Mon, 15 Feb 2021 08:22:50 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds218.sk1.sc,1664109370.cds218.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/kontak.png

151.139.128.10

200 OK

5.0 kB

URL HTTP/2
salingsilang1.com/images/kontak.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
PNG image data, 69 x 287, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (4995 bytes)
Hash
cc9ff1f22490e2cca070a57979aea150
c41c924a335152f8e6b07543ff4384e750e114f5
d13562a3a1a8c4e5dedebdc1924ce73f2944c82937d3f247d087caa16cb565f7

HTTP Headers

GET /images/kontak.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377371"
cache-control: max-age=3600
content-length: 4995
content-type: image/png
last-modified: Mon, 15 Feb 2021 08:22:51 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds255.sk1.sc,1664109370.cds255.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/images/bg.jpg

151.139.128.10

200 OK

32 kB

URL HTTP/2
salingsilang1.com/images/bg.jpg
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1901x488, components 3\012- data
Size
32 kB (32355 bytes)
Hash
32a20255458264ea8b7b82184d76e14e
ab79a840e2f2326277a674a37cf606375a9f72f9
e11ab782436f8a70ff8699d3f51afc07af49f0bad657041df634419f357c0caf

HTTP Headers

GET /images/bg.jpg HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
accept-ranges: bytes
etag: "1613377370"
cache-control: max-age=3600
content-length: 32355
content-type: image/jpeg
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds068.sk1.sc,1664109370.cds068.sk1.p
server: Apache
last-modified: Mon, 15 Feb 2021 08:22:50 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d3ea37777b24ad3132f8bc92164c608e
5701e444a0be8384b9e5e6e04b0c53d5753f638a
167cf989b2eb81bfcba5079d5216c0d83a019938bf47c8b67cbf633fc0070e4b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "167CF989B2EB81BFCBA5079D5216C0D83A019938BF47C8B67CBF633FC0070E4B"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4612
Expires: Sun, 25 Sep 2022 13:53:02 GMT
Date: Sun, 25 Sep 2022 12:36:10 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img.pay4d.info/footern.png

104.21.16.186

200 OK

11 kB

URL HTTP/2
img.pay4d.info/footern.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (11032 bytes)
Hash
7244204c821f1c979d0f73873d9f110e
d59b84a6515e93d183b4b61b9a79a54c4b20105f
397b321822e8476fd599cb7622121c68fd2cfcba671c0452879ec7dbbf15e5b1

HTTP Headers

GET /footern.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
content-type: image/webp
content-length: 11032
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=23420
content-disposition: inline; filename="footern.webp"
last-modified: Fri, 12 Mar 2021 13:31:57 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K5gQVDmCn2ne1qiPc0K5Zcdpfy%2F9ThRY4Rk1bzqRqpZrEe5YCnQivR4Y%2FIE1DPMfXEmJ9Q5fR1aq6CWea4J4A6S7h5qgOwjKgR0RRDkzBrk8hVXisGb5itCnymKvwowj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9f800b515-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img.pay4d.info/logo_providernewn.png

104.21.16.186

200 OK

52 kB

URL HTTP/2
img.pay4d.info/logo_providernewn.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
52 kB (51872 bytes)
Hash
b1e61fa6331d56420333969f0c9b8225
6ccbc6ee10272f5210d993918cd42b55df1ac358
31431bf85871945bc4298fbea664c05332b41529871665995fc60d5692f2f30a

HTTP Headers

GET /logo_providernewn.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
content-type: image/webp
content-length: 51872
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=90396
content-disposition: inline; filename="logo_providernewn.webp"
last-modified: Sat, 20 Aug 2022 09:11:08 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eM2SMFABZz5XwKNBBI6XitM7%2BQR%2B7H1ylQbRlk1t4%2BsduqiBruvMF29VOItNXdQd2Trl18e7w0kiWDOH4M5Kjo4BSGsq7xFvadwx8GFd2bPiGJ3vfFXa%2FJX6%2FNjUlxT8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdc9fffeb515-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Size
45 kB (45300 bytes)
Hash
5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

HTTP Headers

GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:27:53 GMT
expires: Thu, 21 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 320897
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2

142.250.74.163

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9588, version 1.0\012- data
Size
9.6 kB (9588 bytes)
Hash
55d912c794126956bb1e8f41597c131f
f7ade582dbe9d0efe97ae105cab313c6e45904d4
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699

HTTP Headers

GET /s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 16:49:22 GMT
expires: Fri, 22 Sep 2023 16:49:22 GMT
cache-control: public, max-age=31536000
age: 244008
last-modified: Tue, 19 Apr 2022 18:29:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

142.250.74.163

200 OK

47 kB

URL HTTP/2
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Size
47 kB (47048 bytes)
Hash
87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

HTTP Headers

GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:27:54 GMT
expires: Thu, 21 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 320896
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

142.250.74.163

200 OK

9.8 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size
9.8 kB (9840 bytes)
Hash
afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

HTTP Headers

GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:09:41 GMT
expires: Tue, 19 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 487589
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

unphionetor.com/vctx?t=87390

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vctx?t=87390
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vctx?t=87390 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 12:36:10 GMT
access-control-allow-origin: https://salingsilang1.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: ffcb1bb4d1e006c6ff39ec88f4a7ab71
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da681c2f112645651e5b32be2cfcd052
2e57e4163b8ed8ceebe8c6dde5ff1aa5efc7b946
302a7e1f8156051b7c793c61fbe3e81096374431e22bd9821b4aa38e1a5772f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 12:36:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.livechatinc.com/tracking.js

23.36.79.16

200 OK

26 kB

URL HTTP/2
cdn.livechatinc.com/tracking.js
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
data
Size
26 kB (25745 bytes)
Hash
f61292f2ea5acf5598599547b21ded5e
514e2156e842563c85232a017dd347de6fcb79f3
48aa6dae53b928ce44bfbdced0cc27d9a332967dab69d565a116da4e52ded5b3

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 10:03:22 GMT
x-amz-version-id: O_IWnJ8_6UFnDnYWNYZfebEg7uBCf6_J
server: AmazonS3
content-encoding: br
etag: W/"08c0746873a649a99ee8d47403496ba9"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: tTXG5Mtx6BhCs8gZEwvtojVBEtrgYGYAS30SjwYivZxY1ODM_b3c5w==
content-length: 25745
cache-control: max-age=28800
expires: Sun, 25 Sep 2022 20:36:10 GMT
date: Sun, 25 Sep 2022 12:36:10 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12338346&url=https%3A%2F%2Fsalingsilang1.com%2F&channel_type=code&jsonp=__z7gijwv1x

23.36.79.16

200 OK

261 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12338346&url=https%3A%2F%2Fsalingsilang1.com%2F&channel_type=code&jsonp=__z7gijwv1x
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
261 B (261 bytes)
Hash
34358063f226311bdcbeb38120deb8bd
d0d01385dd2ba39e0f4eeba9425c390750658233
a49cd7f2ac58e327d76b0f48fa21bdc5145ac1fcb31f657aef259de34705d678

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=12338346&url=https%3A%2F%2Fsalingsilang1.com%2F&channel_type=code&jsonp=__z7gijwv1x HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors https://salingsilang1.com/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://salingsilang1.com/
content-length: 261
date: Sun, 25 Sep 2022 12:36:10 GMT
X-Firefox-Spdy: h2

salingsilang1.com/fonts/glyphicons-halflings-regular.woff2

151.139.128.10

200 OK

18 kB

URL HTTP/2
salingsilang1.com/fonts/glyphicons-halflings-regular.woff2
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://salingsilang1.com/css/bootstrap.min.css
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
etag: "1613377367"
cache-control: max-age=3600
content-length: 18028
content-type: font/woff2
last-modified: Mon, 15 Feb 2021 08:22:47 GMT
accept-ranges: bytes
server: Apache
x-hw: 1664109370.cds231.sk1.hn,1664109370.cds208.sk1.sc,1664109370.cds208.sk1.pr
access-control-allow-origin: *
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12338346&version=664.2.2.470.342.72.2.3.10.1.7.4&group_id=0&jsonp=__lc_static_config

23.36.79.16

200 OK

1.8 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12338346&version=664.2.2.470.342.72.2.3.10.1.7.4&group_id=0&jsonp=__lc_static_config
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (5006), with no line terminators
Size
1.8 kB (1849 bytes)
Hash
982aa17174a8b7ab2529f004b1440511
7e626ce6f8717378a853d35b5fe4ff2d4ca4e297
065b8029c33ff321b504c31845867bd499e48fe17788d4d187824fe516eb851c

HTTP Headers

GET /v3.3/customer/action/get_configuration?license_id=12338346&version=664.2.2.470.342.72.2.3.10.1.7.4&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1849
cache-control: public, max-age=600
expires: Sun, 25 Sep 2022 12:46:10 GMT
date: Sun, 25 Sep 2022 12:36:10 GMT
X-Firefox-Spdy: h2

secure.livechatinc.com/customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0

23.36.79.16

200 OK

2.0 kB

URL HTTP/2
secure.livechatinc.com/customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Size
2.0 kB (1966 bytes)
Hash
9c3f16244be088f5cecf655868ac333a
597c9d5cc676f8391f669a8b63f0f2c79e7fe5cd
bcb414813b0925c5998a0ab7ceabf75130cfbcde72418189844ddcc0ef5e5e46

HTTP Headers

GET /customer/action/open_chat?license_id=12338346&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1966
date: Sun, 25 Sep 2022 12:36:11 GMT
X-Firefox-Spdy: h2

salingsilang1.com/webdata.php?content=broadcast

151.139.128.10

200 OK

70 kB

URL HTTP/2
salingsilang1.com/webdata.php?content=broadcast
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65301)
Size
70 kB (69683 bytes)
Hash
66142cd325135ae80d3d11b51118ee0c
976ab7be740c3482b34f44668dfe199e33099cbf
e4490d268fa00b1efa7ec5025fa80e14d863ae6b9ecfeee2f134263deb9e9d9b

HTTP Headers

GET /webdata.php?content=broadcast HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1664109370.cds231.sk1.hn,1664109370.cds239.sk1.sc,1664109371.cds239.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/webdata.php?content=mobileapp

151.139.128.10

200 OK

94 kB

URL HTTP/2
salingsilang1.com/webdata.php?content=mobileapp
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
94 kB (94406 bytes)
Hash
75500bc7d3c7c6ad3180ea5b0aef4682
d631f58ec30c71a0d30d910c040dfea5e56bd977
673ce8433f7ba60c22a77b37e8bdb3d7c42f09eef90f6807579721ced9360d86

HTTP Headers

GET /webdata.php?content=mobileapp HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1664109370.cds231.sk1.hn,1664109370.cds214.sk1.sc,1664109371.cds214.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/webdata.php?content=desktopapp

151.139.128.10

200 OK

2.8 kB

URL HTTP/2
salingsilang1.com/webdata.php?content=desktopapp
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type
data
Size
2.8 kB (2762 bytes)
Hash
1a22cfe5e53f70c98a5c67e4ee8ec26e
3546f931bb8ab248ccadd6d9ca864c484ee74c2a
1f41549cccad6e4935fdd42617ada1d7adec23d14ed7af8df87c5ee01d6a61f8

HTTP Headers

GET /webdata.php?content=desktopapp HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1664109370.cds231.sk1.hn,1664109370.cds245.sk1.sc,1664109371.cds245.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Size
13 kB (12860 bytes)
Hash
ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

HTTP Headers

GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:03:13 GMT
expires: Tue, 19 Sep 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 487978
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

142.250.74.163

200 OK

13 kB

URL HTTP/2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Size
13 kB (12684 bytes)
Hash
0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

HTTP Headers

GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 21:03:15 GMT
expires: Tue, 19 Sep 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 487976
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img.pay4d.info/android.png

104.21.16.186

200 OK

1.1 kB

URL HTTP/2
img.pay4d.info/android.png
IP
104.21.16.186:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.1 kB (1096 bytes)
Hash
0b02cd52bbd4c1164b94f9c21050e6be
8941f921796a98fc8fabb4c0cec157c34d4e4276
a7c62c2757c85f7b8edb8bddd7f3b0472c851452daceb20485ddffa6ea9703fb

HTTP Headers

GET /android.png HTTP/1.1
Host: img.pay4d.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:11 GMT
content-type: image/webp
content-length: 1096
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=3351
content-disposition: inline; filename="android.webp"
last-modified: Sat, 30 Jan 2021 10:29:07 GMT
vary: Accept
cache-control: max-age=7200
cf-cache-status: HIT
age: 6960
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNOsNTZIItI2bl0ofQpCT4u4BavzN1YUntnD6INOQowRXyJgTQ1f%2FTx9awf5gWrlSbrOheG9toX5eLCQ9SGYYTkjvZ9586gQcgFwz8VFrqS4FeDayNQ2sM4X45jEA%2B7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7503cdd28d6eb515-OSL
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12338346&version=13159fb2ee05429e3ae48a4031b3d0e0_11fffb2b3a93034b7f83a89753b09cc3&language=id&group_id=0&jsonp=__lc_localization

23.36.79.16

200 OK

4.0 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12338346&version=13159fb2ee05429e3ae48a4031b3d0e0_11fffb2b3a93034b7f83a89753b09cc3&language=id&group_id=0&jsonp=__lc_localization
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (11632), with no line terminators
Size
4.0 kB (4018 bytes)
Hash
dda4ead3f6bfd73c89c7b64ee1c9b978
0e7fd4ee91feffc59dd522d9bd5a90b93d88b17b
59a4f8f54b570595d36f63b6956efd7956cb65a635464c75e78f718e861b18a3

HTTP Headers

GET /v3.3/customer/action/get_localization?license_id=12338346&version=13159fb2ee05429e3ae48a4031b3d0e0_11fffb2b3a93034b7f83a89753b09cc3&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Sun, 25 Sep 2022 12:46:11 GMT
date: Sun, 25 Sep 2022 12:36:11 GMT
content-length: 4018
X-Firefox-Spdy: h2

unphionetor.com/vbl?t=87390&bid=undefined&aid=undefined

139.45.197.236

204 No Content

685 B

URL HTTP/2
unphionetor.com/vbl?t=87390&bid=undefined&aid=undefined
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
gzip compressed data, max compression\012- data
Size
685 B (685 bytes)
Hash
a54b71532876597bb65061aa11ba5743
14760a347784b270fafb7eaf4c44df2f06155327
cdf3283edfd5b818b387c722844d2aadd769549634a3d308c2f853d1d351b1ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbl?t=87390&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 12:36:11 GMT
access-control-allow-origin: https://salingsilang1.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c59b18acc2b48004b7f753b562cbf2fc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12338346

23.36.79.8

101 Switching Protocols

0 B

URL HTTP/1.1
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12338346
IP
23.36.79.8:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3.3/customer/rtm/ws?license_id=12338346 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PBtDnFVWERPilQAg1N6Zwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
sec-websocket-accept: xMd8E1goEzIIH/E7rGvL6nRlqA0=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Sun, 25 Sep 2022 12:36:11 GMT
Upgrade: websocket
Connection: Upgrade

accounts.livechatinc.com/customer/token

23.36.79.16

200 OK

138 B

URL HTTP/2
accounts.livechatinc.com/customer/token
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text
Size
138 B (138 bytes)
Hash
e1c67c4a8f0ec93cb929ec2102d0d08b
b9f346aeff97d95d1c5c32331587094c413fde17
a13073fc59ef3b53f480b397141c3035f03cf36e1a322845deab724accc27ba1

HTTP Headers

POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Sun, 25 Sep 2022 12:36:11 GMT
set-cookie: __lc_cid=0364c1c1-a05f-4f33-527d-b5330d9ced06; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 25 Sep 2024 12:36:11 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=47a538e5a8db12fa6b9249529f58cc40daa2d48efb60164e764364a4e5cc456325a69e2d885a2bdf51fcccc37945da156ac04cd1dcc62be60b2bdf9606c5; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 25 Sep 2024 12:36:11 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=0364c1c1-a05f-4f33-527d-b5330d9ced06; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 25 Sep 2024 12:36:11 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=47a538e5a8db12fa6b9249529f58cc40daa2d48efb60164e764364a4e5cc456325a69e2d885a2bdf51fcccc37945da156ac04cd1dcc62be60b2bdf9606c5; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 25 Sep 2024 12:36:11 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1664109401&tag=699a4d92d31e68f98dae52571fcd86aa548217b7; Path=/; Expires=Sun, 25 Sep 2022 12:36:41 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14394
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 12:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14394
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 12:36:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14394
Expires: Sun, 25 Sep 2022 16:36:05 GMT
Date: Sun, 25 Sep 2022 12:36:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5305 bytes)
Hash
9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:04:13 GMT
age: 27118
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10032 bytes)
Hash
aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 52749
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8914 bytes)
Hash
dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 53945
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 53919
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6671 bytes)
Hash
328516d7184ca4b4f6e50bf895b9bce0
752c2278004a98fcfacf4c3f16470d610ffd2daa
8096b89e6b868d9e40b5c31b80309472695b9cd085cca2f872159f4e35056c08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb009e5a9-dad2-4c57-9637-c9930d6b3f05.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6671
x-amzn-requestid: c99d94f4-5a09-44d2-a2ce-0daac62d2087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EAHQ2oAMFaqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f787f-7fbe302d3e7587263e61cb0d;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FuhBG1wzZ7q3UXGwFA32yLn9Rn4DzcpPODW1HivGDtB-2-9F4Q3gBA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:05 GMT
age: 53946
etag: "752c2278004a98fcfacf4c3f16470d610ffd2daa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6199 bytes)
Hash
714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 52495
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

unphionetor.com/vbri?t=87390&bid=undefined&aid=undefined&tp=3894

139.45.197.236

204 No Content

0 B

URL HTTP/2
unphionetor.com/vbri?t=87390&bid=undefined&aid=undefined&tp=3894
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /vbri?t=87390&bid=undefined&aid=undefined&tp=3894 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://salingsilang1.com
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sun, 25 Sep 2022 12:36:12 GMT
access-control-allow-origin: https://salingsilang1.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5ab16babf2619e8b6d23b30424ab12d5
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

propeller-tracking.com/fv.js?t=87390

139.45.197.240

200 OK

0 B

URL HTTP/2
propeller-tracking.com/fv.js?t=87390
IP
139.45.197.240:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fv.js?t=87390 HTTP/1.1
Host: propeller-tracking.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 12:36:10 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 8cfa78b51301593a03db834e03ebf372
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

salingsilang1.com/capimg.php?3982

151.139.128.10

200 OK

0 B

URL HTTP/2
salingsilang1.com/capimg.php?3982
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /capimg.php?3982 HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds215.sk1.sc,1664109370.cds215.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/m/capimg.php?3180

151.139.128.10

200 OK

0 B

URL HTTP/2
salingsilang1.com/m/capimg.php?3180
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /m/capimg.php?3180 HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:10 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/png
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-hw: 1664109369.cds231.sk1.hn,1664109369.cds201.sk1.sc,1664109370.cds201.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/webdata.php?status=time

151.139.128.10

200 OK

0 B

URL HTTP/2
salingsilang1.com/webdata.php?status=time
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /webdata.php?status=time HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Sep 2022 12:36:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: Apache
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: Accept-Encoding
x-hw: 1664109370.cds231.sk1.hn,1664109370.cds240.sk1.sc,1664109371.cds240.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

salingsilang1.com/favicon.png

151.139.128.10

404 Not Found

0 B

URL HTTP/2
salingsilang1.com/favicon.png
IP
151.139.128.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /favicon.png HTTP/1.1
Host: salingsilang1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Cookie: PHPSESSID=igft47n2bj99hnrptdha9pbe26
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Sep 2022 12:36:11 GMT
accept-ranges: bytes
content-encoding: gzip
content-type: text/html
server: Apache
x-hw: 1664109371.cds231.sk1.hn,1664109371.cds257.sk1.sc,1664109371.cds257.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Abel|Oswald:400|PT+Sans:400,700|Open+Sans:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://salingsilang1.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Sep 2022 12:36:09 GMT
date: Sun, 25 Sep 2022 12:36:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files detected

URL

IP

ASN

File type

Size

Hash

Detections

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL