urlscan.io logo urlscan.io
SecurityTrails logo

podomoro89baik.site Open in urlscan Pro
162.254.39.15  Public Scan

Go To Rescan Add Verdict Report
URL: https://podomoro89baik.site/
Submission: On October 20 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 162.254.39.15, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is podomoro89baik.site.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 17th 2024. Valid for: a year.
This is the only time podomoro89baik.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.254.39.15 22612 (NAMECHEAP...)
2 2607:f8b0:400... 15169 (GOOGLE)
3 43.152.134.54 139341 (ACE-AS-AP...)
3 2600:9000:21b... 16509 (AMAZON-02)
5 104.18.3.36 13335 (CLOUDFLAR...)
2 142.250.65.225 15169 (GOOGLE)
4 2600:141b:1c0... 20940 (AKAMAI-ASN1)
7 23.219.36.236 20940 (AKAMAI-ASN1)
2 23.219.36.234 20940 (AKAMAI-ASN1)
29 10
1    162.254.39.15 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium283-4.web-hosting.com
podomoro89baik.site
2    2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    43.152.134.54 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
3    2600:9000:21b8:ee00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)
ik.imagekit.io
5    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
2    142.250.65.225 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net
cdn.ampproject.org
4    2600:141b:1c00:f::172c:c9c8 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
ads.mythad.com
7    23.219.36.236 (Chicago, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-36-236.deploy.static.akamaitechnologies.com
ads.mythad.com
2    23.219.36.234 (Chicago, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-36-234.deploy.static.akamaitechnologies.com
logsdk.kwai-pro.com
Apex Domain
Subdomains		 Transfer
11 mythad.com
ads.mythad.com — Cisco Umbrella Rank: 27620
4 KB
5 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 14543
19 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 517
82 KB
3 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22982
107 KB
3 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 25131
121 KB
2 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 25977
475 B
1 podomoro89baik.site
podomoro89baik.site
5 KB
29 7
Domain Requested by
11 ads.mythad.com s1.kwai.net
5 imagedelivery.net podomoro89baik.site
4 cdn.ampproject.org podomoro89baik.site
cdn.ampproject.org
3 ik.imagekit.io podomoro89baik.site
3 s1.kwai.net podomoro89baik.site
s1.kwai.net
2 logsdk.kwai-pro.com s1.kwai.net
1 podomoro89baik.site
29 7

This site contains links to these domains. Also see Links.

Domain
ivfsurvivalguide.com
yubicopower.xyz
wa.me
Subject Issuer Validity Valid
podomoro89baik.site
Sectigo RSA Domain Validation Secure Server CA		 2024-10-17 -
2025-10-17		 a year crt.sh
misc-sni.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2023-10-26 -
2024-11-26		 a year crt.sh
*.imagekit.io
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
imagedelivery.net
E5		 2024-09-16 -
2024-12-15		 3 months crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-10-23 -
2024-11-23		 a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://podomoro89baik.site/
Frame ID: 7E44EA0611EE6E5193DECCE80CC2C64E
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PODOMORO89 : Portal daftar akun vip slot gacor pasti menang gampang maxwin

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

7
Domains

7
Subdomains

10
IPs

3
Countries

338 kB
Transfer

878 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
podomoro89baik.site/ 		18 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://podomoro89baik.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.254.39.15 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium283-4.web-hosting.com
Software
LiteSpeed /
Resource Hash
8bc96bb9bd8c50281e1f9cda3f0efafb29933f883580515c050bbe36e20cb833

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
4647
content-type
text/html
date
Sun, 20 Oct 2024 11:12:06 GMT
last-modified
Fri, 18 Oct 2024 06:58:34 GMT
server
LiteSpeed
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d90b20f4a92c0c9c74fba063d287a081caf6969944fc0ffe629c31fdd736362
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

content-encoding
br
etag
"cf28d77130862038"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 11:12:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 11:12:06 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
73080
x-xss-protection
0
server
sffe
amp-anim-0.1.js
cdn.ampproject.org/v0/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-anim-0.1.js
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2297b4a42aa40c71e690a1fd187fa831259238a795731fd0fcefd1393062ac2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

content-encoding
br
etag
"25b827c4e81956f0"
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 11:12:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 11:12:06 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2466
x-xss-protection
0
server
sffe
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=261206123973614&lib=kwaiq
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.73
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type
Normal
kwaisign
NULL
Expires
Thu, 14 Nov 2024 14:51:39 GMT
Date
Tue, 15 Oct 2024 14:51:39 GMT
x-oss-server-time
21
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
16188949388635405906
X-Ks-Cache
Hit from 43.152.134.54
x-oss-hash-crc64ecma
13562747518461854989
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
16188949388635405906
Access-Control-Allow-Origin
*
Content-Length
3744
x-oss-request-id
670E817A2EC65034361FB171
X-Cache-Lookup
Cache Hit
Server
Lego Server
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		84 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ee4bdaaaaf1edb8a568034c04bfb120d2e607d1cca0185cc00047851950f1c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf-8
LOGO%20PODOMORO89new.png
ik.imagekit.io/podomoro89/podomoro89/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/podomoro89/podomoro89/LOGO%20PODOMORO89new.png?updatedAt=1728486624213
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:ee00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
29e697dc1bde5da7b8bbfeef8eb3eaf7fb4f7164dd7e91a075c63da2ffbef420

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

x-request-id
670fa88e-9ae6-4c9f-8a51-9d42f0cfce28
etag
W/"53e4-CcVkp03PQTWJxK00cD7vUbYDOa8"
age
259661
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
4g0yFozYLGfY_A7BfEv4oKfAQBozHCg1KX8Yc7XzUgoAYxhtr7l7iQ==
date
Thu, 17 Oct 2024 11:04:25 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 429a03d32042afcc39a25586a483feb8.cloudfront.net (CloudFront), 1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
21476
x-amz-cf-pop
JFK52-P9
ADSLT31.png
ik.imagekit.io/podomoro89/podomoro89/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/podomoro89/podomoro89/ADSLT31.png?updatedAt=1728799296075
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:ee00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6eb5da83db852109275bc65f37c67ba2d1dc1d8fa1bff9f86669ba062cbf0ba9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

x-request-id
7e18f06e-5d79-45fe-975b-166e34e0426f
etag
W/"12d66-UDUMDhArRLcpKCbjEwpmiH9pbbM"
age
259661
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BnTdwpxAn6IhPBXly_aRajTVHaegK_oFhGSPAp6kEfZ7dRQ8bVXstg==
date
Thu, 17 Oct 2024 11:04:26 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 32c5b7040885724e78019cc31f0ef3e8.cloudfront.net (CloudFront), 1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
77158
x-amz-cf-pop
JFK52-P9
public
imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/62479d53-cc59-4512-722c-1778e7410200/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/62479d53-cc59-4512-722c-1778e7410200/public
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95ef47193efef7584b657213b145f7165e1fe2e9891451fe2ccaf230f6b56d0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

cf-cache-status
MISS
etag
"cfc1K0G2w3bIARgIlWSluXYquIfb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 11:12:08 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=741+293 c=0+0 v=2024.10.1 l=3292 f=false
cf-ray
8d58922d78f73353-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3292
server
cloudflare
public
imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/2f188867-e032-4370-ce6e-daffedb74800/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/2f188867-e032-4370-ce6e-daffedb74800/public
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
784c98417674e4328cde915d6f0f3ea7c08c903dad2e108a52f7c46937902d70
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

cf-cache-status
MISS
etag
"cfDfT6AQuUX0hgwvw8zYDJLf5sfb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 11:12:08 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=558+165 c=0+0 v=2024.10.1 l=2314 f=false
cf-ray
8d58922d78fa3353-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2314
server
cloudflare
public
imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/c43576aa-b533-446e-917b-bd935ed66200/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/c43576aa-b533-446e-917b-bd935ed66200/public
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b80721a6e368a670b96a355dcf1173895ac7a6830261f86d88b01d7bd6be3e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

cf-cache-status
MISS
etag
"cflgOXueiil00J6Io0H7S4Y0ejfb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:0,h2pri
warning
cf-images 299 "original is 1021B smaller"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 11:12:08 GMT
content-type
image/png
vary
Accept, Accept-Encoding
priority
u=4;i=?0,cf-chb=(37;u=2;i=?0 180;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=458+402 c=0+0 v=2024.10.1 l=2223 f=false
cf-ray
8d58922d78f83353-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2223
server
cloudflare
public
imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/280d5bf1-88df-4150-3272-f8325a1e0a00/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/280d5bf1-88df-4150-3272-f8325a1e0a00/public
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ddb53c9043d0487bb2fbfcc073850c5e6fa2f121089de41cd3b83b141b5b42c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

cf-cache-status
MISS
etag
"cf6Ker41mObtm49-MKxaETiUSGfb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 11:12:08 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=670+98 c=0+0 v=2024.10.1 l=3795 f=false
cf-ray
8d58922d78f63353-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
3795
server
cloudflare
public
imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/aa5d4548-b61a-4a58-2815-7d268ee29f00/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/LL3sRwI2JGv98aqCDif6qw/aa5d4548-b61a-4a58-2815-7d268ee29f00/public
Requested by
Host: podomoro89baik.site
URL: https://podomoro89baik.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f25f8a2280a8409985b445a6314fa7e9582e94ab04f3cb7dfc458dabeab858c6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

cf-cache-status
MISS
etag
"cfA3gAEy5X3YU6rE7fHld8KXyafb7C9F9CBQfA5-d8DQ"
cf-bgj
imgq:0,h2pri
warning
cf-images 299 "original is 442B smaller"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 11:12:08 GMT
content-type
image/png
vary
Accept, Accept-Encoding
priority
u=4;i=?0,cf-chb=(140;u=5;i=?0)
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=757+247 c=0+0 v=2024.10.1 l=5486 f=false
cf-ray
8d58922d78f43353-MIA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5486
server
cloudflare
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012410031633000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410031633000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
1f428a979c9e9ef9f882a290702813fe8fccdd86d7c3e067cc2bdc5f357337e2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://podomoro89baik.site
Referer
https://podomoro89baik.site/

Response headers

content-encoding
br
etag
"e8893d51b9917833"
age
269370
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 08:22:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 08:22:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
2975
x-xss-protection
0
server
sffe
amp-loader-0.1.js
cdn.ampproject.org/rtv/012410031633000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012410031633000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.225 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
8cd35b7540aa14c5a50d3b9222b78b2db96ecfa5b5026268f8cd0143ac7252db
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://podomoro89baik.site
Referer
https://podomoro89baik.site/

Response headers

content-encoding
br
etag
"624b5c07ee300e7d"
age
270419
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Fri, 17 Oct 2025 08:05:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 08:05:08 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
3955
x-xss-protection
0
server
sffe
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://podomoro89baik.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://podomoro89baik.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Sun, 20 Oct 2024 11:12:08 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		201 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=261206123973614&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c9a45f19d30f916d28b2385c5bca7317454e0082bd0125d72c8f7b14887c0866

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://podomoro89baik.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
186
date
Sun, 20 Oct 2024 11:12:09 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
favicon.ico
ik.imagekit.io/podomoro89/podomoro89/ 		9 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ik.imagekit.io/podomoro89/podomoro89/favicon.ico?updatedAt=1728487074069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b8:ee00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4afbfa15e87012d23d7fa0828c2734df6053a60f5d5573b21c05a540d6681315

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

x-request-id
5820b8d9-248a-49ac-b257-e3697eb4f552
etag
"71a94bf1237b75f7879e51bd6a840aff"
age
184350
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
GOtRgBYDF2pUrh33EOIDO9ew7kGujAVeEIX4YwV9sr20b51FyVO3rQ==
date
Fri, 18 Oct 2024 07:59:38 GMT
content-type
image/x-icon
vary
Accept-Encoding
x-server
ImageKit.io
last-modified
Wed, 09 Oct 2024 15:17:54 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 4b6b5023747759b0047c5cbc8d742cea.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
9662
x-amz-cf-pop
JFK52-P9
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 		290 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=261206123973614&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

Content-MD5
i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.73
x-oss-object-type
Normal
kwaisign
NULL
Expires
Thu, 14 Nov 2024 14:38:51 GMT
Date
Tue, 15 Oct 2024 14:38:51 GMT
x-oss-server-time
28
Last-Modified
Wed, 11 Sep 2024 08:21:14 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
13326951422245856388
X-Ks-Cache
Hit from 43.152.134.54
x-oss-hash-crc64ecma
1814864409054748518
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
13326951422245856388
Access-Control-Allow-Origin
*
Content-Length
77865
x-oss-request-id
670E7E7B5D4C173434FEA226
X-Cache-Lookup
Cache Hit
Server
Lego Server
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		71 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.36.234 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f96fe1a218f234b3eb7d1322fc534d53836a2f37509e6d1ad128318e6ef09d85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://podomoro89baik.site/

Response headers

access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
71
date
Sun, 20 Oct 2024 11:12:09 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		69 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.36.234 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-234.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f4f48e07d4badf688eabd3f6d41ec549efa30912b35afd95bcf5872fdfbb9e41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://podomoro89baik.site/

Response headers

access-control-allow-origin
https://podomoro89baik.site
content-length
69
date
Sun, 20 Oct 2024 11:12:09 GMT
content-type
text/plain;charset=UTF-8
access-control-allow-credentials
true
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ 		1 KB
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=261206123973614&pageId=pageId-1729422729296-7664598909335
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b90e41f47887c06f3241fac62f708ab3355afad908792f26d88a1a50d1c5a946

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
580
date
Sun, 20 Oct 2024 11:12:09 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding
checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 		126 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=261206123973614&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.134.54 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://podomoro89baik.site/

Response headers

Content-MD5
AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class
Standard
Content-Encoding
gzip
x-ks-client-ip
38.132.118.73
x-oss-object-type
Normal
kwaisign
NULL
Expires
Wed, 23 Oct 2024 14:48:54 GMT
Date
Mon, 23 Sep 2024 14:48:54 GMT
x-oss-server-time
35
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Cache-Control
no-cache
X-NWS-LOG-UUID
13686484927731092890
X-Ks-Cache
Hit from 43.152.134.54
x-oss-hash-crc64ecma
11760214008123873659
Connection
keep-alive
Accept-Ranges
bytes
X-Ks-Request-ID
13686484927731092890
Access-Control-Allow-Origin
*
Content-Length
39769
x-oss-request-id
66F17FD5C592313632F5E14C
X-Cache-Lookup
Cache Hit
Server
Lego Server
api
ads.mythad.com/log/common/co/ 		2 KB
991 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a11f1816873cb1f99f0045983fcba2c93bb3761bd04401e54f218f739fffdcba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://podomoro89baik.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
972
date
Sun, 20 Oct 2024 11:12:10 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
api
ads.mythad.com/log/common/co/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e422919583f17709f96fdf7dcd450de76731afdef5c36652360323dd988236a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://podomoro89baik.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1046
date
Sun, 20 Oct 2024 11:12:10 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
api
ads.mythad.com/log/common/co/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=261206123973614&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8a1c98e7752323201dd7b6bc427ba139b72b565908502cb9d1aea630f21ce53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://podomoro89baik.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1041
date
Sun, 20 Oct 2024 11:12:10 GMT
content-type
application/json;charset=utf-8
vary
Accept-Encoding
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://podomoro89baik.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://podomoro89baik.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 20 Oct 2024 11:12:09 GMT
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://podomoro89baik.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://podomoro89baik.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 20 Oct 2024 11:12:09 GMT
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:f::172c:c9c8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://podomoro89baik.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://podomoro89baik.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 20 Oct 2024 11:12:09 GMT
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://podomoro89baik.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://podomoro89baik.site
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Sun, 20 Oct 2024 11:12:10 GMT
quic-version
0x00000001
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 		145 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=261206123973614&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.219.36.236 Chicago, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-219-36-236.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49d6cfd122504d527569266e0c075f0e217f93cdeee3c7752b276c8315016edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/json
Referer
https://podomoro89baik.site/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
quic-version
0x00000001
access-control-allow-origin
https://podomoro89baik.site
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
144
date
Sun, 20 Oct 2024 11:12:11 GMT
content-type
application/json;charset=UTF-8
vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| KwaiAnalyticsObject object| kwaiq object| install object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| events function| Radar object| core object| _WEBLOGGER function| Weblog object| checkPixel

4 Cookies

Domain/Path Name / Value
podomoro89baik.site/ Name: _did
Value: web_23888772464630A6
.mythad.com/ Name: kwai_ckid
Value: 1729422729464_17936702623449965
.podomoro89baik.site/ Name: kwai_uuid
Value: 25b263cf522c74882f05c21341747cc7
.podomoro89baik.site/ Name: _k_cp
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
cdn.ampproject.org
ik.imagekit.io
imagedelivery.net
logsdk.kwai-pro.com
podomoro89baik.site
s1.kwai.net
104.18.3.36
142.250.65.225
162.254.39.15
23.219.36.234
23.219.36.236
2600:141b:1c00:f::172c:c9c8
2600:9000:21b8:ee00:15:c281:3500:93a1
2607:f8b0:4006:80d::2001
43.152.134.54
0629a36da3c398212e310536eeae2453f0ff684457e071a27e410872a67c57a5
1d90b20f4a92c0c9c74fba063d287a081caf6969944fc0ffe629c31fdd736362
1ee4bdaaaaf1edb8a568034c04bfb120d2e607d1cca0185cc00047851950f1c9
1f428a979c9e9ef9f882a290702813fe8fccdd86d7c3e067cc2bdc5f357337e2
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
29e697dc1bde5da7b8bbfeef8eb3eaf7fb4f7164dd7e91a075c63da2ffbef420
33b80721a6e368a670b96a355dcf1173895ac7a6830261f86d88b01d7bd6be3e
3ddb53c9043d0487bb2fbfcc073850c5e6fa2f121089de41cd3b83b141b5b42c
3e422919583f17709f96fdf7dcd450de76731afdef5c36652360323dd988236a
49d6cfd122504d527569266e0c075f0e217f93cdeee3c7752b276c8315016edc
4afbfa15e87012d23d7fa0828c2734df6053a60f5d5573b21c05a540d6681315
6eb5da83db852109275bc65f37c67ba2d1dc1d8fa1bff9f86669ba062cbf0ba9
784c98417674e4328cde915d6f0f3ea7c08c903dad2e108a52f7c46937902d70
8bc96bb9bd8c50281e1f9cda3f0efafb29933f883580515c050bbe36e20cb833
8cd35b7540aa14c5a50d3b9222b78b2db96ecfa5b5026268f8cd0143ac7252db
a11f1816873cb1f99f0045983fcba2c93bb3761bd04401e54f218f739fffdcba
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
b2297b4a42aa40c71e690a1fd187fa831259238a795731fd0fcefd1393062ac2
b90e41f47887c06f3241fac62f708ab3355afad908792f26d88a1a50d1c5a946
b95ef47193efef7584b657213b145f7165e1fe2e9891451fe2ccaf230f6b56d0
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87
c9a45f19d30f916d28b2385c5bca7317454e0082bd0125d72c8f7b14887c0866
f25f8a2280a8409985b445a6314fa7e9582e94ab04f3cb7dfc458dabeab858c6
f4f48e07d4badf688eabd3f6d41ec549efa30912b35afd95bcf5872fdfbb9e41
f8a1c98e7752323201dd7b6bc427ba139b72b565908502cb9d1aea630f21ce53
f96fe1a218f234b3eb7d1322fc534d53836a2f37509e6d1ad128318e6ef09d85