dadu55promo.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dadu55promo.com/
Submission: On June 16 via api (June 16th 2024, 6:02:47 am UTC) from US — Scanned from NL

Summary HTTP 33 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 7 countries across 15 domains to perform 33 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is dadu55promo.com.
TLS certificate: Issued by E5 on June 12th 2024. Valid for: 3 months.

This is the only time dadu55promo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	43.152.26.151 43.152.26.151	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	162.19.58.156 162.19.58.156	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	172.67.194.81 172.67.194.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.83.2.16 154.83.2.16	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	172.67.201.16 172.67.201.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	95.100.146.73 95.100.146.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff12	201011 (CORE-BACK...) (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	95.100.146.57 95.100.146.57	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.219.41.39 52.219.41.39	16509 (AMAZON-02) (AMAZON-02)
33	15

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

dadu55promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
casinobonus.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.152.26.151 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.58.156 (France)

ASN16276 (OVH, FR)
PTR: ns3096358.ip-162-19-58.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.194.81 (United States)

ASN13335 (CLOUDFLARENET, US)

agent2.bit-gamings.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.83.2.16 (Seychelles)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

files.sitestatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.201.16 (United States)

ASN13335 (CLOUDFLARENET, US)

www.realindependentschools.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.146.73 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-73.deploy.static.akamaitechnologies.com

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4a0:1338:28::c38a:ff12 (Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-amp-error-reporting.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.100.146.57 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-57.deploy.static.akamaitechnologies.com

logsdk.kwai-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.41.39 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

slotresmi.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	mythad.com ads.mythad.com — Cisco Umbrella Rank: 26174	2 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 472	97 KB
3	kwai.net s1.kwai.net — Cisco Umbrella Rank: 22281	121 KB
2	kwai-pro.com logsdk.kwai-pro.com — Cisco Umbrella Rank: 24675	473 B
2	bit-gamings.com agent2.bit-gamings.com	135 KB
1	amazonaws.com slotresmi.s3.ap-southeast-1.amazonaws.com	15 KB
1	cloudfunctions.net us-central1-amp-error-reporting.cloudfunctions.net — Cisco Umbrella Rank: 13383	261 B
1	casinobonus.ug casinobonus.ug	33 KB
1	realindependentschools.org www.realindependentschools.org	36 KB
1	sitestatic.net files.sitestatic.net — Cisco Umbrella Rank: 28408	4 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 10139	817 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	dadu55promo.com dadu55promo.com	8 KB
0	nolimitcity.com Failed nolimitcity.com Failed
33	15

	Domain	Requested by
7	ads.mythad.com	s1.kwai.net
7	cdn.ampproject.org	dadu55promo.com cdn.ampproject.org
3	s1.kwai.net	dadu55promo.com s1.kwai.net
2	logsdk.kwai-pro.com	s1.kwai.net
2	agent2.bit-gamings.com	dadu55promo.com
1	slotresmi.s3.ap-southeast-1.amazonaws.com
1	us-central1-amp-error-reporting.cloudfunctions.net	cdn.ampproject.org
1	casinobonus.ug	dadu55promo.com
1	www.realindependentschools.org	dadu55promo.com
1	files.sitestatic.net	dadu55promo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	i.ibb.co	dadu55promo.com
1	fonts.googleapis.com	dadu55promo.com
1	dadu55promo.com
0	nolimitcity.com Failed	dadu55promo.com
33	15

This site contains links to these domains. Also see Links.

Domain
t.ly

Subject Issuer	Validity	Valid
dadu55promo.com E5	`2024-06-12` - `2024-09-10`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
ibb.co R3	`2024-04-22` - `2024-07-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
bit-gamings.com GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
sitestatic.net Cloudflare Inc ECC CA-3	`2023-12-19` - `2024-12-18`	a year	crt.sh
realindependentschools.org GTS CA 1P5	`2024-04-26` - `2024-07-25`	3 months	crt.sh
casinobonus.ug WE1	`2024-06-08` - `2024-09-06`	3 months	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
misc.google.com GTS CA 1C3	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.kwai-pro.com GlobalSign GCC R3 DV TLS CA 2020	`2023-08-10` - `2024-09-10`	a year	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-22`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dadu55promo.com/
Frame ID: F3C8769AC19F3754E49FC235B4C761FA
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DADU55: Situs Main Slot Online Tergacor Terpercaya

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

33
Requests

91 %
HTTPS

36 %
IPv6

15
Domains

15
Subdomains

15
IPs

7
Countries

476 kB
Transfer

1033 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.ly/vip-dadu55
Title: Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://www.nolimitcity.com/img/site-img/nolimit-city.png HTTP 308
https://nolimitcity.com/img/site-img/nolimit-city.png

33 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
dadu55promo.com/ 33 KB
8 KB 385ms
352ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dadu55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b2a351976cb00a9bba818013b914119db5293c784005d8a8ed6508585a3f8f

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894897aa6fbab92c-AMS
content-encoding: br
content-type: text/html
date: Sun, 16 Jun 2024 06:02:42 GMT
last-modified: Thu, 13 Jun 2024 06:17:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmDtjZBc%2B0YeEXBJo%2BjD5PgpA%2Bftaui6e5MH3PeJQ7RBanvpJrBYKbM7lw3Took8CSwsQ0NzlV64LsvQGEHyrOZVaJxalKTS4Ov%2B9H5az1CMG7lB4PkSK0EKM0d8ikf21cs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
62 KB 138ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: dadu55promo.com
URL: https://dadu55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b94b137d8eb756a847f22b33cbee992b66c4f540824d5f03afe87dcd9e850e5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 06:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63603
x-xss-protection: 0
server: sffe
etag: "0d917317b332e439"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 06:02:42 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 121ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs

Requested by

Host: dadu55promo.com
URL: https://dadu55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60c0c8e74a7ade915459aa7df198bdebe9ecca10afa797563e4e3893858f183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 06:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10061
x-xss-protection: 0
server: sffe
etag: "58e271b33468f874"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 06:02:42 GMT

GET
H2 200 amp-install-serviceworker-0.1.mjs Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 143ms
62ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs

Requested by

Host: dadu55promo.com
URL: https://dadu55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aef240bb1e04a5b16f8f726256d99271e904198c7dbfaa50541594cfb881cb1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 06:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2374
x-xss-protection: 0
server: sffe
etag: "dbd3ebd0533057c6"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 06:02:42 GMT

GET
H2 200 amp-youtube-0.1.mjs Show response
cdn.ampproject.org/v0/ 31 KB
11 KB 114ms
33ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs

Requested by

Host: dadu55promo.com
URL: https://dadu55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcadfa018d0649089bb964c0bc72eb27e9d668d85bfb92510132e35f3659e7a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 06:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10328
x-xss-protection: 0
server: sffe
etag: "d7a57c45467e46f9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 06:02:42 GMT

GET
H2 200 amp-accordion-0.1.mjs Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 119ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs

Requested by

Host: dadu55promo.com
URL: https://dadu55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9b19f230216a365f2d045725407eab32165dd6d183a9600c871b0973c75a80

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 06:02:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4851
x-xss-protection: 0
server: sffe
etag: "044cfe454203f62c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 16 Jun 2024 06:02:42 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 154ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Requested by

Host: dadu55promo.com
URL: https://dadu55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

286b689e6def6e4f0e84c5ab255bc8798d1b393378dbfd3fcd8ac1130fe346af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 16 Jun 2024 06:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 05:10:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 16 Jun 2024 06:02:42 GMT

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 830ms
23ms Script
application/javascript 43.152.26.151
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250230729342503&lib=kwaiq
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 31.204.150.145
Date: Mon, 03 Jun 2024 09:07:34 GMT
Content-Encoding: gzip
x-oss-request-id: 665D87D5E410DC35323AB3FF
X-Cache-Lookup: Cache Hit
Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign: NULL
Connection: keep-alive
Content-Length: 3744
X-Ks-Request-ID: 17426410109656018197
X-Ks-Cache: Hit from 43.152.26.151
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Server: Lego Server
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 17426410109656018197
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13562747518461854989
x-oss-server-time: 179
Expires: Wed, 03 Jul 2024 09:07:34 GMT

GET
H2 200 hack303-play.png
i.ibb.co/PQvGwJt/ 574 B
817 B 75ms
23ms Image
image/png 162.19.58.156
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/PQvGwJt/hack303-play.png
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.58.156 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3096358.ip-162-19-58.eu
Software: nginx /
Resource Hash: 049cb844f02b6529ffff3623141757e38b201cc22ec93a4787d621299bbe10ea

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:02:42 GMT
last-modified: Sat, 26 Aug 2023 16:07:30 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 574
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
21 KB 161ms
46ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 03:23:15 GMT
x-content-type-options: nosniff
age: 182367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jun 2025 03:23:15 GMT

GET
H3 200 bd695408-71de-4b17-84e7-d98e2170b1b2.png
agent2.bit-gamings.com/UpLoadFiles/Zixun/500002/ 49 KB
50 KB 790ms
718ms Image
image/png 172.67.194.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agent2.bit-gamings.com/UpLoadFiles/Zixun/500002/bd695408-71de-4b17-84e7-d98e2170b1b2.png
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 97b02b98926127be28dbff4da18fdc148c9e4f60a650533f2d4c43b296677b4f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:02:43 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 50150
last-modified: Fri, 07 Jun 2024 13:47:59 GMT
server: cloudflare
etag: "87aa2f4fe1b8da1:0"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET,HEAD,DELETE,PUT
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ip%2FjY71eo6Nc0xpXj8syFkwDrO7LiHmoBwZyFkeYjrmLQ2cU4inJW5atB%2Fgm56gBglDdB6v%2Bqt3CAAOkBVh2aykl9vAxdYKRffXkK%2FEvl2u%2B71faIRfQO4e4v%2FuQBaAzz4TcAwwUqoaz"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 894897ae8fcb286b-AMS
access-control-allow-headers: *

GET
H3 200 LOGO_ONIX_GAMING.png
files.sitestatic.net/images/ 3 KB
4 KB 64ms
26ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/images/LOGO_ONIX_GAMING.png?v=4
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0866092b481064c53207f2806ab6bc825bac3c3a6f18afdd2fc615ee01261eb1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20220610T044733Z
date: Sun, 16 Jun 2024 06:02:42 GMT
x-amz-version-id: zMbRxqhcFXO2.a..cBWsPlGfPCpuGLoM
cf-cache-status: HIT
x-amz-request-id: 5JTWBKRM5S98VGGN
age: 208488
cf-polished: origFmt=png, origSize=3065
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: e94a8f16f49bfbbd368822644f7529c9c56c77be06310b9db2d3e2a679be9d98
content-disposition: inline; filename="LOGO_ONIX_GAMING.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2794
x-amz-id-2: 67Tl3PNCchThlKXJWTMlsLA8Itj5/PX+/ClFtiJu/bKJknYouM5DaiRa0dpqvEyYjT66VRuI4XA=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 Jun 2022 04:48:40 GMT
server: cloudflare
etag: "4576b4cabc933061b50f575ed0771300"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 894897ae5d700b5c-AMS
expires: Mon, 16 Jun 2025 06:02:42 GMT

GET
H3 200 slot-pg-soft.webp
www.realindependentschools.org/wp-content/uploads/2022/11/ 35 KB
36 KB 124ms
51ms Image
image/webp 172.67.201.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realindependentschools.org/wp-content/uploads/2022/11/slot-pg-soft.webp
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.201.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c490590b79d11ffaefaa9a22dfa92b060c26334dfa9dd37b8e80fb6d73b0f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:02:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 323774
alt-svc: h3=":443"; ma=86400
content-length: 36230
last-modified: Thu, 17 Nov 2022 14:51:45 GMT
server: cloudflare
etag: "8d86-63764a81-c3512;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9D0ODxdlsr01sgfvLHtbGwu4FVgepQ6IkhjLBDtwe%2FvGVsCU%2FwyJVD3vEaxOrvsmd3Y50rauxwwVz%2FNGKxu%2BPdan3h9jq9jDyB8kZV8nowKeTw1W93h0abHHR4XCjR4zT8Jn6x4cdWMU22ClmwfhOoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 894897ae8b510be0-AMS
expires: Wed, 19 Jun 2024 12:06:28 GMT

GET
H3 200 Pragmatic-Play.png
casinobonus.ug/wp-content/uploads/2023/04/ 33 KB
33 KB 267ms
71ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casinobonus.ug/wp-content/uploads/2023/04/Pragmatic-Play.png
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6b700a2cfbabc99c54003a5771805c3a27e9535af1d5fd3daebcd3f4d966ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:02:42 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 20 Apr 2023 10:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "83e2-5f9c21cfc2ac2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhuYBGM%2BQn9gpGAX2kioAMHfLWwBeR%2Bg%2Bq3arrINH2smnVj5sAw9Kcl4%2BWKU2WQJ6QxFTXsLPsEKG5TNCNFv5A2jw6m31RZbsDa14opPegFVGfiBblDWFLmFCkVV%2BvNTAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400, s-maxage=10
accept-ranges: bytes
cf-ray: 894897af5e449f88-AMS
alt-svc: h3=":443"; ma=86400
content-length: 33762

GET

nolimit-city.png
nolimitcity.com/img/site-img/
Redirect Chain

https://www.nolimitcity.com/img/site-img/nolimit-city.png
https://nolimitcity.com/img/site-img/nolimit-city.png

0
0

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 7 KB
3 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab0b41379b43b0983195c1daf6dae1c2ea4c706c5dca9e3e56a7ae17c99a1f93

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Jun 2024 05:36:09 GMT
age: 174393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2819
x-xss-protection: 0
server: sffe
etag: "c7fb1b175e8c068d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 14 Jun 2025 05:36:09 GMT

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 12 KB
4 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d413ff3e61d817d5489fbcc0515f6b8913e8210b61b48725fadbe036d7856d0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Origin: https://dadu55promo.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 14 Jun 2024 05:36:09 GMT
age: 174393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3912
x-xss-protection: 0
server: sffe
etag: "d1e9ab0ab42c428d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 14 Jun 2025 05:36:09 GMT

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 a15cd755-d1c0-45bd-89fd-f1027a569938.jpg
agent2.bit-gamings.com/UpLoadFiles/Zixun/500002/ 85 KB
86 KB 1679ms
1636ms Image
image/jpeg 172.67.194.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://agent2.bit-gamings.com/UpLoadFiles/Zixun/500002/a15cd755-d1c0-45bd-89fd-f1027a569938.jpg
Requested by: Host: dadu55promo.com
URL: https://dadu55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.194.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 431f3fdbc7b45968baa59103c62de077922ecf951bcbaf15cf21d5df913b0172

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:02:43 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 86987
last-modified: Thu, 15 Feb 2024 12:59:03 GMT
server: cloudflare
etag: "43a967c0e60da1:0"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,POST,GET,HEAD,DELETE,PUT
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xOyusMnXaqy2ae%2BdBO8SelO47eMFP7O2WTPxLyXmAcOW391Z03uKkflOE8wDM25JwJO6y9jUXh5nLNKLUQI6XwayXMTEmnt%2F8%2FO%2BXYdrcB1H0AtN44c5kGLySxonpwDWUz46py%2BQqi9"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 894897ae8fc9286b-AMS
access-control-allow-headers: *

POST
H3 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 268 B
257 B 289ms
230ms XHR
application/json 95.100.146.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250230729342503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9d9ee35f1a51362669822e36bf398da4552d0177cce8150b9228dd3bf438d5db

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 16 Jun 2024 06:02:43 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://dadu55promo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 238
quic-version: 0x00000001

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 0
0 613ms
506ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dadu55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://dadu55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Sun, 16 Jun 2024 06:02:43 GMT

POST
H2 200 r Show response
us-central1-amp-error-reporting.cloudfunctions.net/ 2 B
261 B 217ms
136ms XHR
text/plain 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-amp-error-reporting.cloudfunctions.net/r
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 06:02:43 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: dda0f8943438ba390e0333340e2e191f
cache-control: private
function-execution-id: 4eprhjkz08rk
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H/1.1 200
OK core.f43cddf82746bfc4.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/ 291 KB
77 KB 26ms
26ms Script
application/javascript 43.152.26.151
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250230729342503&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250230729342503&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 31.204.150.145
Date: Wed, 05 Jun 2024 03:02:32 GMT
Content-Encoding: gzip
x-oss-request-id: 665FD5473310B83733A958D9
X-Cache-Lookup: Cache Hit
Content-MD5: F1Ia+PQ83fgnRr/EkujTvQ==
kwaisign: NULL
Connection: keep-alive
Content-Length: 78074
X-Ks-Request-ID: 8500889595538457846
X-Ks-Cache: Hit from 43.152.26.151
x-oss-object-type: Normal
Last-Modified: Tue, 04 Jun 2024 07:54:56 GMT
Server: Lego Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 8500889595538457846
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 18225565236884805087
x-oss-server-time: 6
Expires: Fri, 05 Jul 2024 03:02:32 GMT

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 70 B
280 B 345ms
231ms XHR
text/plain 95.100.146.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250230729342503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.57 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-57.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 66a91cd1dbe47bbb7b8a993a0ca4aba56be9390b8a1fbb05bbddd7f062436ed5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://dadu55promo.com
date: Sun, 16 Jun 2024 06:02:44 GMT
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 70
content-type: text/plain;charset=UTF-8

GET
H3 200 getPixelConfig Show response
ads.mythad.com/rest/n/adintl/ad/ 1 KB
577 B 239ms
239ms XHR
application/json 95.100.146.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=250230729342503&pageId=pageId-1718517763861-3242639437214
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250230729342503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7e06535cb5c1a0e64c62f8f2bcc8d5ec527195cc928ad895e63f0e30c0ac89b2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 06:02:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://dadu55promo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 557
quic-version: 0x00000001

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 72 B
193 B 243ms
242ms XHR
text/plain 95.100.146.57
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250230729342503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.57 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-57.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16dc11f7d35d4dc77b9a298759fc3b629a733205026ea7fe59530534209a2ffc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://dadu55promo.com
date: Sun, 16 Jun 2024 06:02:44 GMT
access-control-allow-credentials: true
content-length: 72
content-type: text/plain;charset=UTF-8

GET
H/1.1 200
OK dadu55.ico
slotresmi.s3.ap-southeast-1.amazonaws.com/dadu55/ 15 KB
15 KB 1638ms
433ms Other
image/x-icon 52.219.41.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://slotresmi.s3.ap-southeast-1.amazonaws.com/dadu55/dadu55.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 52.219.41.39 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52d6ce1f2707a3cfd97d416be719e6248fc36c1bffc6ef91413147ac081d1a28

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 06:02:46 GMT
Last-Modified: Sat, 09 Dec 2023 12:11:52 GMT
Server: AmazonS3
x-amz-request-id: RPNJNXVTK90C887K
ETag: "82611e4b0c623ae5b5efb65b52100e52"
x-amz-server-side-encryption: AES256
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 15406
x-amz-id-2: +TP4Qjed/C0qktEQtmCRA+1xNKvYLsGFVu9Sxf4ewTy7NMwgP37gUHaW9TV1daT58t7UQ2a306s=

GET
H/1.1 200
OK checkPixel.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 126 KB
40 KB 136ms
136ms Script
application/javascript 43.152.26.151
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250230729342503&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250230729342503&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 31.204.150.145
Date: Wed, 05 Jun 2024 03:10:06 GMT
Content-Encoding: gzip
x-oss-request-id: 665FD70ECCA3C83133AEBE66
X-Cache-Lookup: Cache Hit
Content-MD5: AW9CEWCiJefwVj7zcti69w==
kwaisign: NULL
Connection: keep-alive
Content-Length: 39769
X-Ks-Request-ID: 8886192024555139364
X-Ks-Cache: Hit from 43.152.26.151
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 07:18:27 GMT
Server: Lego Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 8886192024555139364
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11760214008123873659
x-oss-server-time: 56
Expires: Fri, 05 Jul 2024 03:10:06 GMT

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
995 B 233ms
232ms XHR
application/json 95.100.146.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250230729342503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f453bda4d304d86dd8eef384bb96ea07444e484727dae30739cdcf3de6943306

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 16 Jun 2024 06:02:46 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dadu55promo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 976
quic-version: 0x00000001

POST api
ads.mythad.com/log/common/co/ 0
0

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ 0
0 2191ms
2190ms Preflight 2a01:4a0:1338:28::c38a:ff12
CORE-BACKBONE COR...

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dadu55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://dadu55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sun, 16 Jun 2024 06:02:46 GMT

OPTIONS api
ads.mythad.com/log/common/co/ 0
0

OPTIONS
H3 200 checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 0
0 224ms
223ms Preflight 95.100.146.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dadu55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://dadu55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Sun, 16 Jun 2024 06:02:44 GMT
quic-version: 0x00000001

POST
H3 200 checkPixelCompress Show response
ads.mythad.com/rest/n/adintl/ad/ 141 B
161 B 759ms
684ms XHR
application/json 95.100.146.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250230729342503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-73.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: baccfd4714456f2073ee55d14b796b3e1abd4dba9c7d372acda14298295e752f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://dadu55promo.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Sun, 16 Jun 2024 06:02:45 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://dadu55promo.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 142
quic-version: 0x00000001

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nolimitcity.com
URL: https://nolimitcity.com/img/site-img/nolimit-city.png

Domain: ads.mythad.com
URL: https://ads.mythad.com/log/common/co/api

Domain: ads.mythad.com
URL: https://ads.mythad.com/log/common/co/api

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sitestatic.net/	1970-01-20 21:21:59	Name: __cf_bm Value: uE6QUUy1Cjx7pC2evg1GkuSDtco0Lqv9DRZXxHmwSFg-1718517762-1.0.1.1-1NtY_33VCrHSqPAbESYAfiKQVqLVolrF8XSHdzOdq12f40nSqzl_9QmYciRsnOUNmCKvaqoRP4ylgR4voCMNDw
dadu55promo.com/	1970-01-21 06:07:33	Name: _did Value: web_775822436501CB7D
.mythad.com/	1970-01-21 06:57:57	Name: kwai_ckid Value: 1718517763978_6227004722513435
.dadu55promo.com/	1970-01-21 06:07:33	Name: kwai_uuid Value: 0325c96ec2bec52986b4939087e6e01b
.dadu55promo.com/	1970-01-20 21:23:24	Name: _k_cp Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
agent2.bit-gamings.com
casinobonus.ug
cdn.ampproject.org
dadu55promo.com
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
logsdk.kwai-pro.com
nolimitcity.com
s1.kwai.net
slotresmi.s3.ap-southeast-1.amazonaws.com
us-central1-amp-error-reporting.cloudfunctions.net
www.realindependentschools.org
ads.mythad.com
nolimitcity.com
154.83.2.16
162.19.58.156
172.67.194.81
172.67.201.16
188.114.96.3
2001:4860:4802:36::36
2a00:1450:4001:802::200a
2a00:1450:4001:827::2001
2a00:1450:4001:829::2003
2a01:4a0:1338:28::c38a:ff12
43.152.26.151
52.219.41.39
95.100.146.57
95.100.146.73
049cb844f02b6529ffff3623141757e38b201cc22ec93a4787d621299bbe10ea
0866092b481064c53207f2806ab6bc825bac3c3a6f18afdd2fc615ee01261eb1
0f9b19f230216a365f2d045725407eab32165dd6d183a9600c871b0973c75a80
13c490590b79d11ffaefaa9a22dfa92b060c26334dfa9dd37b8e80fb6d73b0f3
16dc11f7d35d4dc77b9a298759fc3b629a733205026ea7fe59530534209a2ffc
1b94b137d8eb756a847f22b33cbee992b66c4f540824d5f03afe87dcd9e850e5
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
286b689e6def6e4f0e84c5ab255bc8798d1b393378dbfd3fcd8ac1130fe346af
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209
3aef240bb1e04a5b16f8f726256d99271e904198c7dbfaa50541594cfb881cb1
431f3fdbc7b45968baa59103c62de077922ecf951bcbaf15cf21d5df913b0172
52d6ce1f2707a3cfd97d416be719e6248fc36c1bffc6ef91413147ac081d1a28
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56b2a351976cb00a9bba818013b914119db5293c784005d8a8ed6508585a3f8f
66a91cd1dbe47bbb7b8a993a0ca4aba56be9390b8a1fbb05bbddd7f062436ed5
6d413ff3e61d817d5489fbcc0515f6b8913e8210b61b48725fadbe036d7856d0
7e06535cb5c1a0e64c62f8f2bcc8d5ec527195cc928ad895e63f0e30c0ac89b2
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
97b02b98926127be28dbff4da18fdc148c9e4f60a650533f2d4c43b296677b4f
9d9ee35f1a51362669822e36bf398da4552d0177cce8150b9228dd3bf438d5db
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
ab0b41379b43b0983195c1daf6dae1c2ea4c706c5dca9e3e56a7ae17c99a1f93
baccfd4714456f2073ee55d14b796b3e1abd4dba9c7d372acda14298295e752f
bfcadfa018d0649089bb964c0bc72eb27e9d668d85bfb92510132e35f3659e7a
cf6b700a2cfbabc99c54003a5771805c3a27e9535af1d5fd3daebcd3f4d966ce
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f453bda4d304d86dd8eef384bb96ea07444e484727dae30739cdcf3de6943306
f60c0c8e74a7ade915459aa7df198bdebe9ecca10afa797563e4e3893858f183

dadu55promo.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

33 Requests

91 %HTTPS

36 %IPv6

15 Domains

15 Subdomains

15 IPs

7 Countries

476 kBTransfer

1033 kBSize

5 Cookies

1 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dadu55promo.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

91 %
HTTPS

36 %
IPv6

15
Domains

15
Subdomains

15
IPs

7
Countries

476 kB
Transfer

1033 kB
Size

5
Cookies

33 HTTP transactions
2 data transactions