urlscan.io logo urlscan.io
SecurityTrails logo

f9a118a4.w2a.ai Open in urlscan Pro
172.67.71.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://f9a118a4.w2a.ai/
Submission: On June 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 172.67.71.168, located in United States and belongs to CLOUDFLARENET, US. The main domain is f9a118a4.w2a.ai.
TLS certificate: Issued by E5 on June 15th 2024. Valid for: 3 months.
This is the only time f9a118a4.w2a.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 172.67.71.168 13335 (CLOUDFLAR...)
3 43.152.26.154 139341 (ACE-AS-AP...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a01:4a0:1338... 201011 (CORE-BACK...)
6 2.16.238.22 20940 (AKAMAI-ASN1)
2 23.216.77.49 20940 (AKAMAI-ASN1)
27 6
11    172.67.71.168 (United States)

ASN13335 (CLOUDFLARENET, US)
f9a118a4.w2a.ai
3    43.152.26.154 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a01:4a0:1338:28::c38a:ff12 (Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)
ads.mythad.com
6    2.16.238.22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-22.deploy.static.akamaitechnologies.com
ads.mythad.com
2    23.216.77.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-49.deploy.static.akamaitechnologies.com
logsdk.kwai-pro.com
Apex Domain
Subdomains		 Transfer
11 w2a.ai
f9a118a4.w2a.ai
478 KB
9 mythad.com
ads.mythad.com — Cisco Umbrella Rank: 26174
3 KB
3 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 22281
121 KB
2 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 24675
471 B
2 gstatic.com
www.gstatic.com
31 KB
27 5
Domain Requested by
11 f9a118a4.w2a.ai f9a118a4.w2a.ai
9 ads.mythad.com s1.kwai.net
3 s1.kwai.net f9a118a4.w2a.ai
s1.kwai.net
2 logsdk.kwai-pro.com s1.kwai.net
2 www.gstatic.com f9a118a4.w2a.ai
27 5

This site contains no links.

Subject Issuer Validity Valid
f9a118a4.w2a.ai
E5		 2024-06-15 -
2024-09-13		 3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2023-10-26 -
2024-11-26		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-10-23 -
2024-11-23		 a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-08-10 -
2024-09-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://f9a118a4.w2a.ai/
Frame ID: C90A3EED8561BF55686F11B9A6820C26
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RP8888

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase

Page Statistics

27
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

633 kB
Transfer

1152 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
f9a118a4.w2a.ai/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbbf4023232545e39b1d6798c50670aba0a414af70a4d44e3c86708dada83ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
894f05e15bbc35fe-FRA
content-encoding
br
content-type
text/html
date
Mon, 17 Jun 2024 00:46:31 GMT
last-modified
Sat, 15 Jun 2024 14:39:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubIyNWwmyTwrcDTP5rb5DR%2FtbxKbxjWXSa%2BjV7NNFSlOxByjIfqvTZLVVwv1KClVFm5hRefxpdH7bg8Ztcx3Qi2gHk3Vr3HZcFgiEp6xY1QvqcIrwBwairGk%2BkSGgweJDwQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.css
f9a118a4.w2a.ai/__static__/easyApphtmlAssets/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/__static__/easyApphtmlAssets/index.css
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f084e74602449126b851e55b96dae5c5d5cf3f5eac896013e5edc1ca5897995

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"0117c4c08ff8ff137aff774ed4d355c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mgWzAsLGAA5eztz3q%2FUXGux8bH4nEdJP%2FHC3tOJsLzbC06lrGhg6a%2BI9TAcbxORga4%2B57wkmuPswcDHEjrtt8dijvCpjTxdwdbhDrmYvVl4C1c8LNNKWThRWx8VCqH6Vl14%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
894f05e58e6b35fe-FRA
alt-svc
h3=":443"; ma=86400
index_v1.0.8.js
f9a118a4.w2a.ai/__static__/easyApphtmlAssets/ 		154 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/__static__/easyApphtmlAssets/index_v1.0.8.js
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d091b96796ac15aee86723e3bc5903a0b4cc67c37c07103bf1ed9001700169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ae5d2c2cff5503db2195a116d7cf671f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L5YozJetIhVE6l5zDZ%2Bn%2Btv0oPlmYT3DbI1ANclof0%2B21vGHt6ieBzuYzTzW3kXzEO6fxz5oII8t4D4yzO%2BhrxJpYYZnG01IvMEAENgBFjiVEq89GNXjhhoT7WvWMD1Pels%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
894f05e58e6d35fe-FRA
alt-svc
h3=":443"; ma=86400
firebase.js
f9a118a4.w2a.ai/__static__/easyApphtmlAssets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/__static__/easyApphtmlAssets/firebase.js
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9819f0566f55ed064c4342c913418695f79974ee1261cdc9bf3a90cfb8c90ffe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Origin
https://f9a118a4.w2a.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a8618628136a5606143dc70da04a3ea9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M70ByLK0GzEOSJmqrWAMHn5%2F%2FcT327qi5VP90xmPMYRTeNEaPKvmw7p%2FxTAf20c0DAjaWd3iAFo%2BCfPt6f2hwbZSTVTiF9%2FVkgXxw8SupMzT6GTgcKfoJT9BUkQ0cFrtS1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
894f05e58e6f35fe-FRA
alt-svc
h3=":443"; ma=86400
lightning.svg
f9a118a4.w2a.ai/__static__/web_template_assets/ 		528 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f9a118a4.w2a.ai/__static__/web_template_assets/lightning.svg
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d563fb9e381d4b028338f296145cbca66238c26a7c953fef3b96d42ebe09b19e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9df10169b75060d20b9bbff78bf27e3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XXVi%2FZP1NJwwRtwqfc9PDCNjIDwW21zHWbLeDdyl12Mvdm2f0XvgWZETOkuGLLY%2FqGrzjAkljg8JZWXLYeqTk81MFDQCt%2BqRYjnIJdY1kMahTFX89UvPdSRHlXTr0HUGsI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
894f05e58e7035fe-FRA
alt-svc
h3=":443"; ma=86400
safe.svg
f9a118a4.w2a.ai/__static__/web_template_assets/ 		725 B
861 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f9a118a4.w2a.ai/__static__/web_template_assets/safe.svg
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106eb33346f95a4c30fad9abdb8525be8d4bac4fae816ff598f7eed1c1d4feab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"13e81b05ecb1ee3794d1c9f9d5edeae6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CFSProErwp79e0hfTbxRAohM9g2VL0IasFz%2F%2Bx4j4kehlnJQyVov57EvNcfCtm%2BlRqawzy%2BCZZn1JZa%2Fksae3nVzR34KZ3bA9rFUvmfDJ5aLQlQeqBBbYSn8ZkEAYCU2l4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
894f05e58e7135fe-FRA
alt-svc
h3=":443"; ma=86400
1718364152599.webp
f9a118a4.w2a.ai/__static__/adda8ac1/static/clickImage/ 		388 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f9a118a4.w2a.ai/__static__/adda8ac1/static/clickImage/1718364152599.webp
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50006096727efd82e66b3c42f380754f270915fb2b9e5b904c7b4675e5988413

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3dc34a8978178f5c50e7ec742927fa9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrq32%2BCnqkQHyjE1%2FyDGlu4lItfwHI814LdZNmJSzkuFWM1i5qQkEdippM6UT7Y7HwJRG1Z2MYCoX1VvDyKgrHj4FTdU2Q8IpijD%2F6CvwnDGWfBoPqyVaj6z62iq1bYTwOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894f05e7cffd35fe-FRA
alt-svc
h3=":443"; ma=86400
content-length
397686
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250432893319500&lib=kwaiq
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
80.255.10.197
Date
Mon, 03 Jun 2024 09:07:34 GMT
Content-Encoding
gzip
x-oss-request-id
665D87D5E410DC35323AB3FF
X-Cache-Lookup
Cache Hit
Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign
NULL
Connection
keep-alive
Content-Length
3744
X-Ks-Request-ID
8968233555612391381
X-Ks-Cache
Hit from 43.152.26.154
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Server
Lego Server
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
8968233555612391381
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13562747518461854989
x-oss-server-time
179
Expires
Wed, 03 Jul 2024 09:07:34 GMT
firebase-app.js
www.gstatic.com/firebasejs/10.11.1/ 		99 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-app.js
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Origin
https://f9a118a4.w2a.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 08:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22509
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:11:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jun 2025 08:08:15 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/10.11.1/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-messaging.js
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84814ac46a9a7159faf973080ceb509e9b754e1e3e8e63f5d3c7b3332ea22ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Origin
https://f9a118a4.w2a.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8647
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:12:17 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jun 2025 06:11:56 GMT
getData
f9a118a4.w2a.ai/f9a118a4/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/f9a118a4/getData
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/__static__/easyApphtmlAssets/index_v1.0.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5e85641f11be563adfbb45cc26affbdb46f8af1976d476f50c38d77e45e6d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:31 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KoUrTl7TZ8%2FYX0OWhNvg1JPVraJBqlkI8T1w6rRtLKYH0qA9DkNydfE%2FYzEcPYKWamUKBgJJiuMezpBV4KMVJ13bLH1FsoycCh%2BgQRv3aBnn4CsI8FcY%2FmmXLUiWRI8VsgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
894f05e8b88735fe-FRA
alt-svc
h3=":443"; ma=86400
getSDKConfig
f9a118a4.w2a.ai/ 		454 B
806 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/getSDKConfig?id=f9a118a4
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/__static__/easyApphtmlAssets/firebase.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b4edbe6d55f5ac3d03c126e89f960b8e4e9a33bfa75ad0a93378764de86fba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rftml4EH5BgSBHgY8enuSurbHbIjpLikGKXfKvawQjJG4otjn5%2FskOFHTr8HyLqB1TQ0lOWdfvGydjqgXwM%2BoogUs%2FQa2CPKW3jNYDU7mClBI71tWvwlxFQYwrN6TPllG0A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
894f05e8b88835fe-FRA
access-control-allow-headers
Content-Type, xfileName, fileType
cf-placement
remote-HKG
alt-svc
h3=":443"; ma=86400
report
f9a118a4.w2a.ai/ 		16 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/report
Requested by
Host: f9a118a4.w2a.ai
URL: https://f9a118a4.w2a.ai/__static__/easyApphtmlAssets/index_v1.0.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 17 Jun 2024 00:46:33 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQO%2FV5uajKfoZoZkZ9S2%2FSYceUHfRr7Plyjx8VfyIa4Cc%2BK4bsKXLCQtsSQhrK2OqiLmmRLjmTC%2FNaEUJGbH2Ww46jdsiNg59CNDBCyRjzK8PaSgN8h%2B8g2h9lPXQ8cNtlk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
894f05e968e335fe-FRA
access-control-allow-headers
Content-Type, xfileName, fileType
cf-placement
remote-HKG
content-length
16
alt-svc
h3=":443"; ma=86400
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://f9a118a4.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Mon, 17 Jun 2024 00:46:33 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		268 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250432893319500&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.238.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e1365c25490f2e7477a62531a0efbbfb105a750e08a7af00835f21cb6b71490

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Jun 2024 00:46:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
238
quic-version
0x00000001
1716463893922.png
f9a118a4.w2a.ai/__static__/adda8ac1/static/desktopIcon/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://f9a118a4.w2a.ai/__static__/adda8ac1/static/desktopIcon/1716463893922.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ddd0ff891c711cf42320d2ea2d6a95ef0549b5a54af1b7745c380f98850b56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"025e4bc0ab91882f13dd7cfa110fbf9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBtfzWB0CblTVet1kJs5sUOLuLX6gXBizjAJt3uGGtKSJfiAc3H12za8BP8%2F8QhVx30SQZnCHuLJmvKCUglB7w%2BAgNOEl889hIzd7z9e76Dfeb%2Fn%2Fb8fAraB%2BtpRRn%2Faf84%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
894f05ecfbab35fe-FRA
alt-svc
h3=":443"; ma=86400
content-length
8425
core.f43cddf82746bfc4.js
s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/ 		291 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250432893319500&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
80.255.10.197
Date
Wed, 05 Jun 2024 03:02:32 GMT
Content-Encoding
gzip
x-oss-request-id
665FD5473310B83733A958D9
X-Cache-Lookup
Cache Hit
Content-MD5
F1Ia+PQ83fgnRr/EkujTvQ==
kwaisign
NULL
Connection
keep-alive
Content-Length
78074
X-Ks-Request-ID
7282127778052954660
X-Ks-Cache
Hit from 43.152.26.154
x-oss-object-type
Normal
Last-Modified
Tue, 04 Jun 2024 07:54:56 GMT
Server
Lego Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
7282127778052954660
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18225565236884805087
x-oss-server-time
6
Expires
Fri, 05 Jul 2024 03:02:32 GMT
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		70 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f7ab05093b410779d481e23d899c244e1b7966a74bea7af0f92ec2b94d3d9a0c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://f9a118a4.w2a.ai
date
Mon, 17 Jun 2024 00:46:33 GMT
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
70
content-type
text/plain;charset=UTF-8
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		70 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66a91cd1dbe47bbb7b8a993a0ca4aba56be9390b8a1fbb05bbddd7f062436ed5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://f9a118a4.w2a.ai
date
Mon, 17 Jun 2024 00:46:33 GMT
access-control-allow-credentials
true
content-length
70
content-type
text/plain;charset=UTF-8
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ 		385 B
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=250432893319500&pageId=pageId-1718585193449-5772513361206
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.238.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a4b578deb4d21adbc685d73379307de62f064f537376618f1d0eaa4350651eb6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jun 2024 00:46:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
307
quic-version
0x00000001
checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 		126 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250432893319500&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.154 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
80.255.10.197
Date
Wed, 05 Jun 2024 03:10:06 GMT
Content-Encoding
gzip
x-oss-request-id
665FD70ECCA3C83133AEBE66
X-Cache-Lookup
Cache Hit
Content-MD5
AW9CEWCiJefwVj7zcti69w==
kwaisign
NULL
Connection
keep-alive
Content-Length
39769
X-Ks-Request-ID
4806267572601710346
X-Ks-Cache
Hit from 43.152.26.154
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Server
Lego Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
4806267572601710346
Accept-Ranges
bytes
x-oss-hash-crc64ecma
11760214008123873659
x-oss-server-time
56
Expires
Fri, 05 Jul 2024 03:10:06 GMT
api
ads.mythad.com/log/common/co/ 		2 KB
1003 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.238.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
13583490264a290ce144edb78259b48550f632e1ada69eed2e209fae54ea2207

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Jun 2024 00:46:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
984
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ 		2 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250432893319500&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.238.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f371acb53b0076cbe2f03280ed2f19136071c4798d4cda8db5e66be57d6d3a01

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Jun 2024 00:46:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
982
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://f9a118a4.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 17 Jun 2024 00:46:34 GMT
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff12 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://f9a118a4.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 17 Jun 2024 00:46:33 GMT
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.238.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://f9a118a4.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Mon, 17 Jun 2024 00:46:33 GMT
quic-version
0x00000001
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 		145 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250432893319500&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.238.22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-238-22.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
671310385df7ee20890c36b9c541657daeee22362c44a9f2cce08c088edc92b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://f9a118a4.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Mon, 17 Jun 2024 00:46:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://f9a118a4.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
146
quic-version
0x00000001

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| easyAppId string| _0xod1 function| handleClickSpin function| closePop function| isAndroidMobile function| determineDefaultLocale function| report function| getPWADisplayMode function| userAgent function| play function| showAzPop function| getFileNameFromUrl function| gotoGame function| createIFrame function| getGameUrl function| w2aInstall function| w2aAdjustInstall function| buildURL function| getFbPid function| detectOS function| getiOSLink function| gotoRef function| _0x4bc5 function| myDownLoad function| getUrl function| getBrowserFingerprint function| getCanvasFingerprint function| _0xb880 function| hashFingerprint function| customHashFunction function| doubleHashID function| generateShortUniqueId function| generateSecureUUIDv4 string| version_ object| dataLayer string| KwaiAnalyticsObject object| kwaiq object| install object| events function| Radar object| core object| _WEBLOGGER function| Weblog object| checkPixel

4 Cookies

Domain/Path Name / Value
.w2a.ai/ Name: _did
Value: web_969777163AF7D8BF
.mythad.com/ Name: kwai_ckid
Value: 1718585193556_6299918233764793
.w2a.ai/ Name: kwai_uuid
Value: 140636e7f615e9ab6cfa50d6d89c3945
.w2a.ai/ Name: _k_cp
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
f9a118a4.w2a.ai
logsdk.kwai-pro.com
s1.kwai.net
www.gstatic.com
172.67.71.168
2.16.238.22
23.216.77.49
2a00:1450:4001:809::2003
2a01:4a0:1338:28::c38a:ff12
43.152.26.154
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
106eb33346f95a4c30fad9abdb8525be8d4bac4fae816ff598f7eed1c1d4feab
13583490264a290ce144edb78259b48550f632e1ada69eed2e209fae54ea2207
1f084e74602449126b851e55b96dae5c5d5cf3f5eac896013e5edc1ca5897995
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
29b4edbe6d55f5ac3d03c126e89f960b8e4e9a33bfa75ad0a93378764de86fba
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209
3cbbf4023232545e39b1d6798c50670aba0a414af70a4d44e3c86708dada83ff
50006096727efd82e66b3c42f380754f270915fb2b9e5b904c7b4675e5988413
5e1365c25490f2e7477a62531a0efbbfb105a750e08a7af00835f21cb6b71490
66a91cd1dbe47bbb7b8a993a0ca4aba56be9390b8a1fbb05bbddd7f062436ed5
671310385df7ee20890c36b9c541657daeee22362c44a9f2cce08c088edc92b6
84814ac46a9a7159faf973080ceb509e9b754e1e3e8e63f5d3c7b3332ea22ca4
9819f0566f55ed064c4342c913418695f79974ee1261cdc9bf3a90cfb8c90ffe
9d5e85641f11be563adfbb45cc26affbdb46f8af1976d476f50c38d77e45e6d4
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
a4b578deb4d21adbc685d73379307de62f064f537376618f1d0eaa4350651eb6
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d563fb9e381d4b028338f296145cbca66238c26a7c953fef3b96d42ebe09b19e
f1ddd0ff891c711cf42320d2ea2d6a95ef0549b5a54af1b7745c380f98850b56
f371acb53b0076cbe2f03280ed2f19136071c4798d4cda8db5e66be57d6d3a01
f7ab05093b410779d481e23d899c244e1b7966a74bea7af0f92ec2b94d3d9a0c
f8d091b96796ac15aee86723e3bc5903a0b4cc67c37c07103bf1ed9001700169