urlscan.io logo urlscan.io
SecurityTrails logo

1c57b537.w2a.ai Open in urlscan Pro
172.67.71.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://1c57b537.w2a.ai/
Submission: On June 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 172.67.71.168, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1c57b537.w2a.ai.
TLS certificate: Issued by E5 on June 15th 2024. Valid for: 3 months.
This is the only time 1c57b537.w2a.ai was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 172.67.71.168 13335 (CLOUDFLAR...)
3 43.131.10.207 139341 (ACE-AS-AP...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:480... 20940 (AKAMAI-ASN1)
6 2.16.62.90 20940 (AKAMAI-ASN1)
4 2.16.62.98 20940 (AKAMAI-ASN1)
29 6
11    172.67.71.168 (United States)

ASN13335 (CLOUDFLARENET, US)
1c57b537.w2a.ai
3    43.131.10.207 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2a02:26f0:480:9::210:ee16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.mythad.com
6    2.16.62.90 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-62-90.deploy.static.akamaitechnologies.com
ads.mythad.com
4    2.16.62.98 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-62-98.deploy.static.akamaitechnologies.com
logsdk.kwai-pro.com
Apex Domain
Subdomains		 Transfer
11 w2a.ai
1c57b537.w2a.ai
478 KB
9 mythad.com
ads.mythad.com — Cisco Umbrella Rank: 26174
3 KB
4 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 24675
861 B
3 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 22281
121 KB
2 gstatic.com
www.gstatic.com
31 KB
29 5
Domain Requested by
11 1c57b537.w2a.ai 1c57b537.w2a.ai
9 ads.mythad.com s1.kwai.net
4 logsdk.kwai-pro.com s1.kwai.net
3 s1.kwai.net 1c57b537.w2a.ai
s1.kwai.net
2 www.gstatic.com 1c57b537.w2a.ai
29 5

This site contains no links.

Subject Issuer Validity Valid
1c57b537.w2a.ai
E5		 2024-06-15 -
2024-09-13		 3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2023-10-26 -
2024-11-26		 a year crt.sh
*.gstatic.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-10-23 -
2024-11-23		 a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-08-10 -
2024-09-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://1c57b537.w2a.ai/
Frame ID: D14CFEE8912C11EDD8780E4E46B23806
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

RP8888

Detected technologies

Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase

Page Statistics

29
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

634 kB
Transfer

1152 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1c57b537.w2a.ai/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd44b4a59d43be06cdff87d0ef406879e6087c224ab5f509ac20ff367340ff9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8947e7c4b88165b8-FRA
content-encoding
br
content-type
text/html
date
Sun, 16 Jun 2024 04:02:37 GMT
last-modified
Sat, 15 Jun 2024 14:36:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T9qQkLDtZQsV%2BFYZMVzr6XwwkIQdc7zrK9gJ0mCOHP%2FOAis%2BOFBXfdnXVZNVnubusQoRcL2g%2FkeXZH7WHa41VoHqsrHsBcBVlHJ14JmJeqw2sXAKUnf9qr4onYIzeFZETpM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
index.css
1c57b537.w2a.ai/__static__/easyApphtmlAssets/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/__static__/easyApphtmlAssets/index.css
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f084e74602449126b851e55b96dae5c5d5cf3f5eac896013e5edc1ca5897995

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"0117c4c08ff8ff137aff774ed4d355c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r%2FU2itHVqY94hx%2F94dbgdXpxEbn5s6UeS2SHKMouaTbSbwEo6JlWT%2FCcSJyuHZoD%2B7OITcXjDNyOE9UW5nYL7U9wOmXvpkLdvSuUQ2QxA%2B1hOLufMNSOiM3lfkOmiJ4apk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8947e7ca6c7365b8-FRA
alt-svc
h3=":443"; ma=86400
index_v1.0.8.js
1c57b537.w2a.ai/__static__/easyApphtmlAssets/ 		154 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/__static__/easyApphtmlAssets/index_v1.0.8.js
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d091b96796ac15aee86723e3bc5903a0b4cc67c37c07103bf1ed9001700169

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"ae5d2c2cff5503db2195a116d7cf671f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Oz2j4diYoQFx3UggLTwbToFCxxOX0qaH0i8i5EKPcB%2FHLvACgXBdwjO2%2Bi8wQb66pqmjcRmgFpTnF2HgNhI7uKVemcSmaDooPdvZKWateMfHYsozepEO8zNHnco0JkSgqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8947e7ca6c7465b8-FRA
alt-svc
h3=":443"; ma=86400
firebase.js
1c57b537.w2a.ai/__static__/easyApphtmlAssets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/__static__/easyApphtmlAssets/firebase.js
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9819f0566f55ed064c4342c913418695f79974ee1261cdc9bf3a90cfb8c90ffe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Origin
https://1c57b537.w2a.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a8618628136a5606143dc70da04a3ea9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=riH4C5a9XCSq%2BZeYx2hMDvd2WQAeEDN1%2Br%2F9HfNvn0C32tJyNwa10sHPHGRoKW6ANZ1m1MN2FRKf0Q0Sg1PmhnuH8%2BzAaMDzK77739GXtyIKZzPk9NZjSiz0sjYA6HMql3E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
8947e7ca6c7565b8-FRA
alt-svc
h3=":443"; ma=86400
lightning.svg
1c57b537.w2a.ai/__static__/web_template_assets/ 		528 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1c57b537.w2a.ai/__static__/web_template_assets/lightning.svg
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d563fb9e381d4b028338f296145cbca66238c26a7c953fef3b96d42ebe09b19e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9df10169b75060d20b9bbff78bf27e3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9Ie0LD6AJNiOBD0%2BorUJJWxPBn8NmM%2FkVUQP%2B75D7IkFS22NCqjNoII47ksv%2Ftty0IwlcejnL2zuohN0U%2FwIn3JcnsSKuRffQIPpGDh90NqxzEcQLkzpHIGA8mmfabRwro%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8947e7ca6c7665b8-FRA
alt-svc
h3=":443"; ma=86400
safe.svg
1c57b537.w2a.ai/__static__/web_template_assets/ 		725 B
858 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1c57b537.w2a.ai/__static__/web_template_assets/safe.svg
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106eb33346f95a4c30fad9abdb8525be8d4bac4fae816ff598f7eed1c1d4feab

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"13e81b05ecb1ee3794d1c9f9d5edeae6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPTSxWbcyREXQbXklHht77oGn7i5SG94pVP0Oinnc5HdptX0SvWL9mq3%2BAyXnYQ1kTV%2FcUvYlnSxEFu5bMdXBIweYcQWYnFYtc9lUDpW8Rj%2FIGYMpbuYzcs5ex0w6TRfdto%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8947e7ca6c7765b8-FRA
alt-svc
h3=":443"; ma=86400
1718364152599.webp
1c57b537.w2a.ai/__static__/adda8ac1/static/clickImage/ 		388 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1c57b537.w2a.ai/__static__/adda8ac1/static/clickImage/1718364152599.webp
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50006096727efd82e66b3c42f380754f270915fb2b9e5b904c7b4675e5988413

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3dc34a8978178f5c50e7ec742927fa9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6iMGtra08nT1V1OQVPsV4tFzMiSL7wwdnyQox7n1I23Erif2vzMiMAZeX3GK1P72OCUAngu8WOAfaoze92eO8ngpHP2gDs5A%2F01X%2FgZMjQ5fulOOGn6n24A6eDqkohj0Yc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8947e7ccde5065b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
397686
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250328119846655&lib=kwaiq
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.131.10.207 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
80.255.7.118
Date
Mon, 27 May 2024 02:53:41 GMT
Content-Encoding
gzip
x-oss-request-id
6653F5B51ADB7231318DF9D4
X-Cache-Lookup
Cache Hit
Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign
NULL
Connection
keep-alive
Content-Length
3744
X-Ks-Request-ID
11794577175564183609
X-Ks-Cache
Hit from 43.131.10.207
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Server
Lego Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
11794577175564183609
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13562747518461854989
x-oss-server-time
6
Expires
Wed, 26 Jun 2024 02:53:41 GMT
firebase-app.js
www.gstatic.com/firebasejs/10.11.1/ 		99 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-app.js
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Origin
https://1c57b537.w2a.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 08:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
417263
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22509
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:11:27 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Jun 2025 08:08:15 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/10.11.1/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.11.1/firebase-messaging.js
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84814ac46a9a7159faf973080ceb509e9b754e1e3e8e63f5d3c7b3332ea22ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Origin
https://1c57b537.w2a.ai
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 06:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8647
x-xss-protection
0
last-modified
Thu, 25 Apr 2024 15:12:17 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jun 2025 06:11:56 GMT
getData
1c57b537.w2a.ai/1c57b537/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/1c57b537/getData
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/__static__/easyApphtmlAssets/index_v1.0.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36ddc5058b8858c66ebf7abb4fa4a0d57113bf5e4afb8c7dc35545d0b33bd763

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZgDKYpVjYhRM%2FUvLyjCfmtzfiioQLkdi5GAh8c9HRV3ohY%2FvlG1BLC6d7hlGIC%2FC%2F3FPzB81GN%2Bg8G7qV1RBC8v8vkHthkPm%2BFRf9ppBIpSWG6FWMtk4zT8fTil%2FAw0irXo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
8947e7cf780d65b8-FRA
alt-svc
h3=":443"; ma=86400
getSDKConfig
1c57b537.w2a.ai/ 		454 B
807 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/getSDKConfig?id=1c57b537
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/__static__/easyApphtmlAssets/firebase.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29b4edbe6d55f5ac3d03c126e89f960b8e4e9a33bfa75ad0a93378764de86fba

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:39 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgmH0SxJLiKwAH24UGygQlP4DdcctjPPS863EKqIyndt4raGCq0MIqPNLokQJFYc7wiHJL6AQcqU%2FBMNS1BYgG524q5bj25CVzgX87pZcT3nLIDuTFNy86J%2BRzZbS6HxK%2FI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
application/json
cf-ray
8947e7cf780f65b8-FRA
access-control-allow-headers
Content-Type, xfileName, fileType
cf-placement
remote-HKG
alt-svc
h3=":443"; ma=86400
report
1c57b537.w2a.ai/ 		16 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/report
Requested by
Host: 1c57b537.w2a.ai
URL: https://1c57b537.w2a.ai/__static__/easyApphtmlAssets/index_v1.0.8.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 16 Jun 2024 04:02:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oCyjGd%2FXQSRYOoUIYen30iLNS7aYaflN14MSwJUKME%2BbqmC%2FdkgyKXcEH2j5hfC%2F10jNgcvzMvbbvlHSVK%2FGD1RHY4MbXJb2r4Cj9WlnfCsGI%2FhkUFuVdA4DPezTtSEZcVQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8947e7d078d365b8-FRA
access-control-allow-headers
Content-Type, xfileName, fileType
cf-placement
remote-HKG
content-length
16
alt-svc
h3=":443"; ma=86400
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1c57b537.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Sun, 16 Jun 2024 04:02:40 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		264 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250328119846655&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.62.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0fde6214149dd70bc9cf1828cdb7fde17ca73a85732b5239b66882ef81d8712c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jun 2024 04:02:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
235
quic-version
0x00000001
1716463893922.png
1c57b537.w2a.ai/__static__/adda8ac1/static/desktopIcon/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://1c57b537.w2a.ai/__static__/adda8ac1/static/desktopIcon/1716463893922.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.71.168 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ddd0ff891c711cf42320d2ea2d6a95ef0549b5a54af1b7745c380f98850b56

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:40 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"025e4bc0ab91882f13dd7cfa110fbf9e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEUy0rmT7rr%2Fy%2Fd5He96KXDnB0KruSGoWW%2Fh2mqCs2trjZ5joQ64GMYqTiI1iWRppVEYm6256ZAD6X03fFywMdJvvM4KgGdureRyqsk%2B59vz2ckh2ba2WeMPkbdRaDG5mKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8947e7d7be1065b8-FRA
alt-svc
h3=":443"; ma=86400
content-length
8425
core.f43cddf82746bfc4.js
s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/ 		291 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250328119846655&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.131.10.207 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
80.255.7.118
Date
Wed, 05 Jun 2024 03:04:59 GMT
Content-Encoding
gzip
x-oss-request-id
665FD5DBBE751D39302BB9C1
X-Cache-Lookup
Cache Hit
Content-MD5
F1Ia+PQ83fgnRr/EkujTvQ==
kwaisign
NULL
Connection
keep-alive
Content-Length
78226
X-Ks-Request-ID
13412775679670011608
X-Ks-Cache
Hit from 43.131.10.207
x-oss-object-type
Normal
Last-Modified
Tue, 04 Jun 2024 07:54:56 GMT
Server
Lego Server
Etag
"17521AF8F43CDDF82746BFC492E8D3BD"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
13412775679670011608
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18225565236884805087
x-oss-server-time
7
Expires
Fri, 05 Jul 2024 03:04:59 GMT
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		73 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.62.98 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f5c1a99c892fb13825b8bd01d598a0a60782c50d64ee253fc1ec768e990d4370

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1c57b537.w2a.ai
date
Sun, 16 Jun 2024 04:02:41 GMT
access-control-allow-credentials
true
content-length
73
content-type
text/plain;charset=UTF-8
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		73 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.62.98 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a5e83d71e90d1f8f0c23c713e7a42271333cc347a028465434e6cb025fa269c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1c57b537.w2a.ai
date
Sun, 16 Jun 2024 04:02:41 GMT
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
73
content-type
text/plain;charset=UTF-8
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ 		374 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=250328119846655&pageId=pageId-1718510560657-5133844792641
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.62.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92b1b0ec482bf2a36b11e25b503cd21b85780b6dff908229a50eb67fe3068e97

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 04:02:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
285
quic-version
0x00000001
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		71 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.62.98 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e126ebbd3129d0ffcceb71cdbb8b01af75fce7167086704f718567c0d9046776

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1c57b537.w2a.ai
date
Sun, 16 Jun 2024 04:02:41 GMT
access-control-allow-credentials
true
content-length
71
content-type
text/plain;charset=UTF-8
checkPixel.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 		126 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250328119846655&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.131.10.207 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
80.255.7.118
Date
Mon, 27 May 2024 07:22:06 GMT
Content-Encoding
gzip
x-oss-request-id
6654349EB756F23536BAB443
X-Cache-Lookup
Cache Hit
Content-MD5
AW9CEWCiJefwVj7zcti69w==
kwaisign
NULL
Connection
keep-alive
Content-Length
39769
X-Ks-Request-ID
14608625454564489208
X-Ks-Cache
Hit from 43.131.10.207
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 07:18:27 GMT
Server
Lego Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
14608625454564489208
Accept-Ranges
bytes
x-oss-hash-crc64ecma
11760214008123873659
x-oss-server-time
5
Expires
Wed, 26 Jun 2024 07:22:06 GMT
api
ads.mythad.com/log/common/co/ 		2 KB
999 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.62.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa7de99f1500bfdee4e0ca71524e1b8beecdfccd9daa0867b3276574990c17cb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jun 2024 04:02:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
980
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ 		2 KB
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.62.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b37bdecae6f218c2fdbdb63ed392df69386847e14a07ba84585f3e6c5e773c8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jun 2024 04:02:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
981
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1c57b537.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 16 Jun 2024 04:02:41 GMT
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1c57b537.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 16 Jun 2024 04:02:41 GMT
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 		143 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250328119846655&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.62.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1918b9de42d03dcd345b6c0f8c57f4753d1aff2a8c7d1af24597d51371b4d860

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 16 Jun 2024 04:02:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
144
quic-version
0x00000001
checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2.16.62.90 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-90.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1c57b537.w2a.ai
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://1c57b537.w2a.ai
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Sun, 16 Jun 2024 04:02:41 GMT
quic-version
0x00000001
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		71 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250328119846655&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.62.98 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-62-98.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3dc218f007796a9f94b3cd2c6dcba288356fa0b8b1e55090af45d135f7c8c3bb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://1c57b537.w2a.ai/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://1c57b537.w2a.ai
date
Sun, 16 Jun 2024 04:02:41 GMT
access-control-allow-credentials
true
content-length
71
content-type
text/plain;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage string| easyAppId string| _0xod1 function| handleClickSpin function| closePop function| isAndroidMobile function| determineDefaultLocale function| report function| getPWADisplayMode function| userAgent function| play function| showAzPop function| getFileNameFromUrl function| gotoGame function| createIFrame function| getGameUrl function| w2aInstall function| w2aAdjustInstall function| buildURL function| getFbPid function| detectOS function| getiOSLink function| gotoRef function| _0x4bc5 function| myDownLoad function| getUrl function| getBrowserFingerprint function| getCanvasFingerprint function| _0xb880 function| hashFingerprint function| customHashFunction function| doubleHashID function| generateShortUniqueId function| generateSecureUUIDv4 string| version_ object| dataLayer string| KwaiAnalyticsObject object| kwaiq object| install object| events function| Radar object| core object| _WEBLOGGER function| Weblog object| checkPixel

4 Cookies

Domain/Path Name / Value
.w2a.ai/ Name: _did
Value: web_1072283611BAC6FC
.mythad.com/ Name: kwai_ckid
Value: 1718510560798_6219825683628863
.w2a.ai/ Name: kwai_uuid
Value: 263adb8da3d5036320ce9241cd9ac933
.w2a.ai/ Name: _k_cp
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1c57b537.w2a.ai
ads.mythad.com
logsdk.kwai-pro.com
s1.kwai.net
www.gstatic.com
172.67.71.168
2.16.62.90
2.16.62.98
2a00:1450:4001:800::2003
2a02:26f0:480:9::210:ee16
43.131.10.207
0724e976e9d544c811e7f452831d0d0660e8fb8a249ef5a50927d30e691fc35f
0fde6214149dd70bc9cf1828cdb7fde17ca73a85732b5239b66882ef81d8712c
106eb33346f95a4c30fad9abdb8525be8d4bac4fae816ff598f7eed1c1d4feab
1918b9de42d03dcd345b6c0f8c57f4753d1aff2a8c7d1af24597d51371b4d860
1a5e83d71e90d1f8f0c23c713e7a42271333cc347a028465434e6cb025fa269c
1f084e74602449126b851e55b96dae5c5d5cf3f5eac896013e5edc1ca5897995
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
29b4edbe6d55f5ac3d03c126e89f960b8e4e9a33bfa75ad0a93378764de86fba
2b37bdecae6f218c2fdbdb63ed392df69386847e14a07ba84585f3e6c5e773c8
36ddc5058b8858c66ebf7abb4fa4a0d57113bf5e4afb8c7dc35545d0b33bd763
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209
3dc218f007796a9f94b3cd2c6dcba288356fa0b8b1e55090af45d135f7c8c3bb
4dd44b4a59d43be06cdff87d0ef406879e6087c224ab5f509ac20ff367340ff9
50006096727efd82e66b3c42f380754f270915fb2b9e5b904c7b4675e5988413
84814ac46a9a7159faf973080ceb509e9b754e1e3e8e63f5d3c7b3332ea22ca4
92b1b0ec482bf2a36b11e25b503cd21b85780b6dff908229a50eb67fe3068e97
9819f0566f55ed064c4342c913418695f79974ee1261cdc9bf3a90cfb8c90ffe
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d563fb9e381d4b028338f296145cbca66238c26a7c953fef3b96d42ebe09b19e
e126ebbd3129d0ffcceb71cdbb8b01af75fce7167086704f718567c0d9046776
f1ddd0ff891c711cf42320d2ea2d6a95ef0549b5a54af1b7745c380f98850b56
f5c1a99c892fb13825b8bd01d598a0a60782c50d64ee253fc1ec768e990d4370
f8d091b96796ac15aee86723e3bc5903a0b4cc67c37c07103bf1ed9001700169
fa7de99f1500bfdee4e0ca71524e1b8beecdfccd9daa0867b3276574990c17cb