zlwicisg.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response zlwicisg.com/	4 KB 2 KB	999ms 942ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zlwicisg.com/?CampaignID=233118217&adSETID=233118802&CreativeID=233119393&click_id=sjObyG_UkiWa0xhGzC2-XoTgdjqbhqt4W7LM6TGffOPfNd3pg6lUohyinOJKU60QTK9HItnWGXdMxvBg7vxRnU3cKsOUcUl0vBoTmvVqWVlNO49KLxhn8d_msYheuIKUGIC_2hmhbslkNuUHEkRLsQ%3D%3D&pixel_id=250314566244653&kwpixid=250314566244653 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d3ce87225799b57e4500f0995ae5de7831d83f21a8fb194876d3ae017ab48de1 Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 895e73f7dfd4669f-AMS content-encoding br content-type text/html; charset=utf-8 date Tue, 18 Jun 2024 21:43:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPQBuSeobvhJGCh2IKAfLL6jO4cRHQzKc0oZ8QAwpybnNbAGxn6rg9t%2BnmnG3%2BS8bap5ZlQRoy8gDBpqtmRoNTaFSHKPElizqEGUp%2F21MnP6zoO2RYyGPfBKMnyuklBSgd3BVtIXMe9LpPo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	events.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/	10 KB 5 KB	1244ms 24ms	Script application/javascript	43.152.26.235 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250314566244653&lib=kwaiq Requested by Host: zlwicisg.com URL: https://zlwicisg.com/?CampaignID=233118217&adSETID=233118802&CreativeID=233119393&click_id=sjObyG_UkiWa0xhGzC2-XoTgdjqbhqt4W7LM6TGffOPfNd3pg6lUohyinOJKU60QTK9HItnWGXdMxvBg7vxRnU3cKsOUcUl0vBoTmvVqWVlNO49KLxhn8d_msYheuIKUGIC_2hmhbslkNuUHEkRLsQ%3D%3D&pixel_id=250314566244653&kwpixid=250314566244653 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.235 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ks-client-ip 31.204.150.151 Date Fri, 14 Jun 2024 16:17:26 GMT Content-Encoding gzip x-oss-request-id 666C6D16A9866032305F816F X-Cache-Lookup Cache Hit Content-MD5 xdyEdfWuJAvRR0tEZ9nn2A== kwaisign NULL Connection keep-alive Content-Length 3744 X-Ks-Request-ID 17292252267066043042 X-Ks-Cache Hit from 43.152.26.235 x-oss-object-type Normal Last-Modified Mon, 27 May 2024 02:52:15 GMT Server Lego Server Etag "C5DC8475F5AE240BD1474B4467D9E7D8" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length Cache-Control no-cache x-oss-storage-class Standard X-NWS-LOG-UUID 17292252267066043042 Accept-Ranges bytes x-oss-hash-crc64ecma 13562747518461854989 x-oss-server-time 30 Expires Sun, 14 Jul 2024 16:17:26 GMT
GET H3	200	clHome jogoii.com/ Frame D9BA	0 0	476ms 439ms	Document text/html	172.67.167.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jogoii.com/clHome?c=51&kwpixid=250314566244653& Requested by Host: zlwicisg.com URL: https://zlwicisg.com/?CampaignID=233118217&adSETID=233118802&CreativeID=233119393&click_id=sjObyG_UkiWa0xhGzC2-XoTgdjqbhqt4W7LM6TGffOPfNd3pg6lUohyinOJKU60QTK9HItnWGXdMxvBg7vxRnU3cKsOUcUl0vBoTmvVqWVlNO49KLxhn8d_msYheuIKUGIC_2hmhbslkNuUHEkRLsQ%3D%3D&pixel_id=250314566244653&kwpixid=250314566244653 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.167.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language nl-NL,nl;q=0.9;q=0.9 Referer https://zlwicisg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 895e73fe2b0f9f7c-AMS content-encoding br content-type text/html date Tue, 18 Jun 2024 21:43:07 GMT last-modified Wed, 12 Jun 2024 21:52:48 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1E4MNuLIk3T1hTNAOcqKmROGGhHV83kf6qtSd4pgPwAmB2co8nj0zra0YPqxYjVsuHrL7eb1XwiKhrL0KjNlL8ghnbhZdtoaMkhGN%2Fjrnc0L6UuxPsqYzBu2pAW"}],"group":"cf-nel","max_age":604800} server cloudflare
OPTIONS H2	200	getGrayInfo ads.mythad.com/rest/n/adintl/gray/ Frame	0 0	283ms 201ms	Preflight	2a02:26f0:3100::1735:2958 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2958 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://zlwicisg.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://zlwicisg.com access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 18 Jun 2024 21:43:08 GMT
POST H3	200	getGrayInfo Show response ads.mythad.com/rest/n/adintl/gray/	264 B 253 B	309ms 250ms	XHR application/json	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250314566244653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash 62867ff3ae894cb2b152d388a2899648e8034a1d5d42da305f4355a0f1f0bf89 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json Response headers date Tue, 18 Jun 2024 21:43:08 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://zlwicisg.com access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 234 quic-version 0x00000001
GET H/1.1	200 OK	core.f43cddf82746bfc4.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/	291 KB 77 KB	25ms 25ms	Script application/javascript	43.152.26.235 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250314566244653&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.235 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash 390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ks-client-ip 31.204.150.151 Date Fri, 14 Jun 2024 18:46:37 GMT Content-Encoding gzip x-oss-request-id 666C900D923CEB30344930E5 X-Cache-Lookup Cache Hit kwaisign NULL Connection keep-alive Content-Length 78226 X-Ks-Request-ID 17489431852936752752 X-Ks-Cache Hit from 43.152.26.235 x-oss-object-type Normal Last-Modified Tue, 04 Jun 2024 07:54:56 GMT Server Lego Server Etag "17521AF8F43CDDF82746BFC492E8D3BD" Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length Cache-Control no-cache x-oss-storage-class Standard X-NWS-LOG-UUID 17489431852936752752 Accept-Ranges bytes x-oss-hash-crc64ecma 18225565236884805087 x-oss-server-time 57 Expires Sun, 14 Jul 2024 18:46:37 GMT
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	70 B 278 B	430ms 326ms	XHR text/plain	95.100.146.73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-73.deploy.static.akamaitechnologies.com Software / Resource Hash e80ea68b84358fea15341a088a84046619d5d69015cff6eaeaca65bb74e9ecc0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://zlwicisg.com date Tue, 18 Jun 2024 21:43:09 GMT access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 70 content-type text/plain;charset=UTF-8
GET H3	200	getPixelConfig Show response ads.mythad.com/rest/n/adintl/ad/	373 B 308 B	261ms 257ms	XHR application/json	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=250314566244653&pageId=pageId-1718746989089-1966811655117&clickid=sjObyG_UkiWa0xhGzC2-XoTgdjqbhqt4W7LM6TGffOPfNd3pg6lUohyinOJKU60QTK9HItnWGXdMxvBg7vxRnU3cKsOUcUl0vBoTmvVqWVlNO49KLxhn8d_msYheuIKUGIC_2hmhbslkNuUHEkRLsQ%3D%3D Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash 5ee626c659d43d45563de5a9eb3aba8520a5dda92de7628689339bf3c0dfe02b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 21:43:09 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://zlwicisg.com access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 287 quic-version 0x00000001
GET H/1.1	200 OK	checkPixel.js Show response s1.kwai.net/kos/s101/nlav11187/pixel/core/	126 KB 40 KB	24ms 23ms	Script application/javascript	43.152.26.235 ACE-AS-AP ACE
General Check archive.org Show headers Download Go to Full URL https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250314566244653&lib=kwaiq Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 43.152.26.235 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG), Reverse DNS Software Lego Server / Resource Hash a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ks-client-ip 31.204.150.151 Date Mon, 27 May 2024 07:30:05 GMT Content-Encoding gzip x-oss-request-id 6654367D87391E32313ED43C X-Cache-Lookup Cache Hit Content-MD5 AW9CEWCiJefwVj7zcti69w== kwaisign NULL Connection keep-alive Content-Length 39702 X-Ks-Request-ID 13599579413965288218 X-Ks-Cache Hit from 43.152.26.235 x-oss-object-type Normal Last-Modified Mon, 27 May 2024 07:18:27 GMT Server Lego Server Etag "016F421160A225E7F0563EF372D8BAF7" Vary Accept-Encoding Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Expose-Headers x-ks-request-id,x-ks-client-ip,Content-Length Cache-Control no-cache x-oss-storage-class Standard X-NWS-LOG-UUID 13599579413965288218 Accept-Ranges bytes x-oss-hash-crc64ecma 11760214008123873659 x-oss-server-time 28 Expires Wed, 26 Jun 2024 07:30:05 GMT
POST H3	200	common Show response ads.mythad.com/log/	2 KB 1 KB	247ms 247ms	XHR application/json	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash ada038cbb3003ee68b06417b4f9ba0c92e0c843e36157f2b44b4e5b8e93f27c0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json Response headers date Tue, 18 Jun 2024 21:43:09 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=utf-8 access-control-allow-origin https://zlwicisg.com access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 1084 quic-version 0x00000001
OPTIONS H2	200	common ads.mythad.com/log/ Frame	0 0	196ms 195ms	Preflight	2a02:26f0:3100::1735:2958 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/log/common Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3100::1735:2958 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://zlwicisg.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://zlwicisg.com access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH content-length 0 date Tue, 18 Jun 2024 21:43:09 GMT
OPTIONS H3	200	pixelLog ads.mythad.com/rest/n/adintl/ad/ Frame	0 0	252ms 251ms	Preflight	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/pixelLog Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://zlwicisg.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://zlwicisg.com access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 18 Jun 2024 21:43:10 GMT quic-version 0x00000001
POST H3	200	pixelLog Show response ads.mythad.com/rest/n/adintl/ad/	145 B 164 B	251ms 251ms	XHR application/json	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/pixelLog Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash cb4fcea4e0416d2bb051b737d9fd56f0491fd6a2001b82e017ed454cef03675a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json Response headers date Tue, 18 Jun 2024 21:43:10 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://zlwicisg.com access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 145 quic-version 0x00000001
OPTIONS H3	200	checkPixelCompress ads.mythad.com/rest/n/adintl/ad/ Frame	0 0	241ms 241ms	Preflight	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://zlwicisg.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin https://zlwicisg.com access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 0 date Tue, 18 Jun 2024 21:43:10 GMT quic-version 0x00000001
POST H3	200	checkPixelCompress Show response ads.mythad.com/rest/n/adintl/ad/	147 B 164 B	688ms 616ms	XHR application/json	95.100.146.48 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250314566244653&lib=kwaiq Protocol H3 Security QUIC, , AES_256_GCM Server 95.100.146.48 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-48.deploy.static.akamaitechnologies.com Software / Resource Hash 2432f35cbea48e8f533fd652e9aefb16b88390a90d23d671e6ee954f5363f8a6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type application/json Response headers date Tue, 18 Jun 2024 21:43:10 GMT content-encoding gzip vary Accept-Encoding content-type application/json;charset=UTF-8 access-control-allow-origin https://zlwicisg.com access-control-allow-credentials true alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 145 quic-version 0x00000001
POST H2	200	radar Show response logsdk.kwai-pro.com/rest/wd/common/log/collect/	73 B 192 B	262ms 261ms	XHR text/plain	95.100.146.73 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel Requested by Host: s1.kwai.net URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=250314566244653&lib=kwaiq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.100.146.73 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a95-100-146-73.deploy.static.akamaitechnologies.com Software / Resource Hash d8721678d21e0bcef6f296a556d89a085dce2ddcdff9b68c5d402e1e3e804f3a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://zlwicisg.com date Tue, 18 Jun 2024 21:43:10 GMT access-control-allow-credentials true content-length 73 content-type text/plain;charset=UTF-8
GET H2	200	17125852627708b7h0.png file.jogoii.com/conf/	42 KB 43 KB	618ms 544ms	Other image/png	2600:9000:25a2:6e00:13:d929:8240:93a1
General Check archive.org Show headers Download Go to Full URL https://file.jogoii.com/conf/17125852627708b7h0.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25a2:6e00:13:d929:8240:93a1 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash fb21d8b3c1ff547842db53e7ebdcaff44c0f676a9302eccd82e769a603b07651 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://zlwicisg.com/ Accept-Language nl-NL,nl;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 18 Jun 2024 21:43:11 GMT via 1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000 x-amz-cf-pop ZRH55-P1 x-cache Miss from cloudfront content-length 42989 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Mon, 08 Apr 2024 14:07:42 GMT server cloudflare etag "6613fa2e-a7ed" x-frame-options SAMEORIGIN access-control-allow-methods * content-type image/png report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vMwCrEVeQ%2FtkUvMtjHto9%2F5xgAQYoiGbPD14VmpLhbA5CdWPU4uogL8UUivu8%2FsCSxJ4ACMi%2F3KBghePl27SjqRRcpphdYhR5NkjGPL9UMiRc8WW3SC1csIrV8sYuYJBRASFAng2"}],"group":"cf-nel","max_age":604800} cache-control max-age=14400 accept-ranges bytes cf-ray 895e74147a805d9c-FRA x-amz-cf-id tqKNVrTgkXydn7uhuBWvHO7GqrmfsMaDqEw78iKxiiwCYB19I3SQOQ==

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage string| KwaiAnalyticsObject object| kwaiq object| install function| removeQueryParam function| addParameter function| createIframe object| events function| Radar object| core object| _WEBLOGGER function| Weblog object| checkPixel

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zlwicisg.com/	1970-01-21 06:11:22	Name: _did Value: web_932230198AB587A5
			.zlwicisg.com/	1970-01-20 21:25:48	Name: kwai_adInfo Value: %7B%22callback%22%3A%22sjObyG_UkiWa0xhGzC2-XoTgdjqbhqt4W7LM6TGffOPfNd3pg6lUohyinOJKU60QTK9HItnWGXdMxvBg7vxRnU3cKsOUcUl0vBoTmvVqWVlNO49KLxhn8d_msYheuIKUGIC_2hmhbslkNuUHEkRLsQ%3D%3D%22%2C%22pixelId%22%3A%22250314566244653%22%7D
			.mythad.com/	1970-01-21 07:01:46	Name: kwai_ckid Value: 1718746989221_6473583092041415
			.mythad.com/	1970-01-20 22:08:58	Name: kwai_backInfo Value: sDINuUgwJt5ueR5P0sWpXApjDMTntIj33ZqCWNpD+Jymogf9bRTR78pngyTIevBJrja1PoWFKA17KaugNLy33G1PYO067hBbfGC0KazfLb5svisLx9m/d2vPsknpB8UDgjf1Vh179DrlZ8Hn+D0dSp1GHNh0QYSFys08HnMYkoVpr0C8l/jiBCJdUxJjfvzMdocB2sGFCXX8X+i/MSY6ZVFrJ3DvIMwX1Zj9N6zOvFGAn7gEMVEXc8NMclqDFb8nndZmiYc+34rd51WzmXBXJ4rv3UFOo9ZPQqx1VpnFErc=
			.zlwicisg.com/	1970-01-21 06:11:22	Name: kwai_uuid Value: 1c4fbf97ca5cc087e5a3dd5f161eb3ec

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://zlwicisg.com/?CampaignID=233118217&adSETID=233118802&CreativeID=233119393&click_id=sjObyG_UkiWa0xhGzC2-XoTgdjqbhqt4W7LM6TGffOPfNd3pg6lUohyinOJKU60QTK9HItnWGXdMxvBg7vxRnU3cKsOUcUl0vBoTmvVqWVlNO49KLxhn8d_msYheuIKUGIC_2hmhbslkNuUHEkRLsQ%3D%3D&pixel_id=250314566244653&kwpixid=250314566244653(Line 50) Message: Allow attribute will take precedence over 'allowfullscreen'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
file.jogoii.com
jogoii.com
logsdk.kwai-pro.com
s1.kwai.net
zlwicisg.com
172.67.167.143
2600:9000:25a2:6e00:13:d929:8240:93a1
2a02:26f0:3100::1735:2958
2a06:98c1:3120::3
43.152.26.235
95.100.146.48
95.100.146.73
2432f35cbea48e8f533fd652e9aefb16b88390a90d23d671e6ee954f5363f8a6
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209
5ee626c659d43d45563de5a9eb3aba8520a5dda92de7628689339bf3c0dfe02b
62867ff3ae894cb2b152d388a2899648e8034a1d5d42da305f4355a0f1f0bf89
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
ada038cbb3003ee68b06417b4f9ba0c92e0c843e36157f2b44b4e5b8e93f27c0
cb4fcea4e0416d2bb051b737d9fd56f0491fd6a2001b82e017ed454cef03675a
d3ce87225799b57e4500f0995ae5de7831d83f21a8fb194876d3ae017ab48de1
d8721678d21e0bcef6f296a556d89a085dce2ddcdff9b68c5d402e1e3e804f3a
e80ea68b84358fea15341a088a84046619d5d69015cff6eaeaca65bb74e9ecc0
fb21d8b3c1ff547842db53e7ebdcaff44c0f676a9302eccd82e769a603b07651