prada55promo.com Open in urlscan Pro
2606:4700:3036::6815:453e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://prada55promo.com/
Submission: On October 28 via api (October 28th 2024, 11:16:55 am UTC) from US — Scanned from US

Summary HTTP 34 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 14 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3036::6815:453e, located in United States and belongs to CLOUDFLARENET, US. The main domain is prada55promo.com.
TLS certificate: Issued by WE1 on October 8th 2024. Valid for: 3 months.

This is the only time prada55promo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3036::6815:453e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2607:f8b0:400... 2607:f8b0:4004:c09::84	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c04::5f	15169 (GOOGLE) (GOOGLE)
3	43.152.183.15 43.152.183.15	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	169.197.85.95 169.197.85.95	26548 (PUREVOLTA...) (PUREVOLTAGE-INC)
1	173.194.175.94 173.194.175.94	15169 (GOOGLE) (GOOGLE)
3	45.194.53.81 45.194.53.81	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1 1	2606:4700:303... 2606:4700:3035::ac43:c910	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.205.171 172.67.205.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.204.113 172.67.204.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:d9b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:1408:8c0... 2600:1408:8c00::172e:9632	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.213.158.14 23.213.158.14	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.213.158.27 23.213.158.27	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
34	14

1 2606:4700:3036::6815:453e (United States)

ASN13335 (CLOUDFLARENET, US)

prada55promo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4004:c09::84 (Washington, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c04::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.152.183.15 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.85.95 (United States)

ASN26548 (PUREVOLTAGE-INC, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.175.94 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.194.53.81 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

files.sitestatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:c910 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.realindependentschools.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.205.171 (United States)

ASN13335 (CLOUDFLARENET, US)

www.eptmc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.204.113 (United States)

ASN13335 (CLOUDFLARENET, US)

casinobonus.ug	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:d9b3 (United States)

ASN13335 (CLOUDFLARENET, US)

imgbob.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1408:8c00::172e:9632 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.158.14 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-158-14.deploy.static.akamaitechnologies.com

logsdk.kwai-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.213.158.27 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-158-27.deploy.static.akamaitechnologies.com

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mythad.com ads.mythad.com — Cisco Umbrella Rank: 27620	3 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 517	97 KB
4	kwai-pro.com logsdk.kwai-pro.com — Cisco Umbrella Rank: 25977	856 B
3	sitestatic.net files.sitestatic.net — Cisco Umbrella Rank: 35237	2 MB
3	kwai.net s1.kwai.net — Cisco Umbrella Rank: 25131	121 KB
1	imgbob.online imgbob.online — Cisco Umbrella Rank: 322142	221 KB
1	casinobonus.ug casinobonus.ug	34 KB
1	eptmc.org www.eptmc.org	36 KB
1	realindependentschools.org 1 redirects www.realindependentschools.org	835 B
1	gstatic.com fonts.gstatic.com	20 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 12145	817 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	prada55promo.com prada55promo.com	8 KB
0	nolimitcity.com Failed nolimitcity.com Failed
34	14

	Domain	Requested by
9	ads.mythad.com	s1.kwai.net
7	cdn.ampproject.org	prada55promo.com cdn.ampproject.org
4	logsdk.kwai-pro.com	s1.kwai.net
3	files.sitestatic.net	prada55promo.com
3	s1.kwai.net	prada55promo.com s1.kwai.net
1	imgbob.online	prada55promo.com
1	casinobonus.ug	prada55promo.com
1	www.eptmc.org	prada55promo.com
1	www.realindependentschools.org	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	i.ibb.co	prada55promo.com
1	fonts.googleapis.com	prada55promo.com
1	prada55promo.com
0	nolimitcity.com Failed	prada55promo.com
34	14

This site contains links to these domains. Also see Links.

Domain
t.ly

Subject Issuer	Validity	Valid
prada55promo.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2024-10-24` - `2025-11-25`	a year	crt.sh
ibb.co E6	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
sitestatic.net Cloudflare Inc ECC CA-3	`2023-12-19` - `2024-12-18`	a year	crt.sh
casinobonus.ug WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
imgbob.online WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
*.kwai-pro.com GlobalSign GCC R3 DV TLS CA 2020	`2024-07-30` - `2025-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://prada55promo.com/
Frame ID: ACC044D40C6617F3DBB484A276B7DB3B
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PRADA55: Situs Jika Player Kalah, Saldo Dikembalikan Semua

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

34
Requests

94 %
HTTPS

43 %
IPv6

14
Domains

14
Subdomains

14
IPs

2
Countries

2552 kB
Transfer

3109 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://t.ly/prada55-garansi
Title: Login

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://www.realindependentschools.org/wp-content/uploads/2022/11/slot-pg-soft.webp HTTP 301
https://www.eptmc.org/wp-content/uploads/2022/11/slot-pg-soft.webp

Request Chain 13

https://www.nolimitcity.com/img/site-img/nolimit-city.png HTTP 308
https://nolimitcity.com/img/site-img/nolimit-city.png

34 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
prada55promo.com/ 33 KB
8 KB 4146ms
1053ms Document
text/html 2606:4700:3036::6815:453e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prada55promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:453e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbd1cce0503084c58f2c1c9266e237a116c56ae6a995fdafd731c5ea73857ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d9a840d1c753dd2-MIA
content-encoding: br
content-type: text/html
date: Mon, 28 Oct 2024 11:16:49 GMT
last-modified: Wed, 11 Sep 2024 14:17:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ix1MAAvcq4CHYijMmX1e%2FB7bzy1VHAR%2F882Wed67j%2F2XMSkDw19FLCMbRceldVqpV8dyMabPSSEeoPXRD69YiOX%2F6PexVyptQdW580q%2FOn9Yq7By4w%2B40KtMAvAq6SCo5fSz2hTJLVNfzBD9Vb6a"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=71003&sent=8&recv=13&lost=0&retrans=1&sent_bytes=4034&recv_bytes=2287&delivery_rate=134089&cwnd=254&unsent_bytes=0&cid=f8f0d1976ea5989e&ts=1056&x=0"
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 v0.mjs Show response
cdn.ampproject.org/ 223 KB
63 KB 295ms
66ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.mjs

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

151cff8eecd6be2efc64617ff0ba8d9065430dd6f7970400cde4bc08784212d6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "9b536f5c4974bc51"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 63532
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/v0/ 33 KB
10 KB 388ms
159ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.mjs

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d0120ec3324c4365d736c9014da05fcd36c788aff5488fc0cd3b5235ab666df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "3132c8124287fef3"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10069
x-xss-protection: 0
server: sffe

GET
H2 200 amp-install-serviceworker-0.1.mjs Show response
cdn.ampproject.org/v0/ 6 KB
2 KB 366ms
138ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-install-serviceworker-0.1.mjs

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd6dd32ba99720b425c4504d001276db9059403f1c3176bf577b24c93a21c96e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "e1b251d219eda0e9"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2374
x-xss-protection: 0
server: sffe

GET
H2 200 amp-youtube-0.1.mjs Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 401ms
172ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-youtube-0.1.mjs

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a234e6837f4eed571ea9d6ec92414bce559f723264e5b0fa0686163fb53e4312

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "30aab17263654028"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 10319
x-xss-protection: 0
server: sffe

GET
H2 200 amp-accordion-0.1.mjs Show response
cdn.ampproject.org/v0/ 14 KB
5 KB 407ms
179ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-accordion-0.1.mjs

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc36522e2d2fb078e01f803d68241d42e78a8b1e623ae80c6d29b7f069a8643f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "ee9d1978d2373914"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 4846
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 194ms
69ms Stylesheet
text/css 2607:f8b0:400d:c04::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7e42b5c4f7bac1ea15124056acdd7be3330d23cda750a1f1af900c58315c4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 28 Oct 2024 11:16:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 28 Oct 2024 09:21:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 811ms
62ms Script
application/javascript 43.152.183.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250225372524503&lib=kwaiq
Requested by: Host: prada55promo.com
URL: https://prada55promo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.183.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
Content-Encoding: gzip
x-ks-client-ip: 38.132.118.75
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
x-oss-object-type: Normal
kwaisign: NULL
Expires: Thu, 31 Oct 2024 18:32:02 GMT
Date: Tue, 01 Oct 2024 18:32:02 GMT
x-oss-server-time: 42
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-cache
X-NWS-LOG-UUID: 8759972327978844166
X-Ks-Cache: Hit from 43.152.183.15
x-oss-hash-crc64ecma: 13562747518461854989
Connection: keep-alive
Accept-Ranges: bytes
X-Ks-Request-ID: 8759972327978844166
Access-Control-Allow-Origin: *
Content-Length: 3744
x-oss-request-id: 66FC4022FAF4EA393872079E
X-Cache-Lookup: Cache Hit
Server: Lego Server

GET
H2 200 hack303-play.png
i.ibb.co/PQvGwJt/ 574 B
817 B 286ms
60ms Image
image/png 169.197.85.95
PUREVOLTAGE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/PQvGwJt/hack303-play.png
Requested by: Host: prada55promo.com
URL: https://prada55promo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software: nginx /
Resource Hash: 049cb844f02b6529ffff3623141757e38b201cc22ec93a4787d621299bbe10ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cache-control: max-age=315360000, public
access-control-allow-methods: GET, OPTIONS
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 574
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: image/png
last-modified: Sat, 26 Aug 2023 16:07:30 GMT
server: nginx

GET
H3 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
20 KB 119ms
51ms Font
font/woff2 173.194.175.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

173.194.175.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qs-in-f94.1e100.net

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://fonts.googleapis.com/

Response headers

age: 519773
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 10:53:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 10:53:57 GMT
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20824
x-xss-protection: 0
server: sffe

GET
H3 200 20240131195418000000f09b1d0704ROGAACI__1483x278.gif
files.sitestatic.net/ImageFile/ 2 MB
2 MB 180ms
45ms Image
image/webp 45.194.53.81
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/ImageFile/20240131195418000000f09b1d0704ROGAACI__1483x278.gif
Requested by: Host: prada55promo.com
URL: https://prada55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.194.53.81 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bb318a55fd5c4cb3b70b488f5ce46c858a63f0e320ba17a364bf210b5ebda70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "02a6fefaa4fabb47a887a8226a81c3c1"
x-amz-version-id: AdhjRFl56XiPxpanYi1R_cjyfRn3_p8m
cf-cache-status: HIT
age: 208897
expires: Tue, 28 Oct 2025 11:16:50 GMT
cf-polished: origFmt=gif, origSize=2141002
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: image/webp
content-disposition: inline; filename="20240131195418000000f09b1d0704ROGAACI__1483x278.webp"
vary: Accept
last-modified: Wed, 31 Jan 2024 11:54:19 GMT
x-amz-id-2: +iA2b8lAnEnP8lXQKi9vLufoH1nfvO60ehvnG91FvPobEm92iDJIKMjbq2mTHrnxey8jud8RQY4=
cache-control: public, max-age=31536000
x-amz-request-id: E8R1N772DK0Q2THV
cf-ray: 8d9a8417a9fb21fd-MIA
accept-ranges: bytes
content-length: 2039827
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 LOGO_ONIX_GAMING.png
files.sitestatic.net/images/ 3 KB
4 KB 180ms
46ms Image
image/webp 45.194.53.81
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/images/LOGO_ONIX_GAMING.png?v=4
Requested by: Host: prada55promo.com
URL: https://prada55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.194.53.81 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0866092b481064c53207f2806ab6bc825bac3c3a6f18afdd2fc615ee01261eb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "4576b4cabc933061b50f575ed0771300"
x-amz-version-id: zMbRxqhcFXO2.a..cBWsPlGfPCpuGLoM
cf-cache-status: HIT
age: 392873
expires: Tue, 28 Oct 2025 11:16:50 GMT
cf-polished: origFmt=png, origSize=3065
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: image/webp
x-amz-meta-sha256: e94a8f16f49bfbbd368822644f7529c9c56c77be06310b9db2d3e2a679be9d98
vary: Accept
content-disposition: inline; filename="LOGO_ONIX_GAMING.webp"
x-amz-id-2: YKVv/92r8Wo1jcnOUX9kKeQSRdTbCivHMTSLm+za3bCRbUYNkxRcRRZjlo+CJaF4Ijbdp5bjo46+xx2igrvkVA==
last-modified: Fri, 10 Jun 2022 04:48:40 GMT
cache-control: public, max-age=31536000
x-amz-meta-s3b-last-modified: 20220610T044733Z
x-amz-request-id: NBBNE5AZ791X7S6Y
cf-ray: 8d9a8417a9fd21fd-MIA
accept-ranges: bytes
content-length: 2794
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3

200

slot-pg-soft.webp
www.eptmc.org/wp-content/uploads/2022/11/
Redirect Chain

https://www.realindependentschools.org/wp-content/uploads/2022/11/slot-pg-soft.webp
https://www.eptmc.org/wp-content/uploads/2022/11/slot-pg-soft.webp

35 KB
36 KB

665ms
528ms

Image
image/webp

172.67.205.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eptmc.org/wp-content/uploads/2022/11/slot-pg-soft.webp
Requested by: Host: prada55promo.com
URL: https://prada55promo.com/
Protocol: H3
Server: 172.67.205.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13c490590b79d11ffaefaa9a22dfa92b060c26334dfa9dd37b8e80fb6d73b0f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cf-cache-status: MISS
etag: "8d86-63764a81-c3512;;;"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qhqqzh0cAMzL5ZXi4OIlb%2BrOEV4H3YZ27r2%2BboL4108xm0wjH70pDgE69BVINqevbIeztp7TFd3GORWY41CDdCtRy%2FbFVaLGH%2F3c43ZIoGBP1irKmx4IC33ELZqPpccR"}],"group":"cf-nel","max_age":604800}
expires: Mon, 04 Nov 2024 11:16:51 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30441&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4142&recv_bytes=4460&delivery_rate=489&cwnd=12000&unsent_bytes=0&cid=4f3cb21da0b7f70d&ts=540&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 28 Oct 2024 11:16:51 GMT
content-type: image/webp
last-modified: Thu, 17 Nov 2022 14:51:45 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d9a84192ea5da7f-MIA
accept-ranges: bytes
content-length: 36230
server: cloudflare

Redirect headers

cache-control: max-age=3600
location: https://www.eptmc.org/wp-content/uploads/2022/11/slot-pg-soft.webp
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bIiDfihS0VDXfEeqKZUaATwfsMNTHaaPVIYCBYp6GmdRCzxLdAazxuEGDAyjtVkl8OKiK7TxP6A%2FaxiUHn28Oi5Qburk5LkM25SKWYs2VB9sxnMmafls61Oyn9rKl%2BsHsJCOdw%2BkxE8UncsvhoiS5PhWx5U92sIn2CoImLU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d9a8417ed550314-MIA
expires: Mon, 28 Oct 2024 12:16:50 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=29123&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4054&recv_bytes=2337&delivery_rate=132834&cwnd=252&unsent_bytes=0&cid=8b496d8611d3ff68&ts=58&x=0"
content-length: 167
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

GET
H3 200 Pragmatic-Play.png
casinobonus.ug/wp-content/uploads/2023/04/ 33 KB
34 KB 885ms
632ms Image
image/png 172.67.204.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://casinobonus.ug/wp-content/uploads/2023/04/Pragmatic-Play.png
Requested by: Host: prada55promo.com
URL: https://prada55promo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.204.113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf6b700a2cfbabc99c54003a5771805c3a27e9535af1d5fd3daebcd3f4d966ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cf-cache-status: REVALIDATED
etag: "83e2-5f9c21cfc2ac2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hhMUFi2fbdWuZU%2BwX52nCfh0waD83f3tmPsc%2FnI8HLxvcUlxCRAQHMtR%2FtetZzerB0pnrQW79HYKBduWdNLofNTTDmTKjwgvJxnwp9b1zFPY%2Flpen7%2BVpQcP7IKvq44Wkg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32481&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4292&recv_bytes=6963&delivery_rate=472&cwnd=12000&unsent_bytes=0&cid=371f4fc9b0ea2367&ts=799&x=1", cfExtPri, cfHdrFlush;dur=0
date: Mon, 28 Oct 2024 11:16:51 GMT
content-type: image/png
last-modified: Thu, 20 Apr 2023 10:36:28 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400, s-maxage=10
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d9a84186acf2286-MIA
accept-ranges: bytes
content-length: 33762
server: cloudflare

GET

nolimit-city.png
nolimitcity.com/img/site-img/
Redirect Chain

https://www.nolimitcity.com/img/site-img/nolimit-city.png
https://nolimitcity.com/img/site-img/nolimit-city.png

0
0

GET
H2 200 amp-auto-lightbox-0.1.mjs Show response
cdn.ampproject.org/rtv/012410081535000/v0/ 7 KB
3 KB 57ms
56ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410081535000/v0/amp-auto-lightbox-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2c6fa173f8a8603a0a1984d705f3e49fe9f1173732cd6f68bbd8ef27d3cb092

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "8b6026c8f07ce0b1"
age: 321895
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 17:51:55 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2818
x-xss-protection: 0
server: sffe

GET
H2 200 amp-loader-0.1.mjs Show response
cdn.ampproject.org/rtv/012410081535000/v0/ 12 KB
4 KB 57ms
56ms Script
text/javascript 2607:f8b0:4004:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410081535000/v0/amp-loader-0.1.mjs

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.mjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46a80e8140b471d5cec884736f6fe4dd1480da5620b6581116c19e6f52f57010

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://prada55promo.com
Referer: https://prada55promo.com/

Response headers

content-encoding: br
etag: "5d1b0d0fd1b242bc"
age: 321833
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 24 Oct 2025 17:52:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 24 Oct 2024 17:52:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3915
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 P3g4ZrJzQ2.png
imgbob.online/ib/ 220 KB
221 KB 154ms
40ms Image
image/png 2606:4700:3035::ac43:d9b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgbob.online/ib/P3g4ZrJzQ2.png

Requested by

Host: prada55promo.com
URL: https://prada55promo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:d9b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

443aba7d3da98ae4a36ce4e9251a6187af1b010f0570967bdb2e957608d952bc

Security Headers

Name	Value
X-Frame-Options	allow

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cf-cache-status: HIT
age: 297449
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvU3Dxwm%2B1OyqxCsAIJFtMI4ktj%2FkWCavPY1m3%2F5qbfhOL%2BqWr7%2FD3jCK%2BYuJ5s3haC3%2BElPcL6FA7J1oHF%2FdIzP%2FFiC%2FRFmAOLMCY48MBkKPL6BFmCjDcJXyxDJUC42H3zcJoMg6d0Hk4wi"}],"group":"cf-nel","max_age":604800}
expires: Fri, 01 Nov 2024 00:39:21 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=29627&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4047&recv_bytes=2294&delivery_rate=128462&cwnd=252&unsent_bytes=0&cid=e0a5a6489747b30b&ts=76&x=0"
date: Mon, 28 Oct 2024 11:16:50 GMT
content-type: image/png
last-modified: Mon, 22 Jul 2024 04:51:38 GMT
vary: Accept-Encoding
x-frame-options: allow
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d9a8417c9c3a4e5-MIA
accept-ranges: bytes
content-length: 225570
x-turbo-charged-by: LiteSpeed
server: cloudflare

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 0
0 1509ms
1278ms Preflight 2600:1408:8c00::172e:9632
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:8c00::172e:9632 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://prada55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://prada55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Mon, 28 Oct 2024 11:16:52 GMT

POST
H2 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 200 B
333 B 734ms
732ms XHR
application/json 2600:1408:8c00::172e:9632
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250225372524503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:8c00::172e:9632 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a41f008d33217b2f3863fc73ba245a728ed6e993ea4cc70f5481740a96cb703d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://prada55promo.com/

Response headers

access-control-allow-origin: https://prada55promo.com
content-encoding: gzip
content-length: 187
date: Mon, 28 Oct 2024 11:16:53 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true

GET
H3 200 20240130155019000000ecee8187f6ROGAACI__100x100.png
files.sitestatic.net/ImageFile/ 11 KB
11 KB 41ms
40ms Other
image/webp 45.194.53.81
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.sitestatic.net/ImageFile/20240130155019000000ecee8187f6ROGAACI__100x100.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 45.194.53.81 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d52135e118c715139674db3041453baea41a2b8a40cde8473edf98c64bed9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

cf-bgj: imgq:85,h2pri
etag: "947a690813220080ad23ff4cd04f9834"
x-amz-version-id: WC8curCq2Bjbe1YNbq6._cMefrTVxfbb
cf-cache-status: HIT
age: 144279
expires: Tue, 28 Oct 2025 11:16:51 GMT
cf-polished: origFmt=png, origSize=15935
alt-svc: h3=":443"; ma=86400
date: Mon, 28 Oct 2024 11:16:51 GMT
content-type: image/webp
content-disposition: inline; filename="20240130155019000000ecee8187f6ROGAACI__100x100.webp"
vary: Accept
last-modified: Tue, 30 Jan 2024 07:50:20 GMT
x-amz-id-2: 7TYjqk0W/Ou0m966c1W7ELu7c5tlRKf5VLj9Q24+RmfIwYPCfRCLAkejzUBj1KbnGG/diJOBOQ4=
cache-control: public, max-age=31536000
x-amz-request-id: RHHR8BK3ZJ2WJG4R
cf-ray: 8d9a841e2d3d21fd-MIA
accept-ranges: bytes
content-length: 10918
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK core.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 290 KB
77 KB 62ms
62ms Script
application/javascript 43.152.183.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=250225372524503&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.183.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

Content-MD5: i6zSW0hdN+sW3Egwa6IiGg==
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
Content-Encoding: gzip
x-ks-client-ip: 38.132.118.75
x-oss-object-type: Normal
kwaisign: NULL
Expires: Wed, 20 Nov 2024 23:34:45 GMT
Date: Mon, 21 Oct 2024 23:34:45 GMT
x-oss-server-time: 63
Last-Modified: Wed, 11 Sep 2024 08:21:14 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-cache
X-NWS-LOG-UUID: 2302027125911514124
X-Ks-Cache: Hit from 43.152.183.15
x-oss-hash-crc64ecma: 1814864409054748518
Connection: keep-alive
Accept-Ranges: bytes
X-Ks-Request-ID: 2302027125911514124
Access-Control-Allow-Origin: *
Content-Length: 77865
x-oss-request-id: 6716E515F99EB536352D4D18
X-Cache-Lookup: Cache Hit
Server: Lego Server

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 71 B
192 B 671ms
330ms XHR
text/plain 23.213.158.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8af9fce0f6c5d56299f11c570a15aa643741e8988ac03d5bfad3baa7eee223fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://prada55promo.com/

Response headers

access-control-allow-origin: https://prada55promo.com
content-length: 71
date: Mon, 28 Oct 2024 11:16:52 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 69 B
279 B 697ms
358ms XHR
text/plain 23.213.158.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4f48e07d4badf688eabd3f6d41ec549efa30912b35afd95bcf5872fdfbb9e41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://prada55promo.com/

Response headers

access-control-allow-origin: https://prada55promo.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69
date: Mon, 28 Oct 2024 11:16:52 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true

GET
H2 200 getPixelConfig Show response
ads.mythad.com/rest/n/adintl/ad/ 2 KB
991 B 494ms
328ms XHR
application/json 2600:1408:8c00::172e:9632
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=250225372524503&pageId=pageId-1730114212078-9719935718912
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:8c00::172e:9632 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 1784fc451b051605bdfc070becac5db7a03139f3bfe826f8375ad51455bcc3f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://prada55promo.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 644
date: Mon, 28 Oct 2024 11:16:52 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ 0
0 754ms
752ms Preflight 2600:1408:8c00::172e:9632
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:8c00::172e:9632 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://prada55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://prada55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 28 Oct 2024 11:16:53 GMT

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 71 B
192 B 307ms
305ms XHR
text/plain 23.213.158.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec86d53bdccf598b836b8c7c91ad6dc4833cc8e1901c9fb8471a853721862129

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://prada55promo.com/

Response headers

access-control-allow-origin: https://prada55promo.com
content-length: 71
date: Mon, 28 Oct 2024 11:16:52 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true

GET
H/1.1 200
OK checkPixel.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 126 KB
40 KB 63ms
62ms Script
application/javascript 43.152.183.15
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250225372524503&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.183.15 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://prada55promo.com/

Response headers

Content-MD5: AW9CEWCiJefwVj7zcti69w==
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
x-oss-storage-class: Standard
Content-Encoding: gzip
x-ks-client-ip: 38.132.118.75
x-oss-object-type: Normal
kwaisign: NULL
Expires: Thu, 21 Nov 2024 01:18:14 GMT
Date: Tue, 22 Oct 2024 01:18:14 GMT
x-oss-server-time: 12
Last-Modified: Mon, 27 May 2024 07:18:27 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Cache-Control: no-cache
X-NWS-LOG-UUID: 7190408722026371328
X-Ks-Cache: Hit from 43.152.183.15
x-oss-hash-crc64ecma: 11760214008123873659
Connection: keep-alive
Accept-Ranges: bytes
X-Ks-Request-ID: 7190408722026371328
Access-Control-Allow-Origin: *
Content-Length: 39769
x-oss-request-id: 6716FD5627D30E3530AC8C37
X-Cache-Lookup: Cache Hit
Server: Lego Server

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
985 B 281ms
280ms XHR
application/json 23.213.158.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4f9d38cc261cafb2a4082b02c47885bbde39f0b0327e8c7b08c9726fb532303

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://prada55promo.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://prada55promo.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 966
date: Mon, 28 Oct 2024 11:16:53 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding

POST
H3 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
1 KB 304ms
289ms XHR
application/json 23.213.158.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 890063b2aef94afbf51ac1a48ea6f6c054c2cf1ee92ec23a8495708ca9caa2f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://prada55promo.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://prada55promo.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1029
date: Mon, 28 Oct 2024 11:16:53 GMT
content-type: application/json;charset=utf-8
vary: Accept-Encoding

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ 0
0 720ms
720ms Preflight 2600:1408:8c00::172e:9632
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:8c00::172e:9632 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://prada55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://prada55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Mon, 28 Oct 2024 11:16:53 GMT

POST
H3 200 checkPixelCompress Show response
ads.mythad.com/rest/n/adintl/ad/ 145 B
165 B 1014ms
855ms XHR
application/json 23.213.158.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/checkPixel.js?sdkid=250225372524503&lib=kwaiq
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f21727d98c01147d8ed16bf44363eea768a17ba3f5dbcbd6b127fcd8f3d693e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://prada55promo.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
quic-version: 0x00000001
access-control-allow-origin: https://prada55promo.com
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 146
date: Mon, 28 Oct 2024 11:16:54 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding

OPTIONS
H3 200 checkPixelCompress
ads.mythad.com/rest/n/adintl/ad/ 0
0 285ms
284ms Preflight 23.213.158.27
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/checkPixelCompress
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 23.213.158.27 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-27.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://prada55promo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://prada55promo.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Mon, 28 Oct 2024 11:16:53 GMT
quic-version: 0x00000001

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 72 B
193 B 306ms
302ms XHR
text/plain 23.213.158.14
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=250225372524503&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.158.14 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-158-14.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6b586f8b8201f437584e979839bc5b6deff2b6b6587aeafc8549a58475c21adb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://prada55promo.com/

Response headers

access-control-allow-origin: https://prada55promo.com
content-length: 72
date: Mon, 28 Oct 2024 11:16:53 GMT
content-type: text/plain;charset=UTF-8
access-control-allow-credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nolimitcity.com
URL: https://nolimitcity.com/img/site-img/nolimit-city.png

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sitestatic.net/	1970-01-21 00:35:16	Name: __cf_bm Value: 9MMD8tBEsM_6RU9YfCSfpVLS3wdChawdhEc2IJ1A47A-1730114210-1.0.1.1-t5.iUr.sNSvrC7hR1r_SKjwBwkO_HwvMdqtUdeKx6nYMqBbDFg2ytYWf7vOTbqcgIO0lnt7xhhdICKaoT0zlow
prada55promo.com/	1970-01-21 09:20:50	Name: _did Value: web_713623253AEE7679
.mythad.com/	1970-01-21 10:11:14	Name: kwai_ckid Value: 1730114212407_18678947063531041
.prada55promo.com/	1970-01-21 09:20:50	Name: kwai_uuid Value: bc344e6f9317e273a1df2b0ce9f9d029
.prada55promo.com/	1970-01-21 00:36:40	Name: _k_cp Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://prada55promo.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A0601D0084110000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.mythad.com
casinobonus.ug
cdn.ampproject.org
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
imgbob.online
logsdk.kwai-pro.com
nolimitcity.com
prada55promo.com
s1.kwai.net
www.eptmc.org
www.realindependentschools.org
nolimitcity.com
169.197.85.95
172.67.204.113
172.67.205.171
173.194.175.94
23.213.158.14
23.213.158.27
2600:1408:8c00::172e:9632
2606:4700:3035::ac43:c910
2606:4700:3035::ac43:d9b3
2606:4700:3036::6815:453e
2607:f8b0:4004:c09::84
2607:f8b0:400d:c04::5f
43.152.183.15
45.194.53.81
049cb844f02b6529ffff3623141757e38b201cc22ec93a4787d621299bbe10ea
0866092b481064c53207f2806ab6bc825bac3c3a6f18afdd2fc615ee01261eb1
0bb318a55fd5c4cb3b70b488f5ce46c858a63f0e320ba17a364bf210b5ebda70
13c490590b79d11ffaefaa9a22dfa92b060c26334dfa9dd37b8e80fb6d73b0f3
151cff8eecd6be2efc64617ff0ba8d9065430dd6f7970400cde4bc08784212d6
1784fc451b051605bdfc070becac5db7a03139f3bfe826f8375ad51455bcc3f1
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
443aba7d3da98ae4a36ce4e9251a6187af1b010f0570967bdb2e957608d952bc
46a80e8140b471d5cec884736f6fe4dd1480da5620b6581116c19e6f52f57010
4d0120ec3324c4365d736c9014da05fcd36c788aff5488fc0cd3b5235ab666df
6b586f8b8201f437584e979839bc5b6deff2b6b6587aeafc8549a58475c21adb
890063b2aef94afbf51ac1a48ea6f6c054c2cf1ee92ec23a8495708ca9caa2f5
8af9fce0f6c5d56299f11c570a15aa643741e8988ac03d5bfad3baa7eee223fa
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
9bbd1cce0503084c58f2c1c9266e237a116c56ae6a995fdafd731c5ea73857ae
a234e6837f4eed571ea9d6ec92414bce559f723264e5b0fa0686163fb53e4312
a2c6fa173f8a8603a0a1984d705f3e49fe9f1173732cd6f68bbd8ef27d3cb092
a3a4b8a8111fe31596e204f6898e7d2e15ba5ee5bfe4542a3a208ddc96829951
a41f008d33217b2f3863fc73ba245a728ed6e993ea4cc70f5481740a96cb703d
bc36522e2d2fb078e01f803d68241d42e78a8b1e623ae80c6d29b7f069a8643f
c8da6b8870aeb38f2ff3528402fc81a4960ab5c86f629e3526d6b36f96a92e87
cd6dd32ba99720b425c4504d001276db9059403f1c3176bf577b24c93a21c96e
cf6b700a2cfbabc99c54003a5771805c3a27e9535af1d5fd3daebcd3f4d966ce
d4f9d38cc261cafb2a4082b02c47885bbde39f0b0327e8c7b08c9726fb532303
d6d52135e118c715139674db3041453baea41a2b8a40cde8473edf98c64bed9c
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
ec86d53bdccf598b836b8c7c91ad6dc4833cc8e1901c9fb8471a853721862129
f21727d98c01147d8ed16bf44363eea768a17ba3f5dbcbd6b127fcd8f3d693e0
f4f48e07d4badf688eabd3f6d41ec549efa30912b35afd95bcf5872fdfbb9e41
f7e42b5c4f7bac1ea15124056acdd7be3330d23cda750a1f1af900c58315c4bb

prada55promo.com Open in urlscan Pro 2606:4700:3036::6815:453e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

94 %HTTPS

43 %IPv6

14 Domains

14 Subdomains

14 IPs

2 Countries

2552 kBTransfer

3109 kBSize

5 Cookies

1 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

prada55promo.com Open in urlscan Pro
2606:4700:3036::6815:453e Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

94 %
HTTPS

43 %
IPv6

14
Domains

14
Subdomains

14
IPs

2
Countries

2552 kB
Transfer

3109 kB
Size

5
Cookies

34 HTTP transactions
2 data transactions