urlscan.io logo urlscan.io
SecurityTrails logo

offer.alibaba.com Open in urlscan Pro
23.9.171.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.alibaxba.com/
Effective URL: https://offer.alibaba.com/cps/07b6m6k5?bm=cps&src=saf
Submission: On August 05 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 5 domains to perform 10 HTTP transactions. The main IP is 23.9.171.74, located in United States and belongs to AKAMAI-AS, US. The main domain is offer.alibaba.com. The Cisco Umbrella rank of the primary domain is 69674.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 14th 2024. Valid for: 9 months.
This is the only time offer.alibaba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
4 107.180.25.236 400754 (GO-DADDY-...)
1 23.9.171.74 16625 (AKAMAI-AS)
10 3
Apex Domain
Subdomains		 Transfer
4 yaap.com
yaap.com
14 KB
1 alibaba.com
offer.alibaba.com — Cisco Umbrella Rank: 69674
1 KB
1 alibaxba.com
www.alibaxba.com
311 B
0 alicdn.com Failed
bixi.alicdn.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
10 5
Domain Requested by
4 yaap.com yaap.com
1 offer.alibaba.com
1 www.alibaxba.com 1 redirects
0 bixi.alicdn.com Failed offer.alibaba.com
0 fonts.googleapis.com Failed yaap.com
10 5

This site contains links to these domains. Also see Links.

Domain
bixi.alicdn.com
Subject Issuer Validity Valid
yaap.com
Sectigo RSA Domain Validation Secure Server CA		 2024-03-10 -
2025-03-10		 a year crt.sh
air.alibaba.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-06-14 -
2025-03-26		 9 months crt.sh

This page contains 1 frames:

Frame: https://bixi.alicdn.com/punish/punish:resource:template:ICBUSpace:default_34131879.html?qrcode=M2KVpaAcLzXpcUBL0OLuQw|ZrAhIg|Winodw_0&uuid=336295a5a01c2f35e971404bd0e2ee43&action=wait&origin=https%3A%2F%2Foffer.alibaba.com%3A443%2Fcps%2F07b6m6k5
Frame ID: 3D54CA930ED61CC8B01787DB4090E6BC
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.alibaxba.com/ HTTP 301
    http://yaap.com/redirect.php?id=12 HTTP 307
    https://yaap.com/redirect.php?id=12 Page URL
  2. https://offer.alibaba.com/cps/07b6m6k5?bm=cps&src=saf Page URL

Page Statistics

10
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

1
Countries

15 kB
Transfer

17 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.alibaxba.com/ HTTP 301
    http://yaap.com/redirect.php?id=12 HTTP 307
    https://yaap.com/redirect.php?id=12 Page URL
  2. https://offer.alibaba.com/cps/07b6m6k5?bm=cps&src=saf Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.alibaxba.com/ HTTP 301
  • http://yaap.com/redirect.php?id=12 HTTP 307
  • https://yaap.com/redirect.php?id=12

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.php
yaap.com/
Redirect Chain
  • https://www.alibaxba.com/
  • http://yaap.com/redirect.php?id=12
  • https://yaap.com/redirect.php?id=12
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yaap.com/redirect.php?id=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.25.236 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
236.25.180.107.host.secureserver.net
Software
Apache / PHP/7.3.33
Resource Hash
42f41f0c81353a760eae90148b861936660e33a84b0617682f70ac06bf91985a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
1029
content-type
text/html; charset=UTF-8
date
Mon, 05 Aug 2024 00:47:28 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

Location
https://yaap.com/redirect.php?id=12
Non-Authoritative-Reason
HttpsUpgrades
logo.png
yaap.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaap.com/images/logo.png
Requested by
Host: yaap.com
URL: https://yaap.com/redirect.php?id=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.25.236 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
236.25.180.107.host.secureserver.net
Software
Apache /
Resource Hash
726678d436c06fc3b62b5e91884b7283a2095167b91afe6a8b506ed6c469c572

Request headers

Referer
https://yaap.com/redirect.php?id=12
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:47:29 GMT
last-modified
Fri, 22 Nov 2019 21:46:30 GMT
server
Apache
accept-ranges
bytes
etag
"34b2737-1e0e-597f658bbb980"
content-length
7694
content-type
image/png
loading.gif
yaap.com/images/ 		765 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaap.com/images/loading.gif
Requested by
Host: yaap.com
URL: https://yaap.com/redirect.php?id=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.25.236 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
236.25.180.107.host.secureserver.net
Software
Apache /
Resource Hash
ecb3006b9f1882ff4eb09912a9d3b03b61bdd2b07061d6f27e7a2f6d8edd84cb

Request headers

Referer
https://yaap.com/redirect.php?id=12
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:47:29 GMT
last-modified
Fri, 22 Nov 2019 17:42:23 GMT
server
Apache
accept-ranges
bytes
etag
"34b2799-2fd-597f2efb43dc0"
content-length
765
content-type
image/gif
157530538989.png
yaap.com/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yaap.com/img/157530538989.png
Requested by
Host: yaap.com
URL: https://yaap.com/redirect.php?id=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.25.236 Ashburn, United States, ASN400754 (GO-DADDY-COM-LLC, US),
Reverse DNS
236.25.180.107.host.secureserver.net
Software
Apache /
Resource Hash
0e1536bc4237bfba8d023ebf3e74d9a65d2827ecc292ebf6ac4c69f8817fbc43

Request headers

Referer
https://yaap.com/redirect.php?id=12
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 00:47:29 GMT
last-modified
Mon, 02 Dec 2019 16:49:49 GMT
server
Apache
accept-ranges
bytes
etag
"34b2853-1117-598bb5e1fc540"
content-length
4375
content-type
image/png
bootstrap.min.css
yaap.com/css/ 		0
0
css
fonts.googleapis.com/ 		0
0
Primary Request 07b6m6k5
offer.alibaba.com/cps/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer.alibaba.com/cps/07b6m6k5?bm=cps&src=saf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.171.74 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-171-74.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
c4bd2a146819aab61c9d7873b6f647d546ea220ae6aeabbb917fab8dc9888473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://yaap.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, DELETE
alt-svc
h3=":443"; ma=2592000
bxpunish
1
cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
574
content-type
text/html;charset=UTF-8
date
Mon, 05 Aug 2024 00:47:30 GMT
eagleid
2101eeae17228188507286575e2045
edge-type
akamai
expires
Mon, 05 Aug 2024 00:47:30 GMT
pragma
no-cache
server
Tengine
server-timing
rt;dur=0.005,eagleid;desc=2101eeae17228188507286575e2045
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x5-punish-cache
miss
x5-punish-cache-expires
3000
favicon.ico
yaap.com/ 		0
0
favicon.ico
yaap.com/ 		0
0
punish:resource:template:ICBUSpace:default_34131879.html
bixi.alicdn.com/punish/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yaap.com
URL
http://yaap.com/css/bootstrap.min.css
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans+Condensed:700
Domain
yaap.com
URL
http://yaap.com/favicon.ico
Domain
yaap.com
URL
http://yaap.com/favicon.ico
Domain
bixi.alicdn.com
URL
https://bixi.alicdn.com/punish/punish:resource:template:ICBUSpace:default_34131879.html?qrcode=M2KVpaAcLzXpcUBL0OLuQw|ZrAhIg|Winodw_0&uuid=336295a5a01c2f35e971404bd0e2ee43&action=wait&origin=https%3A%2F%2Foffer.alibaba.com%3A443%2Fcps%2F07b6m6k5

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| host object| parts object| exp number| maxAge string| cookie object| _config_

1 Cookies

Domain/Path Name / Value
yaap.com/ Name: PHPSESSID
Value: 79f600a135d2e245c17fee1181021c98

10 Console Messages

Source Level URL
Text
security warning URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure element 'http://yaap.com/images/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure element 'http://yaap.com/images/loading.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure element 'http://yaap.com/img/157530538989.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://yaap.com/redirect.php?id=12(Line 7)
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure stylesheet 'http://yaap.com/css/bootstrap.min.css'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://yaap.com/redirect.php?id=12(Line 12)
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:700'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure element 'http://yaap.com/images/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure element 'http://yaap.com/images/loading.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure element 'http://yaap.com/img/157530538989.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure favicon 'http://yaap.com/favicon.ico'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://yaap.com/redirect.php?id=12
Message:
Mixed Content: The page at 'https://yaap.com/redirect.php?id=12' was loaded over HTTPS, but requested an insecure favicon 'http://yaap.com/favicon.ico'. This request has been blocked; the content must be served over HTTPS.