onelink.shein.com
Open in
urlscan Pro
172.64.151.183
Public Scan
Submitted URL: https://jenkins.auth.huynhtiendat.com/
Effective URL: https://onelink.shein.com/4/41egbw2ht6o2
Submission: On September 29 via automatic, source certstream-suspicious — Scanned from DE
Effective URL: https://onelink.shein.com/4/41egbw2ht6o2
Submission: On September 29 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 10 IPs
in 4 countries
across 11 domains to perform 27 HTTP transactions.
The main IP is 172.64.151.183, located in
San Francisco, United States and
belongs to CLOUDFLARENET, US.
The main domain is onelink.shein.com.
The Cisco Umbrella rank of the primary domain is 99369.
TLS certificate: Issued by Secure Site CA G2 on February 18th 2024. Valid for: a year.
This is the only time onelink.shein.com was scanned on urlscan.io!
TLS certificate: Issued by Secure Site CA G2 on February 18th 2024. Valid for: a year.
This is the only time onelink.shein.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 172.232.26.145 172.232.26.145 | 63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud) | |
| 1 2 | 3.33.192.145 3.33.192.145 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 130.211.29.114 130.211.29.114 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 2 | 35.241.15.240 35.241.15.240 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 173.239.53.32 173.239.53.32 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
| 2 | 2a00:c98:2030... 2a00:c98:2030:a025:9:: | 28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10) | |
| 1 | 2400:52e0:1e0... 2400:52e0:1e00::1047:1 | 60068 (CDN77 _) (CDN77 _) | |
| 5 | 139.45.196.64 139.45.196.64 | 9002 (RETN-AS) (RETN-AS) | |
| 2 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 2 9 | 139.45.197.242 139.45.197.242 | 9002 (RETN-AS) (RETN-AS) | |
| 1 1 | 2a02:128:7:54... 2a02:128:7:5427::2 | 50245 (SERVEREL-AS) (SERVEREL-AS) | |
| 1 5 | 172.64.151.183 172.64.151.183 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 27 | 10 |
1
172.232.26.145
(Chicago, United States)
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-232-26-145.ip.linodeusercontent.com
ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-232-26-145.ip.linodeusercontent.com
| jenkins.auth.huynhtiendat.com |
2
3.33.192.145
(United States)
ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com
| exploretop-a.online |
1
130.211.29.114
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com
| cdn.perfdrive.com |
2
35.241.15.240
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
| cas.avalon.perfdrive.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
whinairith.net
2 redirects
whinairith.net |
19 KB |
| 5 |
shein.com
1 redirects
onelink.shein.com — Cisco Umbrella Rank: 99369 www.shein.com Failed |
7 KB |
| 5 |
glizoakri.net
glizoakri.net — Cisco Umbrella Rank: 171890 |
15 KB |
| 3 |
247987.com
rt.247987.com hop.247987.com |
3 KB |
| 3 |
perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 46544 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12960 |
90 KB |
| 2 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 8986 |
984 B |
| 2 |
exploretop-a.online
1 redirects
exploretop-a.online — Cisco Umbrella Rank: 295590 |
21 KB |
| 1 |
vasstycom.com
1 redirects
kts.vasstycom.com — Cisco Umbrella Rank: 80034 |
285 B |
| 1 |
boardpress-c.online
1 redirects
xml-v4.boardpress-c.online — Cisco Umbrella Rank: 142223 |
676 B |
| 1 |
huynhtiendat.com
1 redirects
jenkins.auth.huynhtiendat.com |
372 B |
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 27 | 11 |
| Domain | Requested by | |
|---|---|---|
| 9 | whinairith.net |
2 redirects
glizoakri.net
whinairith.net |
| 5 | onelink.shein.com |
1 redirects
onelink.shein.com
|
| 5 | glizoakri.net |
hop.247987.com
glizoakri.net |
| 2 | my.rtmark.net |
glizoakri.net
whinairith.net |
| 2 | rt.247987.com |
exploretop-a.online
|
| 2 | cas.avalon.perfdrive.com |
cdn.perfdrive.com
|
| 2 | exploretop-a.online | 1 redirects |
| 1 | kts.vasstycom.com | 1 redirects |
| 1 | hop.247987.com | |
| 1 | xml-v4.boardpress-c.online | 1 redirects |
| 1 | cdn.perfdrive.com |
exploretop-a.online
|
| 1 | jenkins.auth.huynhtiendat.com | 1 redirects |
| 0 | www.shein.com Failed |
onelink.shein.com
|
| 0 | applink Failed |
onelink.shein.com
|
| 27 | 14 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| exploretop-a.online Amazon RSA 2048 M02 |
2024-09-16 - 2025-10-15 |
a year | crt.sh |
| *.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2024-09-20 - 2025-09-26 |
a year | crt.sh |
| cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2 |
2024-07-26 - 2025-08-05 |
a year | crt.sh |
| rt.247987.com R10 |
2024-08-30 - 2024-11-28 |
3 months | crt.sh |
| hop.247987.com R10 |
2024-09-03 - 2024-12-02 |
3 months | crt.sh |
| glizoakri.net R11 |
2024-08-12 - 2024-11-10 |
3 months | crt.sh |
| rtmark.net R11 |
2024-08-30 - 2024-11-28 |
3 months | crt.sh |
| whinairith.net R10 |
2024-07-23 - 2024-10-21 |
3 months | crt.sh |
| *.shein.com Secure Site CA G2 |
2024-02-18 - 2025-03-20 |
a year | crt.sh |
This page contains 2 frames:
Frame:
https://www.shein.com/transit?journey_name=4/41egbw2ht6o2&deeplink=sheinlink://applink/pushtoweb2?data%3D%257B%2522url%2522%253A%2522https%253A%252F%252Fapi-shein.shein.com%252Fugrowth%252Fgame%252Fmoney-spin%252Fgame-moneyspin-1117%252Finvitation%253Fsite_uid%253Dandshus%2526currency%253DUSD%2526localcountry%253Dus%2526language%253Den%2526type%253Dimmersive%2526game_from%253Donelink%2526shortShareCode%253D0cu9uxek%2526shareCode%253D%25257EEPnTj5Up7p4IDDEM*jp5Td7RQ5X4BRSLV*qN*laFmWilelzkVs63gmybhaibIa9R6cHJ5DWCLBPatXBFx6bSxpBn3%25257EMQs990jXGVde6Yklz6ToOBs5VrK9kERO*2hs0%2526url_from%253D0cu9uxek_1735919880000%2526channel%253DcopyInviteLink%2526hourTimestamp%253D1727589600000%2522%252C%2522activity_sign%2522%253A%2522game_fission_moneyspin%2522%252C%2522stm_src%2522%253A%2522ug%2522%257D&scene=onelink&url_from=
Frame ID: 5CABBF076179102AB9DF2953ADE4CF0C
Requests: 25 HTTP requests in this frame
Frame:
https://onelink.shein.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: CC987514DBAD3B4D8B493869BC9933E2
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Win up to 500 Wallet Credits!Page URL History Show full URLs
-
https://jenkins.auth.huynhtiendat.com/
HTTP 302
http://exploretop-a.online/api/v1/px?xmlid=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5 HTTP 307
https://exploretop-a.online/api/v1/px?xmlid=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5 Page URL
-
https://exploretop-a.online/api/v1/pxcheck?impId=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5&minfo=eyJjb29r...
HTTP 302
http://xml-v4.boardpress-c.online/click?i=D5YTFdrNfo4_0 HTTP 307
https://xml-v4.boardpress-c.online/click?i=D5YTFdrNfo4_0 HTTP 302
https://rt.247987.com/661bf2044205e80001306877?source=687057.dee1056feb06060f441255311&pubfeed=687... Page URL
- https://hop.247987.com/coconut.html?&var=debug&ymid=66f8f30c38e65c514fd2846a&ip=2a03%3A1b20%3Ab%3Af... Page URL
- https://glizoakri.net/link?z=6145541&var=debug&ymid=66f8f30c38e65c514fd2846a Page URL
-
https://whinairith.net/?z=6145542&syncedCookie=true&rhd=false
HTTP 302
https://whinairith.net/4/6118780?var=6145542&btz=Europe/Berlin&bto=-120&bar=x Page URL
-
https://whinairith.net/?z=6118780&syncedCookie=true&rhd=false
HTTP 302
https://kts.vasstycom.com/in/2660/?katds_ep=txpuV0CKYf524D1HV9Hckzt4o-fpwP2bzcZIqorftu74uho4WhUmqW5niI... HTTP 302
https://onelink.shein.com/4/41egbw2ht6o2 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://jenkins.auth.huynhtiendat.com/
HTTP 302
http://exploretop-a.online/api/v1/px?xmlid=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5 HTTP 307
https://exploretop-a.online/api/v1/px?xmlid=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5 Page URL
-
https://exploretop-a.online/api/v1/pxcheck?impId=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9leHBsb3JldG9wLWEub25saW5lL2FwaS92MS9weD94bWxpZD12WUJDSFFDRFo3N2poWjFoNTA4WEx6RU1sVFVMV3J0RjBrRGZzc0I1IiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0=
HTTP 302
http://xml-v4.boardpress-c.online/click?i=D5YTFdrNfo4_0 HTTP 307
https://xml-v4.boardpress-c.online/click?i=D5YTFdrNfo4_0 HTTP 302
https://rt.247987.com/661bf2044205e80001306877?source=687057.dee1056feb06060f441255311&pubfeed=687057&country=de&carrier=31173+Services+AB&app_bundle=&pubzone=&pubpoint=687057&publisher=32210&subid=dee1056feb06060f441255311&original_subid=dee1056feb06060f441255311&source_subid=dee1056feb06060f441255311&source_original_subid=dee1056feb06060f441255311&request_id=D5YTFdrNfo4_0&site_id=&banner=6494916&keyword=*&query=general&referrer=&referrer_domain=&search_referrer_domain=huynhtiendat.com&ref_id=xrPKyeAQuiU&cost=0.0001 Page URL
- https://hop.247987.com/coconut.html?&var=debug&ymid=66f8f30c38e65c514fd2846a&ip=2a03%3A1b20%3Ab%3Af011%3A%3A1e&country=DE&cost=0.0001&rdtrckcbp=1727591180 Page URL
- https://glizoakri.net/link?z=6145541&var=debug&ymid=66f8f30c38e65c514fd2846a Page URL
-
https://whinairith.net/?z=6145542&syncedCookie=true&rhd=false
HTTP 302
https://whinairith.net/4/6118780?var=6145542&btz=Europe/Berlin&bto=-120&bar=x Page URL
-
https://whinairith.net/?z=6118780&syncedCookie=true&rhd=false
HTTP 302
https://kts.vasstycom.com/in/2660/?katds_ep=txpuV0CKYf524D1HV9Hckzt4o-fpwP2bzcZIqorftu74uho4WhUmqW5niIKxc6Sp4tDudSBglNqeNM10Atm4Bi5os8_YidMVKJBuDsBxtscQPQH57sQHpfmqFSFfG_Tdhz_9juPhsDRlM1ArrXhaikApo0hqWQHTxe7kbufKdmWbTXT_0_k2gxIudARJK4vEFgk8aPVQls0mw-JmKY6EW9xr77K3VzkB7PGnS-ORb1UY7nlZ8REn5jPpLmMy71dlrt16HrfOUsUcXCZ-TBcMZGjJUB8VbxDGf3wwhnUViXCFWHfSJ8CqpjW3aNuYDnPAmU7LhWqtt_RlKDaJbVBVsuRUF0XvZPRydLee7gI3HmYFws8rWpiWQrn6hMejYOo8HncB9tvVUZ_bCObqTlcIfgZVdysGrxK3xzVfsimAxoh86FbX8iFOvlAmMPeZj3ivA1uJkLToCX0OCqnCFf4Y9S4lFZfLyzm7rulWnGX_lJkv8ycMM8MarBn3IIzJm4Axvu-75V-WeK7H3NSrh6TMeRtf0XKbPu-dDvLlWw55uaYX_W-6Z7VJ5m39HkSpfEKTPEF4XZjf4TWgjqz-BHHv21eL2PJIlEok5sJi0QLzR5MiciSawppc9H1ylFl_UXGDHG-Urg2LVbwjPL-K3gkNPYDb2NqnkEQFTGhDDMssS24VH-etrcjoxwzaOzQWILw9X6G_gR9Eam2K1c5Sl1zlncuDmY8cJK_6yoJmLMjah5O8VdXKZyqE44Fe8N2mGFTe62YE-F3iD8v5_AbdWUcYcxPN7L_xJO0jhU1j3AslAL2Klq2BTegR_JzBUM_rZ3DXpC-RXFBTHptOMEu5LPnMFLwlEIs3Kwr6D33CK8ujmmt1buRBF37BFV6Q4fLdx8N61iYp_9yOvbtiRzfDUE16FAhZTtVU2-nGbjTJrYL4B9mAXyb-YkQJdLsNQfI01loJ4p4LSqrROLoXjo4v4QCgXVeCZgT8szROsmZ3 HTTP 302
https://onelink.shein.com/4/41egbw2ht6o2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://jenkins.auth.huynhtiendat.com/ HTTP 302
- http://exploretop-a.online/api/v1/px?xmlid=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5 HTTP 307
- https://exploretop-a.online/api/v1/px?xmlid=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5
- https://exploretop-a.online/api/v1/pxcheck?impId=vYBCHQCDZ77jhZ1h508XLzEMlTULWrtF0kDfssB5&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJpZnJhbWUiOmZhbHNlLCJkZXZpY2VQaXhlbFJhdGlvIjoxLCJ3bmRMb2NIcmVmIjoiaHR0cHM6Ly9leHBsb3JldG9wLWEub25saW5lL2FwaS92MS9weD94bWxpZD12WUJDSFFDRFo3N2poWjFoNTA4WEx6RU1sVFVMV3J0RjBrRGZzc0I1IiwiZGV2aWNlU3JlZW5TaXplIjoiMTIwMHgxNjAwIiwiZGV2aWNlV2luZG93U2l6ZSI6IjEyMDB4MTYwMCIsInduZDJzcmNSYXRpb0x3cjA2IjpmYWxzZSwiZWZmZWN0aXZlVHlwZSI6IjRnIiwiaXNCb3QiOmZhbHNlLCJmQm90TmFtZSI6IiIsImZSZWFzb25zIjoiIn0= HTTP 302
- http://xml-v4.boardpress-c.online/click?i=D5YTFdrNfo4_0 HTTP 307
- https://xml-v4.boardpress-c.online/click?i=D5YTFdrNfo4_0 HTTP 302
- https://rt.247987.com/661bf2044205e80001306877?source=687057.dee1056feb06060f441255311&pubfeed=687057&country=de&carrier=31173+Services+AB&app_bundle=&pubzone=&pubpoint=687057&publisher=32210&subid=dee1056feb06060f441255311&original_subid=dee1056feb06060f441255311&source_subid=dee1056feb06060f441255311&source_original_subid=dee1056feb06060f441255311&request_id=D5YTFdrNfo4_0&site_id=&banner=6494916&keyword=*&query=general&referrer=&referrer_domain=&search_referrer_domain=huynhtiendat.com&ref_id=xrPKyeAQuiU&cost=0.0001
- https://whinairith.net/?z=6145542&syncedCookie=true&rhd=false HTTP 302
- https://whinairith.net/4/6118780?var=6145542&btz=Europe/Berlin&bto=-120&bar=x
- https://onelink.shein.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://onelink.shein.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
27 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
px
exploretop-a.online/api/v1/ Redirect Chain
|
114 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
stormcaster.js
cdn.perfdrive.com/advanced/ |
240 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
360 B 505 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
jsdata
cas.avalon.perfdrive.com/ |
255 B 313 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
661bf2044205e80001306877
rt.247987.com/ Redirect Chain
|
299 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
coconut.html
hop.247987.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
rt.247987.com/ |
41 B 494 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
link
glizoakri.net/ |
29 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ |
43 B 492 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sftouch
whinairith.net/ |
43 B 653 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
add
glizoakri.net/log/ |
12 B 383 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
add
glizoakri.net/async_log/ |
0 337 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
glizoakri.net/ |
0 150 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6118780
whinairith.net/4/ Redirect Chain
|
29 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
glizoakri.net/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
img.gif
my.rtmark.net/ |
43 B 492 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sftouch
whinairith.net/ |
43 B 652 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
add
whinairith.net/log/ |
12 B 384 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
add
whinairith.net/async_log/ |
0 338 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
whinairith.net/ |
0 150 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
41egbw2ht6o2
onelink.shein.com/4/ Redirect Chain
|
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
whinairith.net/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.js
onelink.shein.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame CC98 Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
onelink.shein.com/ |
552 B 225 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
8ca9e6b9ea4444f8
onelink.shein.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame CC98 |
0 589 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
pushtoweb2
applink/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
transit
www.shein.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- applink
- URL
- sheinlink://applink/pushtoweb2?data=%7B%22url%22%3A%22https%3A%2F%2Fapi-shein.shein.com%2Fugrowth%2Fgame%2Fmoney-spin%2Fgame-moneyspin-1117%2Finvitation%3Fsite_uid%3Dandshus%26currency%3DUSD%26localcountry%3Dus%26language%3Den%26type%3Dimmersive%26game_from%3Donelink%26shortShareCode%3D0cu9uxek%26shareCode%3D%257EEPnTj5Up7p4IDDEM*jp5Td7RQ5X4BRSLV*qN*laFmWilelzkVs63gmybhaibIa9R6cHJ5DWCLBPatXBFx6bSxpBn3%257EMQs990jXGVde6Yklz6ToOBs5VrK9kERO*2hs0%26url_from%3D0cu9uxek_1735919880000%26channel%3DcopyInviteLink%26hourTimestamp%3D1727589600000%22%2C%22activity_sign%22%3A%22game_fission_moneyspin%22%2C%22stm_src%22%3A%22ug%22%7D
- Domain
- www.shein.com
- URL
- https://www.shein.com/transit?journey_name=4/41egbw2ht6o2&deeplink=sheinlink://applink/pushtoweb2?data%3D%257B%2522url%2522%253A%2522https%253A%252F%252Fapi-shein.shein.com%252Fugrowth%252Fgame%252Fmoney-spin%252Fgame-moneyspin-1117%252Finvitation%253Fsite_uid%253Dandshus%2526currency%253DUSD%2526localcountry%253Dus%2526language%253Den%2526type%253Dimmersive%2526game_from%253Donelink%2526shortShareCode%253D0cu9uxek%2526shareCode%253D%25257EEPnTj5Up7p4IDDEM*jp5Td7RQ5X4BRSLV*qN*laFmWilelzkVs63gmybhaibIa9R6cHJ5DWCLBPatXBFx6bSxpBn3%25257EMQs990jXGVde6Yklz6ToOBs5VrK9kERO*2hs0%2526url_from%253D0cu9uxek_1735919880000%2526channel%253DcopyInviteLink%2526hourTimestamp%253D1727589600000%2522%252C%2522activity_sign%2522%253A%2522game_fission_moneyspin%2522%252C%2522stm_src%2522%253A%2522ug%2522%257D&scene=onelink&url_from=
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| url string| deeplink string| onelink string| userAgentStr23 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .exploretop-a.online/ | Name: __ssds Value: 2 |
|
| .exploretop-a.online/ | Name: __ssuzjsr2 Value: a9be0cd8e |
|
| .exploretop-a.online/ | Name: __uzmaj2 Value: 16db9e46-1526-45b3-82e7-d7819874cc70 |
|
| .exploretop-a.online/ | Name: __uzmbj2 Value: 1727591180 |
|
| .exploretop-a.online/ | Name: __uzmcj2 Value: 553241069726 |
|
| .exploretop-a.online/ | Name: __uzmdj2 Value: 1727591180 |
|
| .exploretop-a.online/ | Name: __uzmlj2 Value: Fup0sbqwczjcni1KrwYKNOPGmZsmB5uZuuVIzU9bHuE= |
|
| .exploretop-a.online/ | Name: __uzmfj2 Value: 7f60002866fd1a-e5bb-4c46-a46d-62f4c2e7debc17275911802940-c598a5c921415ae610 |
|
| .rt.247987.com/ | Name: redcmps Value: W3siaWQiOiI2NjFiZjIwNDQyMDVlODAwMDEzMDY4NzciLCJ0IjoiMjAyNC0wOS0yOVQwNjoyNjoyMC45NzU3MTAyOThaIn1d |
|
| .rt.247987.com/ | Name: redhash Value: NjZmOGYzMGMzOGU2NWM1MTRmZDI4NDZhfDB8NjYxYmYyMDQ0MjA1ZTgwMDAxMzA2ODc3fHwzMWY4NTIxZC0zNTRiLTRmZTAtOGQ0Mi0zYjczNTEyM2U4NjZ8MTcyNzU5MTE4MA== |
|
| glizoakri.net/ | Name: OAID Value: 0080e6775a95435cf3e0977b8fb3ddba |
|
| glizoakri.net/ | Name: oaidts Value: 1727591181 |
|
| glizoakri.net/ | Name: captcha Value: player |
|
| glizoakri.net/ | Name: allcnt Value: 1 |
|
| my.rtmark.net/ | Name: ID Value: 0080e6775a95435cf3e0977b8fb3ddba |
|
| whinairith.net/ | Name: oaidts Value: 1727591181 |
|
| whinairith.net/ | Name: captcha Value: player |
|
| whinairith.net/ | Name: OAID Value: 0080e6775a95435cf3e0977b8fb3ddba |
|
| whinairith.net/ | Name: syncedCookie Value: true |
|
| kts.vasstycom.com/ | Name: 2660.303275 Value: 1 |
|
| onelink.shein.com/ | Name: onelink_cookie Value: 531617230736457926 |
|
| .shein.com/ | Name: _cfuvid Value: DSegO0oCmnyz151eSUjJ1fmUCQz9YmHzrEfUjmk2f6M-1727591182586-0.0.1.1-604800000 |
|
| .shein.com/ | Name: cf_clearance Value: 7O.2W1lHJskvHHIozWOhbtcMPoGDCyG7CQQyX4omOUo-1727591182-1.2.1.1-TaflYPR0LEyKqgO85Yt2_UKGhq_16qqlw7T1NyFDaln7tcJJL0ZCBHKCjP12Lfmagzl7Kwh4nMFOkKLAIBGVmvmEgVT91QVVgi6.56VJN7dY9y_9YX1HALzIH_NmCpx963IquGzhuKnkoZluX5FdzRSdzkNarivkd3lX_ZijWrJgw7eisVt2bHN1hjlyK0bbW4H45RGJuVCsfN1OQk3tArJj6GW.hS1xr9vbvYBXJ5GlxX0g9.SXFGFCS6qw.yuSTkbf9hvpa9i20CCKwWkeDgdyBFAVR_jNiq4G92OMTgZKoV1S4RgfDG.Zgo3DsY3yBK5mZw0wfTWyAWIExbgxhYjOMLcF_FM0jrEZYDaMC_87YXy2NuA9DkUfuAf1k5.N |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
applink
cas.avalon.perfdrive.com
cdn.perfdrive.com
exploretop-a.online
glizoakri.net
hop.247987.com
jenkins.auth.huynhtiendat.com
kts.vasstycom.com
my.rtmark.net
onelink.shein.com
rt.247987.com
whinairith.net
www.shein.com
xml-v4.boardpress-c.online
applink
www.shein.com
130.211.29.114
139.45.195.8
139.45.196.64
139.45.197.242
172.232.26.145
172.64.151.183
173.239.53.32
2400:52e0:1e00::1047:1
2a00:c98:2030:a025:9::
2a02:128:7:5427::2
3.33.192.145
35.241.15.240
038f45b936c053b2851784ad4311fcdf265639eef00a82dbe9d881afed3e94aa
098369d7ee53d0d9b5abfd9c495eb9b1488f60a53937971dc6b45f2ca0ed9fc9
1606203846c1977f6b9eb8f226c623c77f73838df2a622556cfa3efd884c0c65
3b18d154cc21f5a17b0885fc8117b02ff603104718b120642ee23d3df98e993b
3d2478e2004efedc34bcb155d4f3f1af1ec20d4cd39554b56cebb135601c5e4f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
616b72cbcc49ad38138d91bed94be21327e7bb6db4a26b0d5d290c0cdbaa7370
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03
e39c55ccbb624623b33a5f5e02110091a94b84ffd1e660594069929d439116e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4565430f210cd9b8d666cf347be25167f8001650cb8f9d7905eebf663f54bd0
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7