urlscan.io logo urlscan.io
SecurityTrails logo

campaign.aliexpress.com Open in urlscan Pro
104.109.58.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Effective URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ign...
Submission: On April 03 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 6 countries across 9 domains to perform 18 HTTP transactions. The main IP is 104.109.58.65, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is campaign.aliexpress.com. The Cisco Umbrella rank of the primary domain is 42788.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 19th 2022. Valid for: a year.
This is the only time campaign.aliexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.21.19.158 13335 (CLOUDFLAR...)
1 2 69.16.175.10 20446 (STACKPATH...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 2 52.210.174.128 16509 (AMAZON-02)
1 1 108.138.7.87 16509 (AMAZON-02)
1 43.131.7.125 132203 (TENCENT-N...)
1 3 104.109.58.65 16625 (AKAMAI-AS)
1 1 104.109.95.137 16625 (AKAMAI-AS)
4 79.133.177.251 24429 (TAOBAO Zh...)
18 8
4    104.21.19.158 (None, )

ASN13335 (CLOUDFLARENET, US)
downl0ad.com.pl
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
releases.jquery.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
connect.knowledgepull.icu
2    52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
nostop.go2cloud.org
trk.parthole.xyz
1    108.138.7.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-87.fra56.r.cloudfront.net
bepartoukf.autos
1    43.131.7.125 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
paychat.fuse-cloud.com
3    104.109.58.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-58-65.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
campaign.aliexpress.com
assets.alicdn.com
1    104.109.95.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-95-137.deploy.static.akamaitechnologies.com
sale.aliexpress.com
4    79.133.177.251 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com
img.alicdn.com
Apex Domain
Subdomains		 Transfer
5 alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 6126
assets.alicdn.com — Cisco Umbrella Rank: 11129
img.alicdn.com
213 KB
4 downl0ad.com.pl
downl0ad.com.pl
21 KB
3 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 24587 Failed
sale.aliexpress.com — Cisco Umbrella Rank: 44028
campaign.aliexpress.com — Cisco Umbrella Rank: 42788
gpsfront.aliexpress.com Failed
acs.aliexpress.com Failed
17 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 756
releases.jquery.com — Cisco Umbrella Rank: 55456
33 KB
1 fuse-cloud.com
paychat.fuse-cloud.com — Cisco Umbrella Rank: 80978
2 KB
1 bepartoukf.autos
bepartoukf.autos
540 B
1 parthole.xyz
trk.parthole.xyz
2 KB
1 go2cloud.org
nostop.go2cloud.org — Cisco Umbrella Rank: 370961
523 B
1 knowledgepull.icu
connect.knowledgepull.icu
1 KB
18 9
Domain Requested by
4 downl0ad.com.pl downl0ad.com.pl
code.jquery.com
3 g.alicdn.com campaign.aliexpress.com
1 img.alicdn.com campaign.aliexpress.com
1 assets.alicdn.com campaign.aliexpress.com
assets.alicdn.com
1 campaign.aliexpress.com downl0ad.com.pl
1 sale.aliexpress.com 1 redirects
1 s.click.aliexpress.com paychat.fuse-cloud.com
1 paychat.fuse-cloud.com connect.knowledgepull.icu
1 bepartoukf.autos 1 redirects
1 trk.parthole.xyz 1 redirects
1 nostop.go2cloud.org connect.knowledgepull.icu
1 connect.knowledgepull.icu downl0ad.com.pl
1 releases.jquery.com downl0ad.com.pl
1 code.jquery.com 1 redirects
0 acs.aliexpress.com Failed g.alicdn.com
0 gpsfront.aliexpress.com Failed g.alicdn.com
18 16

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
*.go2cloud.org
Amazon RSA 2048 M02		 2023-02-21 -
2024-03-21		 a year crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-19 -
2023-12-19		 a year crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2022-07-22 -
2023-08-06		 a year crt.sh

This page contains 1 frames:

Primary Page: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Frame ID: 4D417312ED12A88277BAE28B6CDA78C5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux Page URL
  2. https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=4pbCbpFb&source=637673&title=Free%20Robux Page URL
  3. http://trk.parthole.xyz/aff_c?source=1962-637673&offer_id=360&aff_click_id=4pbCbpFb&aff_id=1962&aff_... HTTP 302
    https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=102a3e32c1464d10dc9e90c3c9a56e HTTP 302
    http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6598086868299798772&sc=947871 Page URL
  4. https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B043568A1680538257756945 HTTP 302
    https://sale.aliexpress.com/newuserzone_aff.htm?af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006... HTTP 301
    https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

44 %
HTTPS

0 %
IPv6

9
Domains

16
Subdomains

8
IPs

6
Countries

285 kB
Transfer

863 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux Page URL
  2. https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=4pbCbpFb&source=637673&title=Free%20Robux Page URL
  3. http://trk.parthole.xyz/aff_c?source=1962-637673&offer_id=360&aff_click_id=4pbCbpFb&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Free+Robux&url= HTTP 302
    https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=102a3e32c1464d10dc9e90c3c9a56e HTTP 302
    http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6598086868299798772&sc=947871 Page URL
  4. https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B043568A1680538257756945 HTTP 302
    https://sale.aliexpress.com/newuserzone_aff.htm?af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c HTTP 301
    https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://code.jquery.com/jquery-1.x-git.min.js HTTP 301
  • https://releases.jquery.com/git/jquery-1.x-git.min.js
Request Chain 7
  • http://trk.parthole.xyz/aff_c?source=1962-637673&offer_id=360&aff_click_id=4pbCbpFb&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Free+Robux&url= HTTP 302
  • https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=102a3e32c1464d10dc9e90c3c9a56e HTTP 302
  • http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6598086868299798772&sc=947871

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
E7JOd2Xh
downl0ad.com.pl/ 		698 B
1022 B 		Document
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f67183065f7f7afd72fafd8c3af562dd4870fddcb2482f5622b52928f5aa892

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7b22959d6990bf74-WAW
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 03 Apr 2023 16:10:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eKQ9ecOwwUTgVxcKZSpI7X2wVa8fF9Ku37cTDRVbjwt8aPwNxq1f8AISnT94%2BCMXM%2BM0dmBt%2Fz78gYKv5yBr%2FhCkHCbZzBsx30ewUomqW69bXJ6ti6Z7NuQwNKjFOowzUI%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.x-git.min.js
releases.jquery.com/git/
Redirect Chain
  • https://code.jquery.com/jquery-1.x-git.min.js
  • https://releases.jquery.com/git/jquery-1.x-git.min.js
95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://releases.jquery.com/git/jquery-1.x-git.min.js
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
H2
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
5a325cf127c6cf1272cd26810b58e77e7ed1364f3484bb2b6121060f383faceb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://downl0ad.com.pl/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 16:10:56 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2016 11:33:22 GMT
server
nginx
etag
"576a7782-17b4c"
x-hw
1680538255.dop201.wa1.t,1680538255.cds211.wa1.hn,1680538256.cds214.wa1.pr
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300, public
accept-ranges
bytes
content-length
33773

Redirect headers

date
Mon, 03 Apr 2023 16:10:55 GMT
content-encoding
gzip
server
nginx
x-hw
1680538255.dop201.wa1.t,1680538255.cds211.wa1.hn,1680538255.cds004.wa1.c
content-type
text/html
location
https://releases.jquery.com/git/jquery-1.x-git.min.js
cache-control
max-age=26039335
accept-ranges
bytes
content-length
131
03032020.js
downl0ad.com.pl/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/03032020.js
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128342db7f585729448247ba218d8dd821f4a4835b4c0dada288e2ab698be279

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 03 Apr 2023 16:10:55 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
408
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified
Tue, 03 Mar 2020 10:49:06 GMT
Server
cloudflare
ETag
W/"5e5e3622-11dcc"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktmhOV48bmj7xC01QXGlPCi0c6qzyon3tNyqxp6Xzd%2FWfs%2BrKfzI7P%2B%2FqCtFzQBuW4s8ySbuK8IrACoMzPimo7g9sbT9uD41Ippf4EP5X9vhDpP0ejI3DVBfQ%2Fe%2Fr5RqET0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=14400
CF-RAY
7b22959f0badbf74-WAW
ppicheck.php
downl0ad.com.pl/ 		20 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/ppicheck.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.x-git.min.js
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
*/*
Referer
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
X-Requested-With
XMLHttpRequest
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 03 Apr 2023 16:10:56 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9uXDFeDwH90G6T1TC%2FgBEkeJ%2B8Vs%2FdqwLOcpufKhTVoaCvFFe5seh4qZ2ITg5snwtZKVsCmtxbvx2z92ro%2BIKX8rDDJeJ5VIDZPCRER8HAL%2FTbgnqisyrzhb8WcNLXNC7U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
7b2295a48a30bf74-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
finger.php
downl0ad.com.pl/ 		0
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/finger.php
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/03032020.js
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

Date
Mon, 03 Apr 2023 16:10:56 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYUryWXfufpkMRv2OrNhkncMrysGhFWXkfpRtQVQ4UssVIAYAhbq2hnHRwzLweqw454DiLmJkyRkVbcKza83GR%2FY12jbg6C7Qrc1jj8TFbx%2B8ec38RLgssRhRS3SvlCzDxU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
7b2295a58b0abf74-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KJFKDNF723LJD35M9ELOPF73459F
connect.knowledgepull.icu/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=4pbCbpFb&source=637673&title=Free%20Robux
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/03032020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.27
Resource Hash
cde3336387f0114cd72fa63d9202892d8dafa889854223aa875f0662842b5d62

Request headers

Referer
http://downl0ad.com.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7b2295a72e9fbff3-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 03 Apr 2023 16:10:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aya4LqYbg5U%2FkNr3Z0a0Ku%2B5CQiEiPeH084ku7lAbtJv1w%2Bu9FExYBu3RIqauAsygEOqlv6wcSll7847yofIS0mDEgIV09UwuJJp4DsRNkHQyNSiPmcW7peQylRA7z8UmwTkYPvJ3v5xc7aT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.27
aff_i
nostop.go2cloud.org/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nostop.go2cloud.org/aff_i?offer_id=360&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=1962-637673&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Mobile%20Safari&adv_sub4=downl0ad.com.pl&adv_sub3=&adv_sub2=connect.knowledgepull.icu
Requested by
Host: connect.knowledgepull.icu
URL: https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=4pbCbpFb&source=637673&title=Free%20Robux
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://connect.knowledgepull.icu/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Mon, 03 Apr 2023 16:10:57 GMT
Content-Encoding
gzip
Server
nginx
Tracking_id
1026e9587f419cc24e1ca672c79e7d
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Tune-SDK-Version
X-Request-Id
00c5fcea3d6b8e3cd6b0b09224020045
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tl
paychat.fuse-cloud.com/
Redirect Chain
  • http://trk.parthole.xyz/aff_c?source=1962-637673&offer_id=360&aff_click_id=4pbCbpFb&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Free+Rob...
  • https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=102a3e32c1464d10dc9e90c3c9a56e
  • http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6598086868299798772&sc=947871
789 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6598086868299798772&sc=947871
Requested by
Host: connect.knowledgepull.icu
URL: https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=4pbCbpFb&source=637673&title=Free%20Robux
Protocol
HTTP/1.1
Server
43.131.7.125 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
8f764586d6c53ffcdd45c8b96924904c452d3576dc7d5774e94bf4bc27853d18

Request headers

Referer
https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=4pbCbpFb&source=637673&title=Free%20Robux
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
789
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Apr 2023 16:10:57 GMT
Expires
Sun, 06 Nov 1994 08:49:37 GMT
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
X-Robots-Tag
noindex, nofollow

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-length
0
content-type
text/plain
date
Mon, 03 Apr 2023 16:10:57 GMT
location
http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6598086868299798772&sc=947871
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-id
s-2knd001r1EcJ-VGTbuqpXC4hS61Xd-ESPwI6bqfbGAkm1BLWqr3w==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
_AStGHy
s.click.aliexpress.com/e/ 		0
0
Primary Request index
campaign.aliexpress.com/wow/gcp/new-user-channel/
Redirect Chain
  • https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B043568A1680538257756945
  • https://sale.aliexpress.com/newuserzone_aff.htm?af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-p...
  • https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&pr...
33 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-58-65.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
e5ccd56a3c65f72ff9b96b854f2abe7eb9e25010df28a366223244764760627c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
max-age=0, s-maxage=120
content-encoding
gzip
content-length
13977
content-type
text/html; charset=utf-8
date
Mon, 03 Apr 2023 16:10:59 GMT
eagleeye-traceid
211b88ef16805382593075626e0c85
object-status
ttl=120,age=0,gip=104.109.58.65
server
Tengine
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-air-hostname
air-ual033027092041.de81
x-air-source
proxy
x-air-trace-id
211b88ef16805382593075626e0c85
x-readtime
12
x-server-id
28c3d6b2523ca52c32ad72931842b19ac3b8a084a970a1b95d13ece67df5c9c1
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-length
278
content-type
text/html
date
Mon, 03 Apr 2023 16:10:59 GMT
eagleeye-traceid
211675d316805382591567220eb052
expires
Mon, 03 Apr 2023 16:10:59 GMT
location
https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
server
Tengine
strict-transport-security
max-age=31536000
timing-allow-origin
*
/
g.alicdn.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/??mtb/lib-windvane/3.0.4/windvane.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.251 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
35dab5f3bc59a54811346053982c2672ce00d068a4ed1cba288a7883bdb7adb1

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 16:03:00 GMT
content-encoding
gzip
via
cache5.l2de2[0,0,200-0,H], cache23.l2de2[0,0], cache23.l2de2[1,0], cache11.de3[0,0,200-0,H], cache7.de3[1,0]
x-oss-request-id
642AF8B4DD3C3B3836F7266B
content-md5
xLssSxj2nCMBcAHK4YSXuA==
age
479
x-swift-cachetime
3591
x-cache
HIT TCP_MEM_HIT dirn:13:614798548
x-swift-savetime
Mon, 03 Apr 2023 16:03:09 GMT
content-length
1939
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1680537780
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
6614301303192321515
eagleid
4f85b19b16805382597494714e
x-oss-server-time
1
/
assets.alicdn.com/g/alilog/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.109.58.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-58-65.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
4400c452e7307cca614029bffd919294530c539ecb560b1cc37139a7570b5b87

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 16:10:59 GMT
content-encoding
gzip
x-oss-request-id
642AF1477800A7333353C8D8
content-md5
gygBRN2M4MlVRBr7rF/+vA==
x-swift-cachetime
1280
x-swift-savetime
Mon, 03 Apr 2023 15:39:59 GMT
content-length
10110
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1680535879
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1229, s-maxage=1800
served-from
2.16.110.191
x-oss-storage-class
Standard
x-source-scheme
https
timing-allow-origin
*
x-oss-hash-crc64ecma
15290110112012039273
network_info
PL_WARSAW_54203
eagleid
4f85b1a116805363993332934e
x-oss-server-time
3
/
g.alicdn.com/aes/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/aes/??tracker/1.0.13/index.js,tracker-plugin-jserror/1.0.9/index.js,tracker-plugin-api/1.0.16/index.js,tracker-plugin-perf/1.1.4/index.js,tracker-plugin-longtask/1.0.1/index.js,tracker-plugin-tsl/1.0.1/index.js,tracker-plugin-pv/2.2.1/index.js,tracker-plugin-event/1.1.3/index.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.251 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6aa4f6ea6fffd9c8bd86eb97c0c26a36fbc8b23fae38329afca45b0c50e3a726

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 07:10:26 GMT
content-encoding
gzip
via
cache21.l2de2[0,0,200-0,H], cache19.l2de2[0,0], cache19.l2de2[1,0], cache11.de3[0,0,200-0,H], cache7.de3[1,0]
x-oss-request-id
642A7BE20A184B3130498BEB
content-md5
8YbxGefBXymcHdDymE3ZrA==
age
32433
x-swift-cachetime
86399
x-cache
HIT TCP_MEM_HIT dirn:12:348051386
x-swift-savetime
Mon, 03 Apr 2023 07:10:27 GMT
content-length
17152
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1680505826
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
8862171080743724055
eagleid
4f85b19b16805382597504716e
x-oss-server-time
6
index.js
g.alicdn.com/code/npm/@ali/gsgp-project-new-user/0.7.8/pages/index/ 		544 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/code/npm/@ali/gsgp-project-new-user/0.7.8/pages/index/index.js
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.251 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e2b986c59abdb2f539e5ca2a1691d3df571d350f3f443a606797f5368fc084a1

Request headers

Referer
https://campaign.aliexpress.com/
Origin
https://campaign.aliexpress.com
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 03 Apr 2023 08:13:38 GMT
content-encoding
gzip
via
cache23.l2de2[0,0,200-0,H], cache9.l2de2[2,0], cache9.l2de2[2,0], cache3.de3[0,0,200-0,H], cache6.de3[4,0]
x-oss-request-id
642A8AB2CA02BA3538582BEB
content-md5
aPTw3kZcFV796hthAfLTkQ==
age
28641
x-swift-cachetime
86399
x-cache
HIT TCP_MEM_HIT dirn:13:65657332
x-swift-savetime
Mon, 03 Apr 2023 08:13:39 GMT
content-length
149581
x-bucket-code
3
x-oss-object-type
Normal
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1680509618
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,s-maxage=86400
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
18338964134154018806
eagleid
4f85b19a16805382597688596e
x-oss-server-time
32
/
assets.alicdn.com/g/alilog/ 		0
0
getRecommendingResults.do
gpsfront.aliexpress.com/ 		0
0
O1CN01JlrjJi1hbcDMWwrxa_!!6000000004296-1-tps-256-256.gif
img.alicdn.com/imgextra/i4/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.alicdn.com/imgextra/i4/O1CN01JlrjJi1hbcDMWwrxa_!!6000000004296-1-tps-256-256.gif
Requested by
Host: campaign.aliexpress.com
URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B043568A1680538257756945&aff_fcid=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy&terminal_id=44ab4c8b83db4d16b47f82e26261653c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
79.133.177.251 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3e852aa584260411da35ef6c21232d216e6c692c6391aa5f743f893c3abb1393

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://campaign.aliexpress.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 12 Apr 2022 06:25:22 GMT
via
cache36.l2sg2[0,0,200-0,H], cache12.l2sg2[2,0], cache1.de3[0,0,200-0,H], cache7.de3[1,0]
age
30793538
x-swift-cachetime
2506082
request-time
0.082
x-cache
HIT TCP_MEM_HIT dirn:12:163524637
x-swift-savetime
Tue, 14 Mar 2023 06:17:20 GMT
s-rt
1
content-length
37037
last-modified
Fri, 12 Nov 2021 10:02:59 GMT
server
Tengine
ali-swift-global-savetime
1649744722
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31536000
picasso-ret-code
SUCCESS
timing-allow-origin
*
eagleid
4f85b19b16805382600185376e
expires
Wed, 12 Apr 2023 06:25:22 GMT
/
acs.aliexpress.com/h5/mtop.aliexpress.usertouch.houyi.launchrule.runtime.pull/2.0/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.click.aliexpress.com
URL
https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B043568A1680538257756945
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??s/8.15.21/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.21/aplus_int.js,s/8.15.21/plugin/aplus_spmact.js,aplus_plugin_ae/0.0.9/index.js?v=20230328172919
Domain
gpsfront.aliexpress.com
URL
https://gpsfront.aliexpress.com/getRecommendingResults.do?widget_id=300000000754815&limit=20&offset=0&currency=USD&locale=en_US&shipToCountry=US&postback=&productIds2Top=&numTopProducts=&platform=app&imageSize=250x250&callback=jsonp_1680538259984_19704
Domain
acs.aliexpress.com
URL
https://acs.aliexpress.com/h5/mtop.aliexpress.usertouch.houyi.launchrule.runtime.pull/2.0/?jsv=2.7.0&appKey=24815441&t=1680538259985&sign=b9cb7eb0db7d1a58c2c0e9912dd40908&api=mtop.aliexpress.usertouch.houyi.launchRule.runtime.pull&v=2.0&isMajorRequest=true&type=jsonp&dataType=jsonp&callback=mtopjsonp1&data=%7B%22appVersion%22%3A%22292%22%2C%22clientType%22%3A%22iphone%22%2C%22currency%22%3A%22USD%22%2C%22lang%22%3A%22en_US%22%2C%22shipToCountry%22%3A%22US%22%2C%22deviceId%22%3A%22%22%2C%22positionId%22%3A%22NewUserZoneLanding_page%22%2C%22ext%22%3A%22%7B%5C%22pageParam%5C%22%3A%7B%5C%22zoneBenefitType%5C%22%3A%5C%22gift%5C%22%2C%5C%22widgetId%5C%22%3Anull%2C%5C%22productId%5C%22%3Anull%7D%7D%22%7D

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| lib object| WindVane object| dmtrack string| dmtrack_hostname string| dmtrack_c string| dmtrack_pageid object| dmtrack_queue object| goldlog_queue number| g_aplus_grey_launched object| goldlog object| AES object| AESPluginJSError undefined| AESPluginApi object| AESPluginPerf undefined| AESPluginLongTask object| AESPluginTSL object| AESPluginPV object| __core-js_shared__ function| AESPluginEvent object| $system object| $global

9 Cookies

Domain/Path Name / Value
bepartoukf.autos/ Name: csu
Value: b64a9bf9-4076-4fd6-b6be-1e72cd25327c
.aliexpress.com/ Name: xman_us_f
Value: x_l=0&x_as_i=%7B%22aeuCID%22%3A%22119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy%22%2C%22af%22%3A%22_236%22%2C%22affiliateKey%22%3A%22_AStGHy%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%223291085423%22%2C%22tagtime%22%3A1680538258718%7D&acs_rt=44ab4c8b83db4d16b47f82e26261653c
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=iza3pl1n3dvf&acs_rt=44ab4c8b83db4d16b47f82e26261653c
.aliexpress.com/ Name: aeu_cid
Value: 119006b3e7474a91a3310fa6c62e466d-1680538258718-08632-_AStGHy
.aliexpress.com/ Name: xman_t
Value: IW/O5LjTqfSndBx7w5rS9hjFgz/KJHb2kWrJ9PIkY4L/KS8Obx6Lmi74BYW6JV3v
.aliexpress.com/ Name: xman_f
Value: dcFX3gI4YKEt/Xh0lRf2EUwN6IJZs3UKieGn14qyB4ldJ7Eo/b/Og0YGxPcv3LAUnDjwJwJBdP1weGjuNrpT9rPyntfTYkQxWOhg4Lp18TWTIqY5BXFt3A==
.aliexpress.com/ Name: af_ss_a
Value: 1
.aliexpress.com/ Name: af_ss_b
Value: 1
.aliexpress.com/ Name: ali_apache_id
Value: 33.22.117.211.1680538259156.253456.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acs.aliexpress.com
assets.alicdn.com
bepartoukf.autos
campaign.aliexpress.com
code.jquery.com
connect.knowledgepull.icu
downl0ad.com.pl
g.alicdn.com
gpsfront.aliexpress.com
img.alicdn.com
nostop.go2cloud.org
paychat.fuse-cloud.com
releases.jquery.com
s.click.aliexpress.com
sale.aliexpress.com
trk.parthole.xyz
acs.aliexpress.com
assets.alicdn.com
gpsfront.aliexpress.com
s.click.aliexpress.com
104.109.58.65
104.109.95.137
104.21.19.158
108.138.7.87
188.114.97.3
43.131.7.125
52.210.174.128
69.16.175.10
79.133.177.251
128342db7f585729448247ba218d8dd821f4a4835b4c0dada288e2ab698be279
35dab5f3bc59a54811346053982c2672ce00d068a4ed1cba288a7883bdb7adb1
3e852aa584260411da35ef6c21232d216e6c692c6391aa5f743f893c3abb1393
4400c452e7307cca614029bffd919294530c539ecb560b1cc37139a7570b5b87
5a325cf127c6cf1272cd26810b58e77e7ed1364f3484bb2b6121060f383faceb
6aa4f6ea6fffd9c8bd86eb97c0c26a36fbc8b23fae38329afca45b0c50e3a726
7f67183065f7f7afd72fafd8c3af562dd4870fddcb2482f5622b52928f5aa892
8f764586d6c53ffcdd45c8b96924904c452d3576dc7d5774e94bf4bc27853d18
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
cde3336387f0114cd72fa63d9202892d8dafa889854223aa875f0662842b5d62
e2b986c59abdb2f539e5ca2a1691d3df571d350f3f443a606797f5368fc084a1
e5ccd56a3c65f72ff9b96b854f2abe7eb9e25010df28a366223244764760627c