urlscan.io logo urlscan.io
SecurityTrails logo

aliexpression.ga Open in urlscan Pro
212.227.202.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.aliexpression.xyz/
Effective URL: https://aliexpression.ga/
Submission: On December 26 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 212.227.202.200, located in Bietigheim, Germany and belongs to IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE. The main domain is aliexpression.ga.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 3rd 2020. Valid for: 3 months.
This is the only time aliexpression.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 82.165.119.79 8560 (IONOS-AS ...)
4 212.227.202.200 8560 (IONOS-AS ...)
1 104.111.214.74 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 67.202.94.94 32748 (STEADFAST)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
8 5
1    82.165.119.79 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: gpoint.email
www.aliexpression.xyz
4    212.227.202.200 (Bietigheim, Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: funkyflo.at
aliexpression.ga
1    104.111.214.74 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-74.deploy.static.akamaitechnologies.com
ae01.alicdn.com
1    2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
1    67.202.94.94 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
widgets.amung.us
Domain Requested by
4 aliexpression.ga aliexpression.ga
1 widgets.amung.us aliexpression.ga
1 whos.amung.us waust.at
1 waust.at aliexpression.ga
1 ae01.alicdn.com aliexpression.ga
1 www.aliexpression.xyz 1 redirects
8 6

This site contains links to these domains. Also see Links.

Domain
youtube.com
s.click.aliexpress.com
Subject Issuer Validity Valid
aliexpression.ga
Let's Encrypt Authority X3		 2020-11-03 -
2021-02-01		 3 months crt.sh
img.alicdn.com
DigiCert Secure Site ECC CA-1		 2020-06-09 -
2021-06-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-04 -
2021-09-04		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://aliexpression.ga/
Frame ID: 39DCA1B6F03DAE9FB9EC47D18EF4315B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.aliexpression.xyz/ HTTP 302
    https://aliexpression.ga/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

71 kB
Transfer

75 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.aliexpression.xyz/ HTTP 302
    https://aliexpression.ga/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
aliexpression.ga/
Redirect Chain
  • https://www.aliexpression.xyz/
  • https://aliexpression.ga/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aliexpression.ga/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.227.202.200 Bietigheim, Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
funkyflo.at
Software
Apache/2.4.38 (Debian) /
Resource Hash
834e6a17b1966d8c1b1d722fc3cd9d775532e337113031d4b050b49882b9f1b5

Request headers

Host
aliexpression.ga
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 19:50:40 GMT
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
834
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Sat, 26 Dec 2020 19:50:40 GMT
Server
Apache/2.4.38 (Debian)
Location
https://aliexpression.ga
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
style.css
aliexpression.ga/ 		755 B
708 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://aliexpression.ga/style.css
Requested by
Host: aliexpression.ga
URL: https://aliexpression.ga/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.227.202.200 Bietigheim, Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
funkyflo.at
Software
Apache/2.4.38 (Debian) /
Resource Hash
ab3ecee413a27ff0c4a034baed9eb643bba67020ce93822efe2d22235857cb32

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 19:50:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Apr 2020 01:02:59 GMT
Server
Apache/2.4.38 (Debian)
ETag
"2f3-5a321a4e0d6c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
373
subscribe-funkyflo-youtube.png
aliexpression.ga/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliexpression.ga/subscribe-funkyflo-youtube.png
Requested by
Host: aliexpression.ga
URL: https://aliexpression.ga/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.227.202.200 Bietigheim, Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
funkyflo.at
Software
Apache/2.4.38 (Debian) /
Resource Hash
182e05ba86d71f21a23628dcb08467ef0683b663e591bdd7d4e58954f9dfc19a

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 19:50:40 GMT
Last-Modified
Mon, 13 Apr 2020 00:48:54 GMT
Server
Apache/2.4.38 (Debian)
ETag
"6780-5a32172832980"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
26496
free-shipping-worldwide.png
aliexpression.ga/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliexpression.ga/free-shipping-worldwide.png
Requested by
Host: aliexpression.ga
URL: https://aliexpression.ga/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.227.202.200 Bietigheim, Germany, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS
funkyflo.at
Software
Apache/2.4.38 (Debian) /
Resource Hash
9626a50aede93e9281bdfeeca57e5a6325937547c87b74c284080da8f486d069

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 26 Dec 2020 19:50:40 GMT
Last-Modified
Mon, 13 Apr 2020 00:55:56 GMT
Server
Apache/2.4.38 (Debian)
ETag
"4ccd-5a3218baa5f00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
19661
H12d0c1555c2944fc8b1c8ea33f486522m.png
ae01.alicdn.com/kf/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ae01.alicdn.com/kf/H12d0c1555c2944fc8b1c8ea33f486522m.png
Requested by
Host: aliexpression.ga
URL: https://aliexpression.ga/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.214.74 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-214-74.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
957834d1e5c50c6fd60994b1402e19bb4940125d5225283ab93cc9e1b2967755

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 19:50:40 GMT
last-modified
Sat, 19 Sep 2020 02:47:29 GMT
server
Akamai Image Manager
content-type
image/webp
access-control-allow-origin
*
cache-control
private, no-transform, max-age=43200
served-from
2.16.187.4
content-length
16416
timing-allow-origin
*
network_info
NL_AMSTERDAM_9009
from-req-dns-type
NA
expires
Sun, 27 Dec 2020 07:50:40 GMT
co.js
waust.at/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/co.js
Requested by
Host: aliexpression.ga
URL: https://aliexpression.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b957ea339d35a0f04ef914c475611606e5b3b326cf08cb9d68bf78bca23a6521

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 19:50:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
909
cf-request-id
074233772900004ab0e6162000000001
last-modified
Tue, 15 Dec 2020 21:49:57 GMT
server
cloudflare
etag
W/"5fd92f85-1ee4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CdqoG403CgXLdG5Lfw4xaLkoxzq2RW6haUTN0VuQ4f5r%2FeH8oSjzm3onx%2F2wo7ygBk8PpPya43HZ5rGWsrPjPatKh5JkNbF2dLB1kFoZydFY8S3Nxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
607d55050f804ab0-FRA
expires
Sun, 27 Dec 2020 19:35:31 GMT
/
whos.amung.us/pingjs/ 		28 B
144 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=fw4uppuj9a&t=welcome%20%20aliexpressION.GA%20-%20Support%20FunkyFlo%27s%20Youtube%20Channel%20%20Search%20%26%20Shop%20&c=u&x=https%3A%2F%2Faliexpression.ga%2F&y=&a=0&d=0.217&v=27&r=6189
Requested by
Host: waust.at
URL: https://waust.at/co.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.94 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
2c4025ad6b83d74e8f4eb65a20037e883ff2df558a4525d9b842d4f4f79ce273

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 19:50:40 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
/
widgets.amung.us/colwid/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/colwid/?c=f1c232000000
Requested by
Host: aliexpression.ga
URL: https://aliexpression.ga/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fb8ee343e6be769d470e65139a53212168bebbddc3fb08bf6d5481744c0cc54

Request headers

Referer
https://aliexpression.ga/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Dec 2020 19:50:40 GMT
cf-cache-status
HIT
server
cloudflare
age
30
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=432000
content-disposition
filename=wau-widget.png
cf-ray
607d55077935062d-FRA
cf-request-id
07423378aa0000062decbf8000000001
expires
Sun, 27 Dec 2020 19:50:10 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wau string| wau_w_col object| WAU_ren function| WAU_colored function| WAU_colored_request function| WAU_r_u function| WAU_insert function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| x string| x1 string| x2

0 Cookies