urlscan.io logo urlscan.io
SecurityTrails logo

campaign.aliexpress.com Open in urlscan Pro
104.109.58.65  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Effective URL: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ign...
Submission: On March 07 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 9 domains to perform 13 HTTP transactions. The main IP is 104.109.58.65, located in and belongs to . The main domain is campaign.aliexpress.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on December 19th 2022. Valid for: a year.
This is the only time campaign.aliexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.21.19.158 13335 (CLOUDFLAR...)
1 2 69.16.175.42 20446 (STACKPATH...)
1 188.114.96.3 13335 (CLOUDFLAR...)
1 2 52.210.2.133 16509 (AMAZON-02)
1 1 108.138.7.73 16509 (AMAZON-02)
1 43.131.7.125 132203 (TENCENT-N...)
1 2 104.109.58.65 ()
1 1 104.109.95.137 ()
13 7
4    104.21.19.158 (None, )

ASN13335 (CLOUDFLARENET, US)
downl0ad.com.pl
2    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
releases.jquery.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
connect.knowledgepull.icu
2    52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
nostop.go2cloud.org
trk.scenesack.website
1    108.138.7.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-73.fra56.r.cloudfront.net
bepartoukf.autos
1    43.131.7.125 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
paychat.fuse-cloud.com
2    104.109.58.65 (None, )

ASN- ()
s.click.aliexpress.com
campaign.aliexpress.com
1    104.109.95.137 (None, )

ASN- ()
sale.aliexpress.com
Apex Domain
Subdomains		 Transfer
4 downl0ad.com.pl
downl0ad.com.pl
21 KB
3 aliexpress.com
s.click.aliexpress.com Failed
sale.aliexpress.com
campaign.aliexpress.com
2 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 693
releases.jquery.com — Cisco Umbrella Rank: 54788
33 KB
1 fuse-cloud.com
paychat.fuse-cloud.com — Cisco Umbrella Rank: 70103
2 KB
1 bepartoukf.autos
bepartoukf.autos
492 B
1 scenesack.website
trk.scenesack.website
2 KB
1 go2cloud.org
nostop.go2cloud.org — Cisco Umbrella Rank: 388926
523 B
1 knowledgepull.icu
connect.knowledgepull.icu
1 KB
0 alicdn.com Failed
g.alicdn.com Failed
assets.alicdn.com Failed
13 9
Domain Requested by
4 downl0ad.com.pl downl0ad.com.pl
code.jquery.com
1 campaign.aliexpress.com downl0ad.com.pl
1 sale.aliexpress.com 1 redirects
1 s.click.aliexpress.com paychat.fuse-cloud.com
1 paychat.fuse-cloud.com connect.knowledgepull.icu
1 bepartoukf.autos 1 redirects
1 trk.scenesack.website 1 redirects
1 nostop.go2cloud.org connect.knowledgepull.icu
1 connect.knowledgepull.icu downl0ad.com.pl
1 releases.jquery.com downl0ad.com.pl
1 code.jquery.com 1 redirects
0 assets.alicdn.com Failed campaign.aliexpress.com
0 g.alicdn.com Failed campaign.aliexpress.com
13 13

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-28 -
2024-02-27		 a year crt.sh
*.go2cloud.org
Amazon RSA 2048 M02		 2023-02-21 -
2024-03-21		 a year crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-19 -
2023-12-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B04356181678150959725135&aff_fcid=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&terminal_id=735fc5ef73bc43b6bd29ff6d661d35b3
Frame ID: DA74157DA875FBBD84E4FC79CAF39060
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux Page URL
  2. https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=xEXzb7zx&source=637673&title=Free%20Robux Page URL
  3. http://trk.scenesack.website/aff_c?source=1962-637673&offer_id=360&aff_click_id=xEXzb7zx&aff_id=1962&aff_... HTTP 302
    https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=1024f2de698afeefbb1732e59bae22 HTTP 302
    http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6865424489638742540&sc=947871 Page URL
  4. https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B04356181678150959725135 HTTP 302
    https://sale.aliexpress.com/newuserzone_aff.htm?af=_236&dp=02637B04356181678150959725135&aff_fcid=348559... HTTP 301
    https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

23 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

7
IPs

5
Countries

58 kB
Transfer

193 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux Page URL
  2. https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=xEXzb7zx&source=637673&title=Free%20Robux Page URL
  3. http://trk.scenesack.website/aff_c?source=1962-637673&offer_id=360&aff_click_id=xEXzb7zx&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Free+Robux&url= HTTP 302
    https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=1024f2de698afeefbb1732e59bae22 HTTP 302
    http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6865424489638742540&sc=947871 Page URL
  4. https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B04356181678150959725135 HTTP 302
    https://sale.aliexpress.com/newuserzone_aff.htm?af=_236&dp=02637B04356181678150959725135&aff_fcid=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&terminal_id=735fc5ef73bc43b6bd29ff6d661d35b3 HTTP 301
    https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B04356181678150959725135&aff_fcid=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&terminal_id=735fc5ef73bc43b6bd29ff6d661d35b3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://code.jquery.com/jquery-1.x-git.min.js HTTP 301
  • https://releases.jquery.com/git/jquery-1.x-git.min.js
Request Chain 7
  • http://trk.scenesack.website/aff_c?source=1962-637673&offer_id=360&aff_click_id=xEXzb7zx&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Free+Robux&url= HTTP 302
  • https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=1024f2de698afeefbb1732e59bae22 HTTP 302
  • http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6865424489638742540&sc=947871

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
E7JOd2Xh
downl0ad.com.pl/ 		698 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5769bc946772590bc5df2043d4bdd5ef8d7496668954e8b8b92fe58f6d6084

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7a3ee9f04e133516-WAW
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Mar 2023 01:02:35 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Y%2Fr3cBmaMjkck7o1c5wb11oIZy83dCOPuvaXTVP9jQzjyXUtDRF7NYUcVBRJ5VH4UiNzNt2WOzBv3ed1fsqiAtaSVzK%2FJ2wwXZBeYQPOvw2T7sITskT1zKsNAr%2Bgtpj5pE%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-1.x-git.min.js
releases.jquery.com/git/
Redirect Chain
  • https://code.jquery.com/jquery-1.x-git.min.js
  • https://releases.jquery.com/git/jquery-1.x-git.min.js
95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://releases.jquery.com/git/jquery-1.x-git.min.js
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
H2
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
5a325cf127c6cf1272cd26810b58e77e7ed1364f3484bb2b6121060f383faceb

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://downl0ad.com.pl/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 07 Mar 2023 01:02:36 GMT
content-encoding
gzip
last-modified
Wed, 22 Jun 2016 11:33:22 GMT
server
nginx
etag
"576a7782-17b4c"
x-hw
1678150955.dop209.wa1.t,1678150955.cds210.wa1.hn,1678150956.cds214.wa1.pr
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=300, public
accept-ranges
bytes
content-length
33773

Redirect headers

date
Tue, 07 Mar 2023 01:02:35 GMT
content-encoding
gzip
server
nginx
x-hw
1678150955.dop209.wa1.t,1678150955.cds210.wa1.hn,1678150955.cds004.wa1.c
content-type
text/html
location
https://releases.jquery.com/git/jquery-1.x-git.min.js
cache-control
max-age=28426635
accept-ranges
bytes
content-length
131
03032020.js
downl0ad.com.pl/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/03032020.js
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128342db7f585729448247ba218d8dd821f4a4835b4c0dada288e2ab698be279

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Date
Tue, 07 Mar 2023 01:02:35 GMT
Content-Encoding
gzip
CF-Cache-Status
REVALIDATED
Last-Modified
Tue, 03 Mar 2020 10:49:06 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
ETag
W/"5e5e3622-11dcc"
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUiTsnIQ0Czui78PkF%2FykL%2BKpmxfiUHZltZwC9C1IwRSnGZuly9Q0E2lrvj1%2FFLk3K2lNgXNjC89t9Q33P%2FQy%2FmeHbz4eh1EB%2FLLQ3diYmpeVhlScsN%2Bn9H4dxoFoUkGleo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Cache-Control
max-age=14400
Connection
keep-alive
CF-RAY
7a3ee9f19e773516-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ppicheck.php
downl0ad.com.pl/ 		20 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/ppicheck.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.x-git.min.js
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept
*/*
Referer
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
X-Requested-With
XMLHttpRequest
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 07 Mar 2023 01:02:36 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGSczY%2F9OIs2xKGaqwaNbi0%2BleBEdgU5iEFZCtjAQvt0JSABcXyEFTRUaTVc72IIAxmPJCSpGvkmkErJwCoU0dSY850WB91KBIXScI6llHOETXCakw2Y14MU6lHgs36uBUQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
7a3ee9f72fb43516-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
finger.php
downl0ad.com.pl/ 		0
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://downl0ad.com.pl/finger.php
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/03032020.js
Protocol
HTTP/1.1
Server
104.21.19.158 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
accept-language
pl-PL,pl;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

Date
Tue, 07 Mar 2023 01:02:37 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iqXGhGekWKflugIGU%2BkARsJLGFgC1VOGPIs2Rgvoh%2BybnW6M7242GiGgrOg5bM%2FzUaQi36HCKMqnP6Ept%2BkgvwXCGwzZc02NUQS%2BZEEQYQXxzKr%2BLxonCYIxSdJ5%2BlPla8%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
CF-RAY
7a3ee9fb18ab3516-WAW
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KJFKDNF723LJD35M9ELOPF73459F
connect.knowledgepull.icu/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=xEXzb7zx&source=637673&title=Free%20Robux
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/03032020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.1.27
Resource Hash
d6db9603a764f6523c14c10f55c6f9c7e218c7c7495147b5c1d1ce803f869940

Request headers

Referer
http://downl0ad.com.pl/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7a3ee9fcbe34bfb4-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 07 Mar 2023 01:02:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4u47NGFRHIS3WkKvXDXusIWvW7SZwW%2FigBz%2BhO7i6gKLd8m6bCEm%2BPuz1HhLJmq1FO31WXuyNDAkIWTWDKbcp7sO39Q8hos0kWD5mqRcb2UMrHkiy8rYU4vE2eSlALrF33zKUz8c9BnhbY5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.1.27
aff_i
nostop.go2cloud.org/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nostop.go2cloud.org/aff_i?offer_id=360&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&source=1962-637673&adv_sub={EXTENSION_URL_ENC}&adv_sub5=Mobile%20Safari&adv_sub4=downl0ad.com.pl&adv_sub3=&adv_sub2=connect.knowledgepull.icu
Requested by
Host: connect.knowledgepull.icu
URL: https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=xEXzb7zx&source=637673&title=Free%20Robux
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.2.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://connect.knowledgepull.icu/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

Pragma
no-cache
Date
Tue, 07 Mar 2023 01:02:38 GMT
Content-Encoding
gzip
Server
nginx
Tracking_id
102e38ac7f556a610adc35a398a467
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Tune-SDK-Version
X-Request-Id
1652bdf25053f867f49e800f97399a09
Expires
Sat, 26 Jul 1997 05:00:00 GMT
tl
paychat.fuse-cloud.com/
Redirect Chain
  • http://trk.scenesack.website/aff_c?source=1962-637673&offer_id=360&aff_click_id=xEXzb7zx&aff_id=1962&aff_sub=&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=&aff_unique1=&aff_unique2=&aff_unique3=&name=Fre...
  • https://bepartoukf.autos/redirect?tid=947871&subid=1962-637673&puid=1024f2de698afeefbb1732e59bae22
  • http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6865424489638742540&sc=947871
789 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6865424489638742540&sc=947871
Requested by
Host: connect.knowledgepull.icu
URL: https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=xEXzb7zx&source=637673&title=Free%20Robux
Protocol
HTTP/1.1
Server
43.131.7.125 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
b9795e03e8d67481cfb19f4caced962cf8e5934154f97391b7c22864484f3f4c

Request headers

Referer
https://connect.knowledgepull.icu/KJFKDNF723LJD35M9ELOPF73459F?click_id=xEXzb7zx&source=637673&title=Free%20Robux
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
789
Content-Type
text/html; charset=utf-8
Date
Tue, 07 Mar 2023 01:02:39 GMT
Expires
Sun, 06 Nov 1994 08:49:37 GMT
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
X-Robots-Tag
noindex, nofollow

Redirect headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
cache-control
no-store, no-cache, must-revalidate, no-transform
content-length
0
content-type
text/plain
date
Tue, 07 Mar 2023 01:02:39 GMT
location
http://paychat.fuse-cloud.com/tl?a=236&o=2522&aff_click_id=6865424489638742540&sc=947871
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-id
BElozszVFx_fZPc4DHTrtnil0k-bFvZ1_Q0XxwuhEh02mpW0-jOcow==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
_AStGHy
s.click.aliexpress.com/e/ 		0
0
Primary Request index
campaign.aliexpress.com/wow/gcp/new-user-channel/
Redirect Chain
  • https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B04356181678150959725135
  • https://sale.aliexpress.com/newuserzone_aff.htm?af=_236&dp=02637B04356181678150959725135&aff_fcid=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-p...
  • https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&pr...
22 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B04356181678150959725135&aff_fcid=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&terminal_id=735fc5ef73bc43b6bd29ff6d661d35b3
Requested by
Host: downl0ad.com.pl
URL: http://downl0ad.com.pl/E7JOd2Xh?filename=Free%20Robux
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.109.58.65 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
accept-language
pl-PL,pl;q=0.9

Response headers

cache-control
max-age=0, s-maxage=115
content-encoding
gzip
content-length
13974
content-type
text/html; charset=utf-8
date
Tue, 07 Mar 2023 01:02:42 GMT
eagleeye-traceid
21038ed816781509625555843efa2c
object-status
ttl=115,age=10,gip=104.109.58.65
server
Tengine
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-air-hostname
air-ual033027092041.de81
x-air-source
proxy
x-air-trace-id
21038ed816781509625555843efa2c
x-readtime
11
x-server-id
28c3d6b2523ca52c32ad72931842b19ac3b8a084a970a1b95d13ece67df5c9c1
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-length
278
content-type
text/html
date
Tue, 07 Mar 2023 01:02:42 GMT
eagleeye-traceid
211675d016781509624046031e3108
expires
Tue, 07 Mar 2023 01:02:42 GMT
location
https://campaign.aliexpress.com/wow/gcp/new-user-channel/index?wh_weex=true&wx_navbar_hidden=true&wx_navbar_transparent=true&ignoreNavigationBar=true&wx_statusbar_hidden=true&_immersiveMode=true&preDownLoad=true&tabType=gift&af=_236&dp=02637B04356181678150959725135&aff_fcid=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&aff_fsk=_AStGHy&aff_platform=portals-promotion&sk=_AStGHy&aff_trace_key=348559865980401f8fd8d37d39bdc936-1678150961236-05019-_AStGHy&terminal_id=735fc5ef73bc43b6bd29ff6d661d35b3
server
Tengine
strict-transport-security
max-age=31536000
timing-allow-origin
*
/
g.alicdn.com/ 		0
0
/
assets.alicdn.com/g/alilog/ 		0
0
/
g.alicdn.com/aes/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.click.aliexpress.com
URL
https://s.click.aliexpress.com/e/_AStGHy?af=_236&dp=02637B04356181678150959725135
Domain
g.alicdn.com
URL
https://g.alicdn.com/??mtb/lib-windvane/3.0.4/windvane.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/alilog/??aplus_plugin_aefront/index.js,mlog/aplus_int.js
Domain
g.alicdn.com
URL
https://g.alicdn.com/aes/??tracker/1.0.13/index.js,tracker-plugin-jserror/1.0.9/index.js,tracker-plugin-api/1.0.16/index.js,tracker-plugin-perf/1.1.4/index.js,tracker-plugin-longtask/1.0.1/index.js,tracker-plugin-tsl/1.0.1/index.js,tracker-plugin-pv/2.2.1/index.js,tracker-plugin-event/1.1.3/index.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Domain/Path Name / Value
bepartoukf.autos/ Name: csu
Value: b5b4dda5-5509-4791-b060-2a0dc73e3e20