best.aliexpress.com Open in urlscan Pro
104.102.42.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure.pornnetflix.com/
Effective URL:
https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&t...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On July 04 via api (July 4th 2024, 9:29:40 pm UTC) from IT — Scanned from IT

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 26 HTTP transactions. The main IP is 104.102.42.226, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is best.aliexpress.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 17th 2024. Valid for: 5 months.

This is the only time best.aliexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	185.53.177.112 185.53.177.112	61969 (TEAMINTER...) (TEAMINTERNET-AS)
1	18.66.121.190 18.66.121.190	16509 (AMAZON-02) (AMAZON-02)
2	34.232.36.187 34.232.36.187	14618 (AMAZON-AES) (AMAZON-AES)
1 2	15.197.224.234 15.197.224.234	16509 (AMAZON-02) (AMAZON-02)
1	130.211.29.114 130.211.29.114	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.241.15.240 35.241.15.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2	3.125.239.17 3.125.239.17	16509 (AMAZON-02) (AMAZON-02)
2 3	104.102.42.226 104.102.42.226	16625 (AKAMAI-AS) (AKAMAI-AS)
26	9

4 185.53.177.112 (Germany)

ASN61969 (TEAMINTERNET-AS, DE)

secure.pornnetflix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.121.190 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-121-190.fra60.r.cloudfront.net

d38psrni17bvxu.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.232.36.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-36-187.compute-1.amazonaws.com

tanis-ats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.224.234 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ab226b763647f1870.awsglobalaccelerator.com

starchoice-1.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.29.114 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 114.29.211.130.bc.googleusercontent.com

cdn.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.15.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.15.241.35.bc.googleusercontent.com

cas.avalon.perfdrive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml-v4.starvalue-4.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.239.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com

kettakihome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.42.226 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-42-226.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mbest.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	pornnetflix.com secure.pornnetflix.com	3 KB
3	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 15206 mbest.aliexpress.com — Cisco Umbrella Rank: 84112 best.aliexpress.com	35 KB
3	perfdrive.com cdn.perfdrive.com — Cisco Umbrella Rank: 33435 cas.avalon.perfdrive.com — Cisco Umbrella Rank: 12963	90 KB
2	kettakihome.com kettakihome.com — Cisco Umbrella Rank: 249202	4 KB
2	starchoice-1.online 1 redirects starchoice-1.online	21 KB
2	tanis-ats.com tanis-ats.com	4 KB
1	starvalue-4.online 1 redirects xml-v4.starvalue-4.online	514 B
1	cloudfront.net d38psrni17bvxu.cloudfront.net	1 KB
0	alicdn.com Failed assets.alicdn.com Failed ae01.alicdn.com Failed
26	9

	Domain	Requested by
4	secure.pornnetflix.com	d38psrni17bvxu.cloudfront.net secure.pornnetflix.com
2	kettakihome.com	starchoice-1.online
2	cas.avalon.perfdrive.com	cdn.perfdrive.com
2	starchoice-1.online	1 redirects tanis-ats.com
2	tanis-ats.com	secure.pornnetflix.com tanis-ats.com
1	best.aliexpress.com
1	mbest.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	xml-v4.starvalue-4.online	1 redirects
1	cdn.perfdrive.com	starchoice-1.online
1	d38psrni17bvxu.cloudfront.net	secure.pornnetflix.com
0	ae01.alicdn.com Failed	best.aliexpress.com
0	assets.alicdn.com Failed	best.aliexpress.com
26	13

This site contains no links.

Subject Issuer	Validity	Valid
secure.pornnetflix.com R11	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
tanis-ats.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-31`	a year	crt.sh
starchoice-1.online Amazon RSA 2048 M02	`2024-07-03` - `2025-08-01`	a year	crt.sh
*.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-09-21` - `2024-09-26`	a year	crt.sh
cas.avalon.perfdrive.com Go Daddy Secure Certificate Authority - G2	`2023-07-24` - `2024-08-05`	a year	crt.sh
kettakihome.com R3	`2024-05-26` - `2024-08-24`	3 months	crt.sh
ru.aliexpress.com DigiCert TLS RSA SHA256 2020 CA1	`2024-05-17` - `2024-10-23`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_trace_key=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&terminal_id=810b2bfff30b417b9a16b416a3c3df7b&gatewayAdapt=Msite2Pc
Frame ID: 4399DF93807E3C0BBB70B0DE6DB25E6A
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure.pornnetflix.com/ HTTP 307
https://secure.pornnetflix.com/ Page URL
http://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a5... HTTP 307
https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a5... Page URL
https://tanis-ats.com/zclkredirect?visitid=81bf0600-3a4c-11ef-ac66-0affc61c6c41&type=js&browserWid... Page URL
http://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD HTTP 307
https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD Page URL
https://starchoice-1.online/api/v1/pxcheck?impId=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD&minfo=eyJjb29r... HTTP 302
http://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0 HTTP 307
https://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0 HTTP 302
https://kettakihome.com/click?trvid=13182&extid=Wcg-CEIfdeM&bid=0.0002&var1=75d8bb5c40cc22f038131060... Page URL
https://kettakihome.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRG1HWjd... Page URL
https://s.click.aliexpress.com/e/_DmGZ7Hl?af=7zDLBqe2vi6E&dp=des HTTP 302
https://mbest.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577... HTTP 302
https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577... Page URL

Page Statistics

26
Requests

54 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

9
IPs

2
Countries

154 kB
Transfer

553 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure.pornnetflix.com/ HTTP 307
https://secure.pornnetflix.com/ Page URL
http://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41 HTTP 307
https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41 Page URL
https://tanis-ats.com/zclkredirect?visitid=81bf0600-3a4c-11ef-ac66-0affc61c6c41&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome Page URL
http://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD HTTP 307
https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD Page URL
https://starchoice-1.online/api/v1/pxcheck?impId=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vc3RhcmNob2ljZS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9aElNM1IwZEdFM1JTY0E4Nkkya2xZODNxVExUU2YxdHZpR0V1M0dGRCIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90IjpmYWxzZSwiZkJvdE5hbWUiOiIiLCJmUmVhc29ucyI6IiJ9 HTTP 302
http://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0 HTTP 307
https://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0 HTTP 302
https://kettakihome.com/click?trvid=13182&extid=Wcg-CEIfdeM&bid=0.0002&var1=75d8bb5c40cc22f0381310608&banner=6080780&carrier=Global+Router&search_referrer_domain=adfpoint.com&campaign=1182080&query=pornnetflix.com%252Cpornnetflix%252Ccom Page URL
https://kettakihome.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRG1HWjdIbD9hZj03ekRMQnFlMnZpNkVcdTAwMjZkcD1kZXMiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjM3MjV9 Page URL
https://s.click.aliexpress.com/e/_DmGZ7Hl?af=7zDLBqe2vi6E&dp=des HTTP 302
https://mbest.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_trace_key=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&terminal_id=810b2bfff30b417b9a16b416a3c3df7b HTTP 302
https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_trace_key=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&terminal_id=810b2bfff30b417b9a16b416a3c3df7b&gatewayAdapt=Msite2Pc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://secure.pornnetflix.com/ HTTP 307
https://secure.pornnetflix.com/

Request Chain 5

http://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41 HTTP 307
https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41

Request Chain 7

http://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD HTTP 307
https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD

Request Chain 11

https://starchoice-1.online/api/v1/pxcheck?impId=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyNi4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiaWZyYW1lIjpmYWxzZSwiZGV2aWNlUGl4ZWxSYXRpbyI6MSwid25kTG9jSHJlZiI6Imh0dHBzOi8vc3RhcmNob2ljZS0xLm9ubGluZS9hcGkvdjEvcHg/eG1saWQ9aElNM1IwZEdFM1JTY0E4Nkkya2xZODNxVExUU2YxdHZpR0V1M0dGRCIsImRldmljZVNyZWVuU2l6ZSI6IjEyMDB4MTYwMCIsImRldmljZVdpbmRvd1NpemUiOiIxMjAweDE2MDAiLCJ3bmQyc3JjUmF0aW9Md3IwNiI6ZmFsc2UsImVmZmVjdGl2ZVR5cGUiOiI0ZyIsImlzQm90IjpmYWxzZSwiZkJvdE5hbWUiOiIiLCJmUmVhc29ucyI6IiJ9 HTTP 302
http://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0 HTTP 307
https://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0 HTTP 302
https://kettakihome.com/click?trvid=13182&extid=Wcg-CEIfdeM&bid=0.0002&var1=75d8bb5c40cc22f0381310608&banner=6080780&carrier=Global+Router&search_referrer_domain=adfpoint.com&campaign=1182080&query=pornnetflix.com%252Cpornnetflix%252Ccom

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
secure.pornnetflix.com/
Redirect Chain

http://secure.pornnetflix.com/
https://secure.pornnetflix.com/

2 KB
2 KB

1172ms
711ms

Document
text/html

185.53.177.112
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.pornnetflix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.112 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: Caddy nginx /
Resource Hash: 73a237a50589c10a6f616b6caec100fa02b6083d6bf8503ac03487b01d5f13fd

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ch: viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime: 30
alt-svc: h3=":8443"; ma=2592000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 04 Jul 2024 21:29:34 GMT
host: {http.reverse_proxy.upstream.hostport}
server: Caddy nginx
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_RwtAVzMkYCaVIdrGG9Iec3Q4Wj2sopL+IQma2D2d1/E5y8oVAE+NziFUSgqoYWyf6vMEJ80nH4ymWIBPq/yRYA==
x-buckets: bucket011
x-domain: pornnetflix.com
x-forwarded-host: secure.pornnetflix.com
x-language: italian
x-redirect: zeropark_zeroclick
x-ssl-c: v1
x-ssl-proxy: v2
x-subdomain: secure
x-template: tpl_CleanPeppermintBlack_twoclick

Redirect headers

Location: https://secure.pornnetflix.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js3.js Show response
d38psrni17bvxu.cloudfront.net/scripts/ 1 KB
1 KB 435ms
29ms Script
application/javascript 18.66.121.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by: Host: secure.pornnetflix.com
URL: https://secure.pornnetflix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.121.190 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-121-190.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://secure.pornnetflix.com/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 04:35:10 GMT
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Mar 2024 11:48:11 GMT
server: nginx
x-amz-cf-pop: FRA60-P2
age: 60864
etag: "65fc1e7b-448"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1096
x-amz-cf-id: GL_V-HQ1Yg6fwKnV22bO89n27T1CJTyIPuBlebPoJ0mNbhq4FWpomQ==

GET
H2 200 track.php Show response
secure.pornnetflix.com/ 0
96 B 79ms
79ms XHR
text/html 185.53.177.112
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.pornnetflix.com/track.php?domain=pornnetflix.com&toggle=browserjs&uid=MTcyMDEyODU3My43Nzk0OmRiMmE1NmRlMGMyYzU1ODNkMmI0NDAyYWUyZWU1OTQ1OGZjNmMxNGE2YzAwNWUzYjAzNTViNmYxYzY3ZjU2MjM6NjY4NzE0M2RiZTRhMQ%3D%3D
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.112 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
device-memory: 8
rtt: 100
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width: 1600
Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://secure.pornnetflix.com/
dpr: 1
downlink: 1.4
ect: 4g
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 21:29:34 GMT
content-encoding: gzip
x-ssl-proxy: v2
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host: {http.reverse_proxy.upstream.hostport}
server: Caddy, nginx
x-custom-track: browserjs
vary: Accept-Encoding
accept-ch-lifetime: 30
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-forwarded-host: secure.pornnetflix.com
x-ssl-c: v1
alt-svc: h3=":8443"; ma=2592000

GET
H2 201 ls.php
secure.pornnetflix.com/ 16 B
372 B 62ms
61ms XHR
text/javascript 185.53.177.112
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.pornnetflix.com/ls.php?t=6687143e&token=a213a485bdfa33e637423aa288d1b7df07cba581
Requested by: Host: secure.pornnetflix.com
URL: https://secure.pornnetflix.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.112 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
device-memory: 8
rtt: 100
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width: 1600
Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://secure.pornnetflix.com/
dpr: 1
downlink: 1.4
ect: 4g
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 21:29:34 GMT
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_KsAhqANOyd6Oa/WGL4KJIKPJzDzImv8XSibrp0XQ9Ios968hrSRnVAmzwkZP4THgb1AOMbdfYP7uPxAnW8ebRQ==
x-ssl-c: v1
alt-svc: h3=":8443"; ma=2592000
x-ssl-proxy: v2
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host: {http.reverse_proxy.upstream.hostport}
server: Caddy, nginx
access-control-max-age: 86400
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin
accept-ch-lifetime: 30
charset: utf-8
x-forwarded-host: secure.pornnetflix.com
x-log-success: 6687143e107fadb8ec0a7888

GET
H2 200 track.php
secure.pornnetflix.com/ 0
118 B 168ms
168ms XHR
text/html 185.53.177.112
TEAMINTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.pornnetflix.com/track.php?click=1b5a4264798a792f5ed1b59b3239d05714c56931&domain=pornnetflix.com&uid=MTcyMDEyODU3My43Nzk0OmRiMmE1NmRlMGMyYzU1ODNkMmI0NDAyYWUyZWU1OTQ1OGZjNmMxNGE2YzAwNWUzYjAzNTViNmYxYzY3ZjU2MjM6NjY4NzE0M2RiZTRhMQ%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2Njg3MTQzZGJlNDc0fHx8MTcyMDEyODU3NC4yMjR8ZjA0M2M3ZGM4OTE1YjcwYTUxNDBhOWJkNzlkMWRjYzlmYzE2NmVmZnx8fHx8MXx8MHwwfHx8fDF8fHx8fDB8MHx8fHx8fHx8fHwwfDB8fDB8fHwwfDB8VzEwPXx8MXxXMTA9fGEyMTNhNDg1YmRmYTMzZTYzNzQyM2FhMjg4ZDFiN2RmMDdjYmE1ODF8MHx8MHwwfHx8&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by: Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.53.177.112 , Germany, ASN61969 (TEAMINTERNET-AS, DE),
Reverse DNS
Software: Caddy, nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
device-memory: 8
rtt: 100
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
viewport-width: 1600
Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://secure.pornnetflix.com/
dpr: 1
downlink: 1.4
ect: 4g
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 21:29:35 GMT
content-encoding: gzip
x-ssl-proxy: v2
accept-ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
host: {http.reverse_proxy.upstream.hostport}
server: Caddy, nginx
x-custom-track: none
vary: Accept-Encoding
accept-ch-lifetime: 30
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-forwarded-host: secure.pornnetflix.com
x-ssl-c: v1
x-view-match: true
alt-svc: h3=":8443"; ma=2592000

GET
H2

200

1304ac30-8585-11eb-af9e-0a51339b19df Show response
tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/
Redirect Chain

http://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41
https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41

3 KB
3 KB

407ms
128ms

Document
text/html

34.232.36.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41

Requested by

Host: secure.pornnetflix.com
URL: https://secure.pornnetflix.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.36.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-36-187.compute-1.amazonaws.com

Software

Resource Hash

bcee54f6607ae1c8118862055eda6c3e6ef6a7d8d3e055a88df28959ff140daa

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://secure.pornnetflix.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 2732
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Thu, 04 Jul 2024 21:29:35 GMT
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

Redirect headers

Location: https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 zclkredirect
tanis-ats.com/ 348 B
810 B 132ms
132ms Document
text/html 34.232.36.187
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tanis-ats.com/zclkredirect?visitid=81bf0600-3a4c-11ef-ac66-0affc61c6c41&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome

Requested by

Host: tanis-ats.com
URL: https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.232.36.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-232-36-187.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://tanis-ats.com/zclkvisitor/81bf0600-3a4c-11ef-ac66-0affc61c6c41/1304ac30-8585-11eb-af9e-0a51339b19df?campaignid=81c9db77-3a4c-11ef-ac66-0affc61c6c41
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-length: 348
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
content-type: text/html;charset=UTF-8
date: Thu, 04 Jul 2024 21:29:35 GMT
redirected: JS
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'

GET
H2

200

px Show response
starchoice-1.online/api/v1/
Redirect Chain

http://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD
https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD

114 KB
21 KB

456ms
164ms

Document
text/html

15.197.224.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD
Requested by: Host: tanis-ats.com
URL: https://tanis-ats.com/zclkredirect?visitid=81bf0600-3a4c-11ef-ac66-0affc61c6c41&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.224.234 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ab226b763647f1870.awsglobalaccelerator.com
Software: /
Resource Hash: 2727311084bf785087f44f991d9bd7f43ca84b712b44c5e191d201b2b1afef7a

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://tanis-ats.com/zclkredirect?visitid=81bf0600-3a4c-11ef-ac66-0affc61c6c41&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B02%3A00&timezoneName=Europe%2FRome
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:29:36 GMT
etag: W/"1c8ff-PSJKgIuDM6h+sziQzA/ywynjc1Q"
vary: Accept-Encoding

Redirect headers

Location: https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 stormcaster.js Show response
cdn.perfdrive.com/advanced/ 237 KB
89 KB 143ms
30ms Script
application/javascript 130.211.29.114
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Requested by: Host: starchoice-1.online
URL: https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.114 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 114.29.211.130.bc.googleusercontent.com
Software: nginx/1.10.1 /
Resource Hash: 083aa627d1b2a29661b9548eb547582b11faf1d2d90c076279053ab56be15f2b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://starchoice-1.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 21:26:39 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Tue, 18 Jun 2024 04:33:45 GMT
server: nginx/1.10.1
age: 177
etag: W/"66710e29-3b3c5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90611

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 360 B
419 B 200ms
58ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://starchoice-1.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 8ms
date: Thu, 04 Jul 2024 21:29:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 360
content-type: text/plain; charset=UTF-8

POST
H2 200 jsdata
cas.avalon.perfdrive.com/ 255 B
401 B 196ms
55ms XHR
text/plain 35.241.15.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cas.avalon.perfdrive.com/jsdata?
Requested by: Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/advanced/stormcaster.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.15.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.15.241.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://starchoice-1.online/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
x-response-time: 9ms
date: Thu, 04 Jul 2024 21:29:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
content-type: text/plain; charset=UTF-8

GET
H2

200

click Show response
kettakihome.com/
Redirect Chain

https://starchoice-1.online/api/v1/pxcheck?impId=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD&minfo=eyJjb29raWVEaXNhYmxlZCI6ZmFsc2UsInVhIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwb...
http://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0
https://xml-v4.starvalue-4.online/click?seat=2667357&i=mxKW86zQk5M_0
https://kettakihome.com/click?trvid=13182&extid=Wcg-CEIfdeM&bid=0.0002&var1=75d8bb5c40cc22f0381310608&banner=6080780&carrier=Global+Router&search_referrer_domain=adfpoint.com&campaign=1182080&query...

1 KB
3 KB

175ms
40ms

Document
text/html

3.125.239.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kettakihome.com/click?trvid=13182&extid=Wcg-CEIfdeM&bid=0.0002&var1=75d8bb5c40cc22f0381310608&banner=6080780&carrier=Global+Router&search_referrer_domain=adfpoint.com&campaign=1182080&query=pornnetflix.com%252Cpornnetflix%252Ccom
Requested by: Host: starchoice-1.online
URL: https://starchoice-1.online/api/v1/px?xmlid=hIM3R0dGE3RScA86I2klY83qTLTSf1tviGEu3GFD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 61e9490864b591952fd685c0482243f7a6ad4c249eb0cd3251a54c39f9149015

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 1252
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:29:37 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx

Redirect headers

Accept-CH: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Cache-Control: no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 04 Jul 2024 21:29:37 GMT
Location: https://kettakihome.com/click?trvid=13182&extid=Wcg-CEIfdeM&bid=0.0002&var1=75d8bb5c40cc22f0381310608&banner=6080780&carrier=Global+Router&search_referrer_domain=adfpoint.com&campaign=1182080&query=pornnetflix.com%252Cpornnetflix%252Ccom
Server: nginx

GET
H2 200 double Show response
kettakihome.com/ 715 B
895 B 33ms
33ms Document
text/html 3.125.239.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kettakihome.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRG1HWjdIbD9hZj03ekRMQnFlMnZpNkVcdTAwMjZkcD1kZXMiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjM3MjV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.125.239.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-239-17.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b867db3bddb5844103f2f9b8c2334ea35e66fe8d98d795003e4499df4b0831a7

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length: 715
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 21:29:37 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: nginx

GET
H2

200

Primary Request / Show response
best.aliexpress.com/
Redirect Chain

https://s.click.aliexpress.com/e/_DmGZ7Hl?af=7zDLBqe2vi6E&dp=des
https://mbest.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_...
https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_t...

193 KB
32 KB

1430ms
417ms

Document
text/html

104.102.42.226
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_trace_key=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&terminal_id=810b2bfff30b417b9a16b416a3c3df7b&gatewayAdapt=Msite2Pc

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.102.42.226 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-42-226.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

39bfa2886d09ca3918334a6cda09924b92524b2d4880d1ca4ab5a9a0b88bcecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Referer: https://kettakihome.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3MuY2xpY2suYWxpZXhwcmVzcy5jb20vZS9fRG1HWjdIbD9hZj03ekRMQnFlMnZpNkVcdTAwMjZkcD1kZXMiLCJSZWRpcmVjdFdvcmRpbmciOiJZb3UgYXJlIGJlaW5nIGF1dG9tYXRpY2FsbHkgcmVkaXJlY3RlZC4iLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiT3IgY2xpY2sgaGVyZSB0byBjb250aW51ZS4iLCJJbnN0YWxsSWQiOjM3MjV9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 04 Jul 2024 21:29:40 GMT
eagleeye-traceid: 211b81b117201285799248030ed0e3
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
server-timing: ak_p; desc="1720128579914_34664581_91470181_35023_8422_28_0_255";dur=1
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-akamai-fwd-auth-data: 1354072407, 2.16.240.133, 1720128580, 185.198.62.106
x-akamai-fwd-auth-sha: 31A89A97A4F6C046EA395E2E5D19772E99D2AF7F393271B95F5BDF3B5D55B3DA
x-akamai-fwd-auth-sign: /JFvn4+Y/bjkF/ForkX0eFOVmtxcLXyDU8MR3rULNe9CwDtI0D7uw0FcjeacsA54KCqvQY2Ntq+cdjT+DC+dSnaQ0b/t4zj0m1nSh2iFVHU=
x-application-context: ae-fn-gateway-f:7001

Redirect headers

content-length: 0
date: Thu, 04 Jul 2024 21:29:38 GMT
eagleeye-traceid: 211b600917201285788362330e6a3f
location: https://best.aliexpress.com/?af=7zDLBqe2vi6E&dp=des&aff_fcid=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&tt=CPS_NORMAL&aff_fsk=_DmGZ7Hl&aff_platform=portals-tool&sk=_DmGZ7Hl&aff_trace_key=d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl&terminal_id=810b2bfff30b417b9a16b416a3c3df7b&gatewayAdapt=Msite2Pc
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
server-timing: ak_p; desc="1720128578834_34664581_91468001_1003_839_31_0_255";dur=1
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 558105206, 2.16.240.133, 1720128578, 185.198.62.106
x-akamai-fwd-auth-sha: 48F758766F46D302897F114E957074D9A827D0E78333C1F8A0245D03C72699F9
x-akamai-fwd-auth-sign: 6ZE2LTDHopqSOiBePnVAQaoxqjjOzH7EGsIVqlfkqBDGkoJfC1XGs/O83DoN11LLOxfb7S58NwhgSD7igt4MMiUY8gsqXBVB1P1DCbN9Ock=

GET index.css
assets.alicdn.com/g/ae-dida/home-pc/0.0.64/ 0
0

GET ae-header-ltr.css
assets.alicdn.com/g/ae-fe/header-ui/0.0.94/src/multilan/ 0
0

GET 240x168.png
ae01.alicdn.com/kf/S4ea57d403b1441caaf244db533901eb5R/ 0
0

GET ae-header.js
assets.alicdn.com/g/ae-fe/header-ui/0.0.94/src/ 0
0

GET index.css
assets.alicdn.com/g/ae-fe/page-header-ui/0.0.30/css/ 0
0

GET index.js
assets.alicdn.com/g/ae-fe/page-header-ui/0.0.30/js/ 0
0

GET _cross_page_loader_.js
assets.alicdn.com/g/code/npm/@alife/nano-cross-page-loader/0.0.23/ 0
0

GET index.css
assets.alicdn.com/g/ae-fe/cosmos/0.0.280/pc/ 0
0

GET index.js
assets.alicdn.com/g/ae-fe/global/0.0.3/ 0
0

GET index.js
assets.alicdn.com/g/ae-fe/cosmos/0.0.280/pc/ 0
0

GET index.js
assets.alicdn.com/g/lzd_sec/LWSC-G/ 0
0

GET index.js
assets.alicdn.com/g/ae-dida/home-pc/0.0.64/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-dida/home-pc/0.0.64/index.css

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.94/src/multilan/ae-header-ltr.css

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/S4ea57d403b1441caaf244db533901eb5R/240x168.png

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/header-ui/0.0.94/src/ae-header.js

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/page-header-ui/0.0.30/css/index.css

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/page-header-ui/0.0.30/js/index.js

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/code/npm/@alife/nano-cross-page-loader/0.0.23/_cross_page_loader_.js

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.280/pc/index.css

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/global/0.0.3/index.js

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-fe/cosmos/0.0.280/pc/index.js

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/lzd_sec/LWSC-G/index.js

Domain: assets.alicdn.com
URL: https://assets.alicdn.com/g/ae-dida/home-pc/0.0.64/index.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.starchoice-1.online/	1970-01-21 02:08:04	Name: __ssds Value: 2
.starchoice-1.online/	1970-01-21 02:08:04	Name: __ssuzjsr2 Value: a9be0cd8e
.starchoice-1.online/	1970-01-21 02:08:04	Name: __uzmaj2 Value: 472da5d3-d488-43f7-9c5c-b04809cfe2d1
.starchoice-1.online/	1970-01-21 02:08:04	Name: __uzmbj2 Value: 1720128576
.starchoice-1.online/	1970-01-21 02:08:04	Name: __uzmcj2 Value: 759081077776
.starchoice-1.online/	1970-01-21 02:08:04	Name: __uzmdj2 Value: 1720128576
.starchoice-1.online/	1970-01-21 02:08:04	Name: __uzmlj2 Value: vrYJIJn6/NS3YU6CSUOuYrTLfje7xkKS4RVfwvx/r5A=
.starchoice-1.online/	1970-01-21 02:08:04	Name: __uzmfj2 Value: 7f60003ddfda15-6655-467e-b579-f7f318e7ff0617201285766280-d746c9865150c5b310
kettakihome.com/	1970-01-20 22:32:00	Name: ClickDataNG Value: H4sIAAAAAAAA_3SU_27bNhDHX0U4YECLaTIlW7KmQihSp0iDxsWwpAswDAho8mQToUn1SLl2f7z7QFFJPWz7T3c83n159zl9hQOSU9ZAA3nGMgYp-FOP0LAU3LC5e_oW1hyQPEpoOq4dpiC0Eo_XEhpYfrm8efMJi4Oq3kIKknuEJl8WLC_qcrlMQfB9z9XWhOh8ntdFCsqtfrt4zkXWc6_sGDDP60UKNGgMFkuBUCpC4dfod1ZCU6bg7EBiPJ-XKWhupDLbKXyyPpKGBiAF23VIY-VFXaawIW7Eboodz2LkzvveNbOZy8aHZVwrPPaEzmXC7mc4e7jcX_25fKdf8649f_FfA2NFJftWooPQKOehYRljrAjaD2iG2MKen-zgf9RdDURoxAka-Hh7CSkMpM6EPKL3_FHt7B5HBaOs154OSrZjE2NhPHol23ux_WX19rqTuI7ujZJtFBHtA6e8XZay3mxKsWBCFEXH5nU-z1nF6ukONwaprVjNljWLPsGJFFJ7pe2G659_t4NHikcOOYndA2GHREgP0u65Mi2XXW-V8UH0U444_jbP64I9Zf40IJ3a3pIx6DutjuHCT0VZrM58oy3sHlJQ_YWUYR4B1brM8l_rrCqynFXnh1Uc-uCQLrZoPDSwtl-U1nxWZix5ca-MtJ9d8uEuyVnGXiX3ylSLV8mxWrxMLvpe4z1u3is_K-fLbF4lL96_u1vfpIlWj5hcoXi0L5PVjuweZ3lRhY3JWHLLO05qugJh6h0SUpQi8aAEPi-SDfonFYFO98ePBQzbtyH72Y13Y5nnDG-IG3mecm0l6nPHB77HaItYDlZ8o3F2eXsTWuR6aCDOMYlzHHEdjKfA4PXdqHwbtVzffft2Y_cbTvIUwpQ_Td610txAwJnQ-FWgclo0UltlbvozlyduHBdxtR00ZtA6BTE4b_fQfJ2WBSKokAIePZLhevytnDENKRxY-NP8H8AhIIcGJnaDWfzHaw9zaOAc0OBbhNZHMoNZQgP_ovKfTI5Efv_-dwAAAP__RwkMuz0FAAA=
kettakihome.com/	1970-01-20 22:32:00	Name: ClickDataNgFall Value: H4sIAAAAAAAA_3SU_27bNhDHX0U4YECLaTIlW7KmQihSp0iDxsWwpAswDAho8mQToUn1SLl2f7z7QFFJPWz7T3c83n159zl9hQOSU9ZAA3nGMgYp-FOP0LAU3LC5e_oW1hyQPEpoOq4dpiC0Eo_XEhpYfrm8efMJi4Oq3kIKknuEJl8WLC_qcrlMQfB9z9XWhOh8ntdFCsqtfrt4zkXWc6_sGDDP60UKNGgMFkuBUCpC4dfod1ZCU6bg7EBiPJ-XKWhupDLbKXyyPpKGBiAF23VIY-VFXaawIW7Eboodz2LkzvveNbOZy8aHZVwrPPaEzmXC7mc4e7jcX_25fKdf8649f_FfA2NFJftWooPQKOehYRljrAjaD2iG2MKen-zgf9RdDURoxAka-Hh7CSkMpM6EPKL3_FHt7B5HBaOs154OSrZjE2NhPHol23ux_WX19rqTuI7ujZJtFBHtA6e8XZay3mxKsWBCFEXH5nU-z1nF6ukONwaprVjNljWLPsGJFFJ7pe2G659_t4NHikcOOYndA2GHREgP0u65Mi2XXW-V8UH0U444_jbP64I9Zf40IJ3a3pIx6DutjuHCT0VZrM58oy3sHlJQ_YWUYR4B1brM8l_rrCqynFXnh1Uc-uCQLrZoPDSwtl-U1nxWZix5ca-MtJ9d8uEuyVnGXiX3ylSLV8mxWrxMLvpe4z1u3is_K-fLbF4lL96_u1vfpIlWj5hcoXi0L5PVjuweZ3lRhY3JWHLLO05qugJh6h0SUpQi8aAEPi-SDfonFYFO98ePBQzbtyH72Y13Y5nnDG-IG3mecm0l6nPHB77HaItYDlZ8o3F2eXsTWuR6aCDOMYlzHHEdjKfA4PXdqHwbtVzffft2Y_cbTvIUwpQ_Td610txAwJnQ-FWgclo0UltlbvozlyduHBdxtR00ZtA6BTE4b_fQfJ2WBSKokAIePZLhevytnDENKRxY-NP8H8AhIIcGJnaDWfzHaw9zaOAc0OBbhNZHMoNZQgP_ovKfTI5Efv_-dwAAAP__RwkMuz0FAAA=
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=1e07dp_n97dka&acs_rt=810b2bfff30b417b9a16b416a3c3df7b
.aliexpress.com/	1970-01-21 07:24:48	Name: aeu_cid Value: d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl
.aliexpress.com/	1970-01-20 23:58:24	Name: xman_t Value: knNXEv4lZ8sDMo8U1j89t8vFUBgI/fSp3zxt1KgZjBjpwa39UURnQKQPETWSoZ18
.aliexpress.com/	1970-01-21 07:24:48	Name: xman_f Value: WxXsnZRGXZLiFTZ2virv0tzZR9loH37atBtXIktkDGBiDPlzZrgdBC5k5RnHMA+725mlH9SPeHmVcASkZzQcqS3m7cZksoAdfkaFv9YVycKnGN4SbMyjpw==
.aliexpress.com/	1970-01-21 07:24:48	Name: af_ss_a Value: 1
.aliexpress.com/	1970-01-21 07:24:48	Name: af_ss_b Value: 1
.aliexpress.com/	1970-01-21 07:24:48	Name: xman_us_f Value: x_locale=it_IT&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22d5ef294ef0264bbfbb41b3979aa60b32-1720128577847-05566-_DmGZ7Hl%22%2C%22af%22%3A%227zDLBqe2vi6E%22%2C%22affiliateKey%22%3A%22_DmGZ7Hl%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22866306666%22%2C%22tagtime%22%3A1720128577847%7D&acs_rt=810b2bfff30b417b9a16b416a3c3df7b
.aliexpress.com/	1969-12-31 23:59:59	Name: intl_locale Value: it_IT
.aliexpress.com/	1970-01-21 07:24:48	Name: aep_usuc_f Value: site=ita&c_tp=EUR&region=IT&b_locale=it_IT
.aliexpress.com/	1970-01-21 07:24:48	Name: intl_common_forever Value: i/cVfkJ+raBLaN0aOtMpPg0/jTBoeH7k+lJbGYOWMiKeorYTroRt6w==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae01.alicdn.com
assets.alicdn.com
best.aliexpress.com
cas.avalon.perfdrive.com
cdn.perfdrive.com
d38psrni17bvxu.cloudfront.net
kettakihome.com
mbest.aliexpress.com
s.click.aliexpress.com
secure.pornnetflix.com
starchoice-1.online
tanis-ats.com
xml-v4.starvalue-4.online
ae01.alicdn.com
assets.alicdn.com
104.102.42.226
130.211.29.114
15.197.224.234
173.239.53.32
18.66.121.190
185.53.177.112
3.125.239.17
34.232.36.187
35.241.15.240
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
083aa627d1b2a29661b9548eb547582b11faf1d2d90c076279053ab56be15f2b
2727311084bf785087f44f991d9bd7f43ca84b712b44c5e191d201b2b1afef7a
39bfa2886d09ca3918334a6cda09924b92524b2d4880d1ca4ab5a9a0b88bcecf
61e9490864b591952fd685c0482243f7a6ad4c249eb0cd3251a54c39f9149015
73a237a50589c10a6f616b6caec100fa02b6083d6bf8503ac03487b01d5f13fd
b867db3bddb5844103f2f9b8c2334ea35e66fe8d98d795003e4499df4b0831a7
bcee54f6607ae1c8118862055eda6c3e6ef6a7d8d3e055a88df28959ff140daa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

best.aliexpress.com Open in urlscan Pro 104.102.42.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

26 Requests

54 %HTTPS

0 %IPv6

9 Domains

13 Subdomains

9 IPs

2 Countries

154 kBTransfer

553 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

20 Cookies

Indicators

best.aliexpress.com Open in urlscan Pro
104.102.42.226 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

54 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

9
IPs

2
Countries

154 kB
Transfer

553 kB
Size

20
Cookies

26 HTTP transactions
0 data transactions