Submitted URL: https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLOD...
Effective URL: https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542e...
Submission: On November 28 via api from US — Scanned from CA

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 58 HTTP transactions. The main IP is 23.9.171.48, located in United States and belongs to AKAMAI-AS, US. The main domain is best.aliexpress.com. The Cisco Umbrella rank of the primary domain is 49110.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 9th 2024. Valid for: a year.
This is the only time best.aliexpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 88.208.22.1 39572 (ADVANCEDH...)
4 139.45.196.64 9002 (RETN-AS R...)
1 172.67.169.157 13335 (CLOUDFLAR...)
1 104.18.23.222 13335 (CLOUDFLAR...)
2 8 104.18.22.222 13335 (CLOUDFLAR...)
1 104.21.27.183 13335 (CLOUDFLAR...)
2 172.67.180.27 13335 (CLOUDFLAR...)
1 2 23.9.171.48 16625 (AKAMAI-AS)
1 23.49.177.65 16625 (AKAMAI-AS)
2 23.220.132.47 16625 (AKAMAI-AS)
58 11
Apex Domain
Subdomains
Transfer
9 taiwoudoastuph.net
taiwoudoastuph.net — Cisco Umbrella Rank: 326918
18 KB
4 leikovoleikamarada.com
leikovoleikamarada.com — Cisco Umbrella Rank: 908885
16 KB
2 aliexpress-media.com
assets.aliexpress-media.com Failed
ae-pic-a1.aliexpress-media.com — Cisco Umbrella Rank: 19276
26 KB
2 aliexpress.com
s.click.aliexpress.com — Cisco Umbrella Rank: 23888
best.aliexpress.com — Cisco Umbrella Rank: 49110
47 KB
2 chacem.com
chacem.com
x.chacem.com
2 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10565
2 KB
2 gancypnectist.com
28877259-13120-ex.gancypnectist.com
4 KB
1 alicdn.com
ae01.alicdn.com Failed
assets.alicdn.com — Cisco Umbrella Rank: 10632
2 KB
0 google.com Failed
ads.google.com Failed
58 9
Domain Requested by
9 taiwoudoastuph.net 2 redirects leikovoleikamarada.com
taiwoudoastuph.net
4 leikovoleikamarada.com 28877259-13120-ex.gancypnectist.com
leikovoleikamarada.com
2 ae-pic-a1.aliexpress-media.com best.aliexpress.com
2 my.rtmark.net leikovoleikamarada.com
taiwoudoastuph.net
2 28877259-13120-ex.gancypnectist.com 1 redirects
1 assets.alicdn.com best.aliexpress.com
1 best.aliexpress.com
1 s.click.aliexpress.com 1 redirects
1 x.chacem.com
1 chacem.com
0 ae01.alicdn.com Failed best.aliexpress.com
0 assets.aliexpress-media.com Failed best.aliexpress.com
0 ads.google.com Failed 28877259-13120-ex.gancypnectist.com
58 13

This site contains no links.

Subject Issuer Validity Valid
*.gancypnectist.com
R11
2024-09-23 -
2024-12-22
3 months crt.sh
leikovoleikamarada.com
R11
2024-10-01 -
2024-12-30
3 months crt.sh
my.rtmark.net
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
taiwoudoastuph.net
WE1
2024-11-12 -
2025-02-10
3 months crt.sh
chacem.com
WE1
2024-10-22 -
2025-01-20
3 months crt.sh
ae01.alicdn.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-09 -
2025-09-05
a year crt.sh
ru.aliexpress.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-09 -
2025-09-04
a year crt.sh
img.alicdn.com
DigiCert TLS RSA SHA256 2020 CA1
2024-10-09 -
2025-09-04
a year crt.sh

This page contains 1 frames:

Primary Page: https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d
Frame ID: 8A02C30E554D7BA2DE3E923C00748E40
Requests: 58 HTTP requests in this frame

Screenshot

Page Title

AliExpress - Online Shopping for Popular Electronics, Fashion, Home & Garden, Toys & Sports, Automobiles and More.

Page URL History Show full URLs

  1. https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3W... Page URL
  2. https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3W... HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x Page URL
  4. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://chacem.com/2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0?region=on&cost=0.000650&browser=c... Page URL
  5. https://x.chacem.com/nPp-q5A7OQLPOQztLQfDTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7r... Page URL
  6. https://s.click.aliexpress.com/e/_DCBrWr3?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236 HTTP 302
    https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e... Page URL

Page Statistics

58
Requests

34 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

11
IPs

4
Countries

112 kB
Transfer

361 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1 Page URL
  2. https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Thu%20Nov%2028%202024%2001%3A31%3A55%20GMT-0800%20(Pacific%20Standard%20Time)%22%2C%22480%22%2C%22en-CA%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
    https://leikovoleikamarada.com/link?z=7205185&var={hostid} Page URL
  3. https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
    https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x Page URL
  4. https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
    https://chacem.com/2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0?region=on&cost=0.000650&browser=chrome&subzone_id=0&creaid=22471969&browserversion=131&zoneid=6118780&lang=en&campid=8828203&os=linux&clickid=885932624353431860&osversion=unspecified_linux&connection.type=xdsl Page URL
  5. https://x.chacem.com/nPp-q5A7OQLPOQztLQfDTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5_tJfTtNfTJB4ikpPNDqQvtRZvSNyO-4UStOJ_41RfMYwfCkUItN8ISO8LlRwOZq7LcNZISHZLQ-5OZqmLC1-yCu7ySO-yliaYZuPLQI8~iEE Page URL
  6. https://s.click.aliexpress.com/e/_DCBrWr3?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236 HTTP 302
    https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1&pageUri=&referer=&jsr=1&abl=0&acrc=1&acrs=own&bdd=%5B%22Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22WebKit%20WebGL%22%2C%22WebKit%22%2C%22Intel%20Iris%20OpenGL%20Engine%22%2C%22Intel%20Inc.%22%2C%22false%22%2C%22true%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221285%22%2C%221600%22%2C%221200%22%2C%221600%22%2C%221200%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaaaaacceccceffhillllmmprrsssstttellllpss%22%2C%22Thu%20Nov%2028%202024%2001%3A31%3A55%20GMT-0800%20(Pacific%20Standard%20Time)%22%2C%22480%22%2C%22en-CA%22%2C%22en-US%2Cen%22%2C%22true%22%2C%22true%22%2C%224044038915%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D HTTP 307
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Request Chain 7
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false HTTP 302
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Request Chain 14
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false HTTP 302
  • https://chacem.com/2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0?region=on&cost=0.000650&browser=chrome&subzone_id=0&creaid=22471969&browserversion=131&zoneid=6118780&lang=en&campid=8828203&os=linux&clickid=885932624353431860&osversion=unspecified_linux&connection.type=xdsl

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V
28877259-13120-ex.gancypnectist.com/
8 KB
3 KB
Document
General
Full URL
https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.208.22.1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
mail.armadaboard.com
Software
nginx /
Resource Hash
df3eb13bb9a01687a6f358395019b298ff194f646ef9b0c4edb6638e760e8509

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Thu, 28 Nov 2024 09:31:55 GMT
expires
Thu, 28 Nov 2024 09:31:55 UTC
last-modified
Thu, 28 Nov 2024 09:31:55 UTC
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
vary
Accept-Encoding
/
ads.google.com/
0
0

link
leikovoleikamarada.com/
Redirect Chain
  • https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2...
  • https://leikovoleikamarada.com/link?z=7205185&var={hostid}
31 KB
16 KB
Document
General
Full URL
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Requested by
Host: 28877259-13120-ex.gancypnectist.com
URL: https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
c69efd8749505e10a7c248fcaad7dd6de69523aee87cb2b9cd7087c1d4b0add6
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
device-memory
8

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 28 Nov 2024 09:31:55 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
dcde5292f655e0a6272418c408d3621e

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime
31536000
access-control-allow-credentials
true
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/plain; charset=UTF-8
date
Thu, 28 Nov 2024 09:31:55 GMT
expires
Thu, 28 Nov 2024 09:31:55 UTC
last-modified
Thu, 28 Nov 2024 09:31:55 UTC
location
https://leikovoleikamarada.com/link?z=7205185&var={hostid}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
pragma
no-cache
referrer-policy
unsafe-url
server
nginx
img.gif
my.rtmark.net/
43 B
879 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=008122a9d6aa436eef67817df9bab5f3&z=7205186&p_rid=89d1f7c3-a8b6-44d1-bfb4-0b062ca70ddd&p_src=sf
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.157 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4MRDiAQGQqEPBS%2Fimn5tDQkbnA1a9WusYpn6Y8mNtxsD1en8XQjKS%2BxtxZJQdJmNNcP6jxEc6WOqNX44IZkbV82RnC9%2Fx8j1HeB8%2FC1kEVAME3yMbg3COls3ErZ6pbV"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23199&min_rtt=23149&rtt_var=3747&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4520&delivery_rate=578&cwnd=12000&unsent_bytes=0&cid=cd3fde570be64205&ts=120&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:31:56 GMT
content-type
image/gif
priority
u=3,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e99590bb9e5ec71-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
taiwoudoastuph.net/
43 B
663 B
Image
General
Full URL
https://taiwoudoastuph.net/sftouch?userId=008122a9d6aa436eef67817df9bab5f3&z=7205186&p_rid=89d1f7c3-a8b6-44d1-bfb4-0b062ca70ddd&p_src=sf&branchId=0&rb=QvGnbIhxKnO8Yxi9YU67LJpRdqTbjXTQRuLb88p3yWc6osh0XEBFfnmNOMjdMETddhkMXfUciG5PNVNR-1OZsSVA_bpvYYmKSZ-PP7Rg1beUpGy8fFjt8plK5S02EgQNfPMXlLxPWiNzaWThgm499ENTbAKdR6r0o7SY5x5rYChOGLUFuDGxXkkAF-K8diPhAyW7_q4LCGr9gAvWkHE04f9DLuyTD_F6a4k5Yth3jCEJ2KlIvsDjUPemLV3ht9G8weST2tXUm47Y7f9lU7QV0sA7RyT9_a2jGIQmoArPop49e4XXqdofeGBAt4c44i-sh7-B9nlMeZqhsIiuKfPXAtUl0CYkhbpng5z7RUNZaPZPbZpUtcS7HuCT_HZC4emuGJ075RrFMTBgbznwngzquM0Cq1updFWqHyGjEy9cPVFoZtzvDTw-nvbqM-15nm-zBbGrIOnSxu3RqqMGf2mlowV7qcx7AIji3yprcuGfa3acgOS1cMuarhlI8dTXLKUB8wq0fUrIiEd79XtwS97-DevNuGjfmUnkPGpRd1jCRCwmuP42HyWi4Pxlq6kDSWnTpACdNUtI7DPqZFxbyxGsAqHqGnFqS_oFLb7p1KliVwgDivKDkf4jj0oCqulksydwuOln1DxeTMwqXl-AUvLW3YTqYlPBuYDavX4oOMF49a8JQRHxaltwmomfsOrfKJG3iu6O1fW1ZxTEXFYK5975SiXCPp3s1U_yKkTqLR6vGyKNiXQb_mM5Io1X7i8JpCWS76bCrJHIy2I=&w_img=1
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:31:56 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
7074dea4375312de511fb7e745baf4e9
cf-ray
8e99590c2830ec72-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
add
leikovoleikamarada.com/log/
12 B
391 B
XHR
General
Full URL
https://leikovoleikamarada.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=89d1f7c3-a8b6-44d1-bfb4-0b062ca70ddd
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
12
date
Thu, 28 Nov 2024 09:31:56 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
leikovoleikamarada.com/async_log/
0
345 B
XHR
General
Full URL
https://leikovoleikamarada.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=89d1f7c3-a8b6-44d1-bfb4-0b062ca70ddd
Requested by
Host: leikovoleikamarada.com
URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://leikovoleikamarada.com/link?z=7205185&var={hostid}

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://leikovoleikamarada.com
content-length
0
date
Thu, 28 Nov 2024 09:31:56 GMT
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
6118780
taiwoudoastuph.net/4/
Redirect Chain
  • https://taiwoudoastuph.net/?z=7205186&syncedCookie=true&rhd=false
  • https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
31 KB
14 KB
Document
General
Full URL
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8d9e72b39f38a191086d7012efc9a9afd358d193ad70ed1a81dbdff88a7f78
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://leikovoleikamarada.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e99590ff90e548b-YYZ
content-encoding
gzip
content-type
text/html; charset=utf8
date
Thu, 28 Nov 2024 09:31:56 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
05bfca2d8798ba73ee32251726b4af25

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://leikovoleikamarada.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e99590ef89c548b-YYZ
content-length
0
date
Thu, 28 Nov 2024 09:31:56 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://taiwoudoastuph.net>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
50307e29eea40e2c149fb7b79a77479d
favicon.ico
leikovoleikamarada.com/
0
151 B
Other
General
Full URL
https://leikovoleikamarada.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.196.64 , United Kingdom, ASN9002 (RETN-AS RETN Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate
date
Thu, 28 Nov 2024 09:31:56 GMT
pragma
public
server
nginx
img.gif
my.rtmark.net/
43 B
879 B
Image
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=0081228b90324525fc428181bb89672e&z=6118780&p_rid=301e0dc4-7d83-46a2-919b-740b30e3d51b&p_src=sf
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.27.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/

Response headers

access-control-expose-headers
Authorization
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1zEdNSuHAG3%2FmU53n3RmSQB0Y8G6Ljo2sdYO%2FJja1TtpkvoGCzw%2BC1aSNIXFJnOBcMUdqQULRiyjn1ot5bwtBAOW%2FM8JWd1nH80xiZ0z7F7WK8yKobrJ5PM4x9bkMVrC"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23994&min_rtt=23916&rtt_var=3881&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4119&recv_bytes=4551&delivery_rate=569&cwnd=12000&unsent_bytes=0&cid=30483b2166e0acf0&ts=140&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 28 Nov 2024 09:31:57 GMT
content-type
image/gif
priority
u=1,i
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
strict-transport-security
max-age=1
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
*, *
access-control-allow-credentials
true
cf-ray
8e9959111f67ac42-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
sftouch
taiwoudoastuph.net/
43 B
568 B
Image
General
Full URL
https://taiwoudoastuph.net/sftouch?userId=0081228b90324525fc428181bb89672e&z=6118780&p_rid=301e0dc4-7d83-46a2-919b-740b30e3d51b&p_src=sf&branchId=0&rb=eDCL9B-B5lsWJ31EbrISzhBwhinQNJjTDZ3_sgLOikY-Rd_kevQQkyfa3pYlZ8RKf2ug8tTSwEOPqIHFhGAkAad4eNCmFcWYbbWUFBcCPUyUmxY2eQfOwKMIRfQAB2zHJZ7RVrDZYwYbDwBdlO_N3AA1C5Cy11qe3Zfu-BxjrnvU49DUKXEcwNYYcVWBBiKBN8oGRmkJXzB8zNh1Q8MrmnXvq1CUPi7OTI_eQvstbUaIIPoSTtj9s9FxEbobVU0HmQ449Uc1GpuUbIg3e0Ashov6V3h-CeXG47WUPS0gOdUr_IWgX-imlw==&w_img=1
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x

Response headers

access-control-max-age
86400
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:31:57 GMT
content-type
image/gif
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
strict-transport-security
max-age=1
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*, *
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
pragma
no-cache
access-control-allow-credentials
true
x-trace-id
578c4ab4134a640d0ebdd98b223e7cc1
cf-ray
8e9959110840ab64-YYZ
access-control-allow-origin
*
content-length
43
server
cloudflare
add
taiwoudoastuph.net/log/
12 B
307 B
XHR
General
Full URL
https://taiwoudoastuph.net/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=301e0dc4-7d83-46a2-919b-740b30e3d51b
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
cf-ray
8e995911486aab64-YYZ
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
12
date
Thu, 28 Nov 2024 09:31:57 GMT
content-type
application/json; charset=utf-8
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
taiwoudoastuph.net/async_log/
0
263 B
XHR
General
Full URL
https://taiwoudoastuph.net/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=301e0dc4-7d83-46a2-919b-740b30e3d51b
Requested by
Host: taiwoudoastuph.net
URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x

Response headers

strict-transport-security
max-age=1
timing-allow-origin
*
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
cf-ray
8e995911486bab64-YYZ
access-control-allow-origin
https://taiwoudoastuph.net
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 28 Nov 2024 09:31:57 GMT
server
cloudflare
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
favicon.ico
taiwoudoastuph.net/
0
183 B
Other
General
Full URL
https://taiwoudoastuph.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1368551
cf-ray
8e99591208ccab64-YYZ
expires
Sun, 26 Nov 2034 09:31:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:31:57 GMT
vary
Accept-Encoding
server
cloudflare
2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0
chacem.com/
Redirect Chain
  • https://taiwoudoastuph.net/?z=6118780&syncedCookie=true&rhd=false
  • https://chacem.com/2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0?region=on&cost=0.000650&browser=chrome&subzone_id=0&creaid=22471969&browserversion=131&zoneid=6118780&lang=en&campid=8828203&os=linux&c...
689 B
1 KB
Document
General
Full URL
https://chacem.com/2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0?region=on&cost=0.000650&browser=chrome&subzone_id=0&creaid=22471969&browserversion=131&zoneid=6118780&lang=en&campid=8828203&os=linux&clickid=885932624353431860&osversion=unspecified_linux&connection.type=xdsl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4d48ccaf8b6b35525d32997549989b920710cb0176e66e7a3c54e3b5cf39dad
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://taiwoudoastuph.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
cf-cache-status
DYNAMIC
cf-ray
8e9959159d9d53ef-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:31:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=007VnWSExrLfGqRPc0lxfXkP8zz6F7gUiJOTE1mAIla7Tct2Nyj%2B8K4VDIDbwIb7PvQ8176NIFJ4eibfV4zEUMWbKkfwnQQnTbjwG0jqk1E3fEYPNcsm0LvUG4s%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=26820&min_rtt=23413&rtt_var=10023&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4157&recv_bytes=4656&delivery_rate=578&cwnd=12000&unsent_bytes=0&cid=9c50b856e115e735&ts=146&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-frame-options
sameorigin

Redirect headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://taiwoudoastuph.net
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e99591248e8ab64-YYZ
content-length
0
date
Thu, 28 Nov 2024 09:31:57 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://chacem.com>; rel="preconnect dns-prefetch",<https://yonmewon.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
location
https://chacem.com/2894907ecf07b9acc32a78eb1dcb1dedddcb4b25c0?region=on&cost=0.000650&browser=chrome&subzone_id=0&creaid=22471969&browserversion=131&zoneid=6118780&lang=en&campid=8828203&os=linux&clickid=885932624353431860&osversion=unspecified_linux&connection.type=xdsl
pragma
no-cache
referrer-policy
no-referrer
server
cloudflare
strict-transport-security
max-age=1
timing-allow-origin
* *
x-content-type-options
nosniff
x-trace-id
9664ebc8f11a88daf7cdd3588a4d63ab
favicon.ico
taiwoudoastuph.net/
0
0
Other
General
Full URL
https://taiwoudoastuph.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.22.222 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false

Response headers

cache-control
public, max-age=315360000
cf-cache-status
HIT
pragma
public
age
1368551
cf-ray
8e99591208ccab64-YYZ
expires
Sun, 26 Nov 2034 09:31:57 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 28 Nov 2024 09:31:57 GMT
vary
Accept-Encoding
server
cloudflare
nPp-q5A7OQLPOQztLQfDTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5_tJfTtNfTJB4ikpPNDqQvtRZvSNyO-4UStOJ_41RfMYwfCkUItN8ISO8LlRwOZq7LcNZISHZLQ-5OZqmLC1-yCu7ySO-yliaYZuPL...
x.chacem.com/
573 B
1 KB
Document
General
Full URL
https://x.chacem.com/nPp-q5A7OQLPOQztLQfDTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5_tJfTtNfTJB4ikpPNDqQvtRZvSNyO-4UStOJ_41RfMYwfCkUItN8ISO8LlRwOZq7LcNZISHZLQ-5OZqmLC1-yCu7ySO-yliaYZuPLQI8~iEE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.180.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85165819975b1be51dc3dcc902df68cf9bcea66b4752d7c8d97fa58cbeb9b7a
Security Headers
Name Value
X-Frame-Options sameorigin

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e9959171e4f53ef-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 09:31:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=peC4G4rV%2BwXgGMg%2FFpGmLzkstj0D0u2KPJe9IqJJKhJnpO0rRak3igts3G09jkiOzmri4BtNQ3DZQITjqlpJEk7S5LGBp9hzX13zvqrZVnGQfg0MQOGlqN%2FPtQQQ%2FoA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=26453&min_rtt=23413&rtt_var=8251&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5444&recv_bytes=5237&delivery_rate=52880&cwnd=12000&unsent_bytes=0&cid=9c50b856e115e735&ts=511&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding
x-frame-options
sameorigin
Primary Request /
best.aliexpress.com/
Redirect Chain
  • https://s.click.aliexpress.com/e/_DCBrWr3?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236
  • https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_...
259 KB
45 KB
Document
General
Full URL
https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.9.171.48 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-171-48.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
dadcab4c83ba681bd994b635ec17bd527cc9664def3edfb9cde0e90a9d3ac89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://x.chacem.com/nPp-q5A7OQLPOQztLQfDTMpeq5A8ScNkIuUFuZNZYhpPYhq8TMpQq5A80g1kfgLohMBfTDLbIt7rItWbIc7rYhHmfZNQfPU5_tJfTtNfTJB4ikpPNDqQvtRZvSNyO-4UStOJ_41RfMYwfCkUItN8ISO8LlRwOZq7LcNZISHZLQ-5OZqmLC1-yCu7ySO-yliaYZuPLQI8~iEE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 28 Nov 2024 09:32:01 GMT
eagleeye-traceid
2103247917327863214842901e77bf
p3p
CP="CAO PSA OUR"
server
Tengine/Aserver
server-timing
ak_p; desc="1732786321474_389072968_1428240233_43604_7934_44_0_255";dur=1
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-akamai-fwd-auth-data
614952188, 23.48.200.72, 1732786321, 149.88.16.227
x-akamai-fwd-auth-sha
9B17326A94D88859DD5AEE382532740C106EC8E2237D5C4C50A13BE95E56CFFD
x-akamai-fwd-auth-sign
8HXJrumZ4UWBEkEdfMzLFI28n9EM0Om1rfDxFNaKWE8f35d4Q7LdoPWBL6oLIlaUsgBl3ngwE+YrVLNmdZ/oTDCOANnQh+Ek6C3nM7usVBY=
x-application-context
ae-fn-gateway-f:7001

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTION
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
en-US
content-length
0
date
Thu, 28 Nov 2024 09:31:58 GMT
eagleeye-traceid
2101ec1f17327863183772050e7eb5
expires
0
location
https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine/Aserver
server-timing
ak_p; desc="1732786318285_389072968_1428209219_2187_6652_38_84_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
x-akamai-fwd-auth-data
730875581, 23.48.200.72, 1732786318, 149.88.16.227
x-akamai-fwd-auth-sha
F150D2AD2AE60E6BE8F011DCEABB323FE7451F782C24F4CCCB77F8A80F0B3B7D
x-akamai-fwd-auth-sign
gTtS9MYj6lxMFKqifekAnGafFHB+if+ujDCDuDP7TAeDoC2yfuV7EE+APXIFwmfysu5jSmXLYtssndAwt6hHfg/Cnaj/34R+K1mpet9nRe4=
x-application-context
global-traffic-holmes-f:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
index.css
assets.aliexpress-media.com/g/ae-dida/home-pc/0.0.82/
0
0

ae-header.css
assets.aliexpress-media.com/g/ae-fe/header-ui/0.0.94/src/
0
0

10x10.png
ae01.alicdn.com/kf/S9b85a05a759e4e04bb44b5fa26fbd637g/
0
0

240x168.png
ae01.alicdn.com/kf/Sff57b288a25b4d7898b235c714c884eaO/
0
0

ae-header.js
assets.aliexpress-media.com/g/ae-fe/header-ui/0.0.94/src/
0
0

index.css
assets.aliexpress-media.com/g/ae-fe/page-header-ui/0.0.42/css/
0
0

index.js
assets.aliexpress-media.com/g/ae-fe/page-header-ui/0.0.42/js/
0
0

_cross_page_loader_.js
assets.alicdn.com/g/code/npm/@alife/nano-cross-page-loader/0.0.26/
6 KB
2 KB
Script
General
Full URL
https://assets.alicdn.com/g/code/npm/@alife/nano-cross-page-loader/0.0.26/_cross_page_loader_.js
Requested by
Host: best.aliexpress.com
URL: https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.49.177.65 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-177-65.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
24704dc14f10f4fb69c487af2d4159f3113a3e287799b4c821f15ba410b1b48c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://best.aliexpress.com
Referer
https://best.aliexpress.com/

Response headers

content-md5
0+O+UHwlQrHM0IhZyrRQ0w==
x-oss-storage-class
Standard
content-encoding
br
x-oss-object-type
Normal
date
Thu, 28 Nov 2024 09:32:02 GMT
x-oss-server-time
3
content-type
application/javascript
last-modified
Fri, 25 Oct 2024 12:19:42 GMT
network_info
US_SANTACLARA_20940, CA_TORONTO_212238
cache-control
max-age=2592000,s-maxage=86400
timing-allow-origin
*
x-swift-cachetime
82821
served-from
23.40.17.82
x-oss-hash-crc64ecma
3654373680705985963
ali-swift-global-savetime
1729846212
x-swift-savetime
Fri, 25 Oct 2024 09:49:51 GMT
access-control-allow-origin
*
eagleid
2ff6189717298498024226812e
content-length
1563
x-oss-request-id
671B5BC39955793638136137
x-source-scheme
https
server
Akamai Resource Optimizer
Sc8d11c87a09d488699583bf2a7345eb0D.png
ae01.alicdn.com/kf/
0
0

S22d08191a3dc417bb067e10d7e18cce8f.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
10 KB
10 KB
Image
General
Full URL
https://ae-pic-a1.aliexpress-media.com/kf/S22d08191a3dc417bb067e10d7e18cce8f.jpg_480x480.jpg_.webp
Requested by
Host: best.aliexpress.com
URL: https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-47.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
2e559ebc40598ce2d83222650747ead98b344e3e3179a612e321083eecb0ce0c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://best.aliexpress.com/

Response headers

from-req-dns-type
NA
eagleeye-traceid
a3b5429f17261627763248434e
icbu_s_v
1.0.19
date
Thu, 28 Nov 2024 09:32:02 GMT
cdn-type
akamai
content-type
image/avif
last-modified
Fri, 16 Aug 2024 01:52:38 GMT
network_info
CA_TORONTO_212238
strict-transport-security
max-age=0
icbu_s_ip
AtKFv2EyLd8tEEzjrYdL06zgEo+AJZRP+ZJNaDBcuwS8nQyRSboLyg==
timing-allow-origin
*, *, *
x-swift-cachetime
31104000
icbu_s_tag
33
served-from
23.220.104.154
cache-control
max-age=27170083
ali-swift-global-savetime
1726162776
icbu_s_unit
rg-us-east
x-swift-savetime
Thu, 12 Sep 2024 17:39:36 GMT
icbu_s_hostname
B21wFqwmdCgQSds7VsQSXxff2I6eopD1FtBQ522yWmeEFbGRJqPImfCqh6Sem8RerkkihBw7wSo83bHKy1du3BqeR4N8hxNNcy3/jldQxGKy0Ta+099JIQ==
access-control-allow-origin
*
content-length
9916
traceid
a3b5429f17261627763248434e
eagleid
a3b5429a17265253794487144e
server
Tengine
Sca0b4780a4064375acd7b18963e648caX.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
15 KB
15 KB
Image
General
Full URL
https://ae-pic-a1.aliexpress-media.com/kf/Sca0b4780a4064375acd7b18963e648caX.jpg_480x480.jpg_.webp
Requested by
Host: best.aliexpress.com
URL: https://best.aliexpress.com/?af=5N6Q9OculDEp&dp=9ceba3b0ad6b11efa8f39c6b004e85193e8d8fe236&aff_fcid=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&tt=CPS_NORMAL&aff_fsk=_DCBrWr3&aff_platform=portals-tool&sk=_DCBrWr3&aff_trace_key=237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3&terminal_id=2a07705717ea45479fa28c225405222d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.132.47 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-220-132-47.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
be7844195ff2f10035c4687f141a2bf207783a54df39dee7414c4d1023d5ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://best.aliexpress.com/

Response headers

from-req-dns-type
NA
eagleeye-traceid
2ff6189a17293050173612212e
icbu_s_v
1.0.25
date
Thu, 28 Nov 2024 09:32:02 GMT
cdn-type
akamai
content-type
image/avif
last-modified
Wed, 06 Sep 2023 07:14:01 GMT
network_info
CA_TORONTO_212238
strict-transport-security
max-age=0
icbu_s_ip
3kflN9Njhm6syn5pKN+10GXAh0YchmpQzx63W9MjTyA4+DuOuafzqg==
timing-allow-origin
*, *
x-swift-cachetime
31104000
icbu_s_tag
33
cache-control
max-age=28054681
served-from
23.220.104.154
ali-swift-global-savetime
1729305017
icbu_s_unit
rg-us-east
x-swift-savetime
Sat, 19 Oct 2024 02:30:17 GMT
icbu_s_hostname
EecnWLn0FH7dYBhoraGSZ6yInM/K8lwshROZ/fQo4sZe6ARzAnvPY4fN6UsFGn9vzn//K5UMSXBcY8BK4K3GU4RP1IbgCW6LzR89LJ5YhsThVp67FaCUhw==
access-control-allow-origin
*
content-length
15084
traceid
2ff6189a17293050173612212e
eagleid
2ff6189817293363848234855e
server
Tengine
Sbbfe68d94ff849b7ae378e13a44ddf59e.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S3b4124a589034f288773005b1385b6217.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

Sb194e9e954294b64b9e648f0b3619df2h.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S1e66e06c1c514608a1908d2a594d6bd3W.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S072444a53d02466596487582f1784dd2e.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S1c47d169178e444e8e528e679c792dc9q.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S0fdd691113b74eb6bab15b8eba6093252.png_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

Sf19627521d30464287f63c7a87f87395e.jpg_350x350.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S5e0151f435f44b8f9af6d30ee62136d9C.jpg_350x350.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

Sb57b0ca0ea454f1ca4d7ba1072dd6b08k.jpg_350x350.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S67d5d2aa762044a2ad08252d886a4c8eA.jpg_350x350.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

Ad38eab3363b34bd8b618fc7df6d1255ds.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

Sd23eeb126fd54202a8573b948897cf294.png_480x480.png_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S4d0ec2fb778549f09844b329eb50e14aV.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S63c23a5719784a85a82141b024fbc3cap.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S611e588d4d0f43ccb5725f47bd0d737ew.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S196d2967ba3e46eba716ea97f77fee29n.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

412x412.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/S4227c16402d94c798e7ba14503891818Z/
0
0

S7ca884c743c24b61b7bed5e3af563dcaB.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

Sb83d89209406433cb98d78d42d18956ds.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

S39f964b71257450c93ab6932d83afd3f3.jpg_480x480.jpg_.webp
ae-pic-a1.aliexpress-media.com/kf/
0
0

He6d0c154d38c41f8a1054f48bf404c52H.gif
ae01.alicdn.com/kf/
0
0

index.css
assets.aliexpress-media.com/g/ae-fe/cosmos/0.0.320/pc/
0
0

index.js
assets.aliexpress-media.com/g/ae-fe/global/0.0.3/
0
0

index.js
assets.aliexpress-media.com/g/ae-fe/cosmos/0.0.320/pc/
0
0

index.js
assets.alicdn.com/g/lzd_sec/LWSC-G/
0
0

index.js
assets.aliexpress-media.com/g/ae-dida/home-pc/0.0.82/
0
0

65x70.gif
ae01.alicdn.com/kf/Hfff52cf71f784d99ad93c73a334e7e37a/
0
0

20x20.png
ae01.alicdn.com/kf/H107313c145a24eec94287c19fd2aa5c0e/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.google.com
URL
https://ads.google.com/
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-dida/home-pc/0.0.82/index.css
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/header-ui/0.0.94/src/ae-header.css
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/S9b85a05a759e4e04bb44b5fa26fbd637g/10x10.png
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/Sff57b288a25b4d7898b235c714c884eaO/240x168.png
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/header-ui/0.0.94/src/ae-header.js
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/page-header-ui/0.0.42/css/index.css
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/page-header-ui/0.0.42/js/index.js
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/Sc8d11c87a09d488699583bf2a7345eb0D.png
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Sbbfe68d94ff849b7ae378e13a44ddf59e.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S3b4124a589034f288773005b1385b6217.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Sb194e9e954294b64b9e648f0b3619df2h.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S1e66e06c1c514608a1908d2a594d6bd3W.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S072444a53d02466596487582f1784dd2e.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S1c47d169178e444e8e528e679c792dc9q.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S0fdd691113b74eb6bab15b8eba6093252.png_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Sf19627521d30464287f63c7a87f87395e.jpg_350x350.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S5e0151f435f44b8f9af6d30ee62136d9C.jpg_350x350.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Sb57b0ca0ea454f1ca4d7ba1072dd6b08k.jpg_350x350.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S67d5d2aa762044a2ad08252d886a4c8eA.jpg_350x350.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Ad38eab3363b34bd8b618fc7df6d1255ds.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Sd23eeb126fd54202a8573b948897cf294.png_480x480.png_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S4d0ec2fb778549f09844b329eb50e14aV.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S63c23a5719784a85a82141b024fbc3cap.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S611e588d4d0f43ccb5725f47bd0d737ew.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S196d2967ba3e46eba716ea97f77fee29n.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S4227c16402d94c798e7ba14503891818Z/412x412.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S7ca884c743c24b61b7bed5e3af563dcaB.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/Sb83d89209406433cb98d78d42d18956ds.jpg_480x480.jpg_.webp
Domain
ae-pic-a1.aliexpress-media.com
URL
https://ae-pic-a1.aliexpress-media.com/kf/S39f964b71257450c93ab6932d83afd3f3.jpg_480x480.jpg_.webp
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/He6d0c154d38c41f8a1054f48bf404c52H.gif
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/cosmos/0.0.320/pc/index.css
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/global/0.0.3/index.js
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-fe/cosmos/0.0.320/pc/index.js
Domain
assets.alicdn.com
URL
https://assets.alicdn.com/g/lzd_sec/LWSC-G/index.js
Domain
assets.aliexpress-media.com
URL
https://assets.aliexpress-media.com/g/ae-dida/home-pc/0.0.82/index.js
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/Hfff52cf71f784d99ad93c73a334e7e37a/65x70.gif
Domain
ae01.alicdn.com
URL
https://ae01.alicdn.com/kf/H107313c145a24eec94287c19fd2aa5c0e/20x20.png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PAGE_TIMING object| runParams object| __TIMING__ object| __bl boolean| _disable_usa_search_domain_ object| _page_config_ object| AES_CONFIG boolean| _global_header_23_hit_exp_ object| _global_header_23_config_ object| _dida_config_ object| gep_queue string| dmtrack_pageid

18 Cookies

Domain/Path Name / Value
leikovoleikamarada.com/ Name: OAID
Value: 008122a9d6aa436eef67817df9bab5f3
leikovoleikamarada.com/ Name: oaidts
Value: 1732786315
leikovoleikamarada.com/ Name: allcnt
Value: 1
my.rtmark.net/ Name: ID
Value: 008122a9d6aa436eef67817df9bab5f3
taiwoudoastuph.net/ Name: oaidts
Value: 1732786316
taiwoudoastuph.net/ Name: OAID
Value: 008122a9d6aa436eef67817df9bab5f3
taiwoudoastuph.net/ Name: syncedCookie
Value: true
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=syxeua5ozzr&acs_rt=2a07705717ea45479fa28c225405222d
.aliexpress.com/ Name: aeu_cid
Value: 237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3
.aliexpress.com/ Name: xman_t
Value: gLjOEcbnvHS+ps/i1bTbDpj3yfRIRZAopH4ebJ+U/zxvLBgDcNGMHddSRdltNthw
.aliexpress.com/ Name: xman_f
Value: aZk9KKUCih+z7StkOGfbjKEuG9CeS3gGqcBuVJwNiqiqoWwzo6z26KhKNBvBz1PxUTY6vv6I0gF+G3dbsHQy84FpcmLduDF4hF+UnhgyI4HIrOQPPxwwhg==
.aliexpress.com/ Name: af_ss_a
Value: 1
.aliexpress.com/ Name: af_ss_b
Value: 1
.aliexpress.com/ Name: xman_us_f
Value: x_locale=en_US&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%22237e17de4c204bad83e5542ea40869df-1732786318387-06065-_DCBrWr3%22%2C%22af%22%3A%225N6Q9OculDEp%22%2C%22affiliateKey%22%3A%22_DCBrWr3%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222640311826%22%2C%22tagtime%22%3A1732786318387%7D&acs_rt=2a07705717ea45479fa28c225405222d
.aliexpress.com/ Name: intl_common_forever
Value: XVYxcONj7IlvAwb3FJ+E3lbMNDC2tTdnrdVgCQmHo47mPfmYYSZlLQ==
.aliexpress.com/ Name: intl_locale
Value: en_US
.aliexpress.com/ Name: aep_usuc_f
Value: site=glo&c_tp=CAD&region=CA&b_locale=en_US
.aliexpress.com/ Name: e_id
Value: pt10

5 Console Messages

Source Level URL
Text
rendering warning URL: https://28877259-13120-ex.gancypnectist.com/iyxHCocyNAvaQ8wooFnBLiBInJMRooyIeq1WPp-VSJlEZc2S8Y1X88yMWtVlfYCYwYwBJvVzga3WQumxGvu7YAmVnMLAvLODeQsRTNfo9lsnKfsGu3whCAgBPK0V?kws=videos%2Ctagged%2Cwith%2Calannasworldx%2Conlyfans%2Cleaked&abl=0&fsb=0&pageUri=https%3A%2F%2Fteenager365....%20312%20...e%22%2C%22%5B%5D%22%5D&focus=1
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00C4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/link?z=7205185&var={hostid}
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0301D00C4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://leikovoleikamarada.com/afu.php?zoneid=7205186&var=7205186&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C06B01C4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/4/6118780?var=7205186&btz=America/Vancouver&bto=480&bar=x
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0601D00C4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering warning URL: https://taiwoudoastuph.net/afu.php?zoneid=6118780&var=6118780&rid=33-IJ2mCiw9DGbmF2LWarg%3D%3D&rhd=false&ab2r=0&sf=1&is_mobile=false
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0C06B01C4130000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28877259-13120-ex.gancypnectist.com
ads.google.com
ae-pic-a1.aliexpress-media.com
ae01.alicdn.com
assets.alicdn.com
assets.aliexpress-media.com
best.aliexpress.com
chacem.com
leikovoleikamarada.com
my.rtmark.net
s.click.aliexpress.com
taiwoudoastuph.net
x.chacem.com
ads.google.com
ae-pic-a1.aliexpress-media.com
ae01.alicdn.com
assets.alicdn.com
assets.aliexpress-media.com
104.18.22.222
104.18.23.222
104.21.27.183
139.45.196.64
172.67.169.157
172.67.180.27
23.220.132.47
23.49.177.65
23.9.171.48
88.208.22.1
24704dc14f10f4fb69c487af2d4159f3113a3e287799b4c821f15ba410b1b48c
2d8d9e72b39f38a191086d7012efc9a9afd358d193ad70ed1a81dbdff88a7f78
2e559ebc40598ce2d83222650747ead98b344e3e3179a612e321083eecb0ce0c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
a4d48ccaf8b6b35525d32997549989b920710cb0176e66e7a3c54e3b5cf39dad
be7844195ff2f10035c4687f141a2bf207783a54df39dee7414c4d1023d5ab7e
c69efd8749505e10a7c248fcaad7dd6de69523aee87cb2b9cd7087c1d4b0add6
dadcab4c83ba681bd994b635ec17bd527cc9664def3edfb9cde0e90a9d3ac89f
df3eb13bb9a01687a6f358395019b298ff194f646ef9b0c4edb6638e760e8509
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85165819975b1be51dc3dcc902df68cf9bcea66b4752d7c8d97fa58cbeb9b7a