urlscan.io logo urlscan.io
SecurityTrails logo

782942.buythetool.co Open in urlscan Pro
104.21.4.106  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hsbc-direct.com/
Effective URL: https://782942.buythetool.co/
Submission: On February 12 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 104.21.4.106, located in and belongs to CLOUDFLARENET, US. The main domain is 782942.buythetool.co.
TLS certificate: Issued by GTS CA 1P5 on December 14th 2023. Valid for: 3 months.
This is the only time 782942.buythetool.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 45.33.20.235 63949 (AKAMAI-LI...)
4 75.2.73.197 16509 (AMAZON-02)
1 18.67.101.118 16509 (AMAZON-02)
2 44.215.221.129 14618 (AMAZON-AES)
3 104.21.4.106 13335 (CLOUDFLAR...)
1 1 104.21.36.5 ()
1 2 104.69.163.61 ()
12 6
2    45.33.20.235 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li974-235.members.linode.com
hsbc-direct.com
4    75.2.73.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a783ef1244459d9c0.awsglobalaccelerator.com
www1.hsbc-direct.com
1    18.67.101.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-101-118.syd62.r.cloudfront.net
d38psrni17bvxu.cloudfront.net
2    44.215.221.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-221-129.compute-1.amazonaws.com
facht-fmm.com
3    104.21.4.106 (None, )

ASN13335 (CLOUDFLARENET, US)
782942.buythetool.co
1    104.21.36.5 (None, )

ASN- ()
774805.getyourtool.co
2    104.69.163.61 (None, )

ASN- ()
s.click.aliexpress.com
best.aliexpress.com
Domain Requested by
4 www1.hsbc-direct.com hsbc-direct.com
d38psrni17bvxu.cloudfront.net
www1.hsbc-direct.com
3 782942.buythetool.co facht-fmm.com
782942.buythetool.co
2 facht-fmm.com www1.hsbc-direct.com
facht-fmm.com
2 hsbc-direct.com 1 redirects
1 best.aliexpress.com
1 s.click.aliexpress.com 1 redirects
1 774805.getyourtool.co 1 redirects
1 d38psrni17bvxu.cloudfront.net www1.hsbc-direct.com
12 8

This site contains no links.

Subject Issuer Validity Valid
buythetool.co
GTS CA 1P5		 2023-12-14 -
2024-03-13		 3 months crt.sh
ae01.alicdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-15 -
2024-10-16		 a year crt.sh

This page contains 1 frames:

Frame: https://best.aliexpress.com/?af=34a02ccdf3e2c2429a0e40b2b95adaeb&aff_fcid=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&tt=CPS_NORMAL&aff_fsk=_A3VZ2R&aff_platform=portals-tool&sk=_A3VZ2R&aff_trace_key=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&terminal_id=da1f30920f1647cf9b2d791a2817fa4f
Frame ID: 06B42469464F8377E55ED4B7AE8C8B16
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hsbc-direct.com/ Page URL
  2. http://hsbc-direct.com/?gp=1&js=1&uuid=1707762956.0095166830&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjo... HTTP 302
    http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000 Page URL
  3. http://facht-fmm.com/zclkvisitor/8fdf09c0-c9d5-11ee-9262-12033305d16f/85aefdc2-9ed0-48aa-922d-60f... Page URL
  4. http://facht-fmm.com/zclkredirect?visitid=8fdf09c0-c9d5-11ee-9262-12033305d16f&type=js&browserWid... Page URL
  5. https://782942.buythetool.co/?ownid=qwqtc2mwq1-ylo-izxhl&enparms2=2232%2C2068874%2C3887189%2C2183%2C2184%... Page URL
  6. https://782942.buythetool.co/ Page URL

Page Statistics

12
Requests

33 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

25 kB
Transfer

49 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hsbc-direct.com/ Page URL
  2. http://hsbc-direct.com/?gp=1&js=1&uuid=1707762956.0095166830&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
    http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000 Page URL
  3. http://facht-fmm.com/zclkvisitor/8fdf09c0-c9d5-11ee-9262-12033305d16f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8ffc7cd2-c9d5-11ee-9262-12033305d16f Page URL
  4. http://facht-fmm.com/zclkredirect?visitid=8fdf09c0-c9d5-11ee-9262-12033305d16f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true Page URL
  5. https://782942.buythetool.co/?ownid=qwqtc2mwq1-ylo-izxhl&enparms2=2232%2C2068874%2C3887189%2C2183%2C2184%2C4182%2C2361%2C0%2C0%2C2187%2C0%2C2073426%2C782942%2C185739%2C136713291519%2C11358166%2Cnlx.gxvirw-xyhs&u_agnt=cb83d64b66ce79c8180112a4f5eea90d&skter=gxvirw-xyhs%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=34a02ccdf3e2c2429a0e40b2b95adaeb&rn=30202686802&cf=8&dlt=0&da=405186&pbi=0&exids=&frdto=782942 Page URL
  6. https://782942.buythetool.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://hsbc-direct.com/?gp=1&js=1&uuid=1707762956.0095166830&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvbi94bWw7cT0wLjksaW1hZ2UvYXZpZixpbWFnZS93ZWJwLGltYWdlL2FwbmcsKi8qO3E9MC44LGFwcGxpY2F0aW9uL3NpZ25lZC1leGNoYW5nZTt2PWIzO3E9MC43In0= HTTP 302
  • http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
Request Chain 10
  • https://774805.getyourtool.co/?yardr=1&subid=34a02ccdf3e2c2429a0e40b2b95adaeb&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=2066692&czero=-1 HTTP 302
  • https://s.click.aliexpress.com/e/_A3VZ2R?af=34a02ccdf3e2c2429a0e40b2b95adaeb HTTP 302
  • https://best.aliexpress.com/?af=34a02ccdf3e2c2429a0e40b2b95adaeb&aff_fcid=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&tt=CPS_NORMAL&aff_fsk=_A3VZ2R&aff_platform=portals-tool&sk=_A3VZ2R&aff_trace_key=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&terminal_id=da1f30920f1647cf9b2d791a2817fa4f

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
hsbc-direct.com/ 		992 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
http://hsbc-direct.com/
Protocol
HTTP/1.1
Server
45.33.20.235 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li974-235.members.linode.com
Software
openresty/1.13.6.1 /
Resource Hash
3f84a0c0ea3b15921bd0cbb5d430dc6156f5df1f8579a4d7279de3bf5b211d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

connection
close
content-encoding
gzip
content-type
text/html
date
Mon, 12 Feb 2024 18:35:56 GMT
server
openresty/1.13.6.1
transfer-encoding
chunked
/
www1.hsbc-direct.com/
Redirect Chain
  • http://hsbc-direct.com/?gp=1&js=1&uuid=1707762956.0095166830&other_args=eyJ1cmkiOiAiLyIsICJhcmdzIjogIiIsICJyZWZlcmVyIjogIiIsICJhY2NlcHQiOiAidGV4dC9odG1sLGFwcGxpY2F0aW9uL3hodG1sK3htbCxhcHBsaWNhdGlvb...
  • http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
Requested by
Host: hsbc-direct.com
URL: http://hsbc-direct.com/
Protocol
HTTP/1.1
Server
75.2.73.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a783ef1244459d9c0.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ee68f4e988a5a422d5814f6cf326497fa85a14121f97cf28176ae2e9ad00e909

Request headers

Referer
http://hsbc-direct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Accept-CH
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
Accept-CH-Lifetime
30
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Feb 2024 18:35:57 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_ukalAU8KQnS2wehGdSg8kGuJ8n+LDXSqWX2LPxNrJCNRCa0pTsHDPiLfqPzqmiD7hE8aLUrJG+9MxNBLjHbjWg==
X-Buckets
bucket011
X-Domain
hsbc-direct.com
X-Language
english
X-Redirect
zeropark_zeroclick
X-Subdomain
www1
X-Template
tpl_CleanPeppermintBlack_twoclick

Redirect headers

connection
close
content-language
zh-hans
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 18:35:56 GMT
location
http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
referrer-policy
no-referrer
server
openresty/1.13.6.1
vary
Accept-Language
x-mtm-path
0
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: www1.hsbc-direct.com
URL: http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
Protocol
HTTP/1.1
Server
18.67.101.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-101-118.syd62.r.cloudfront.net
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www1.hsbc-direct.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Sun, 11 Feb 2024 22:42:15 GMT
Via
1.1 332185989ef2da97d1a56bdaee204b78.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 11:12:07 GMT
Server
nginx
X-Amz-Cf-Pop
SYD62-P1
Age
71623
ETag
"63ce6b87-448"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1096
X-Amz-Cf-Id
z9Fx8xzdUvSbDbWdpefxRfae4otEgUbo-HV4S70OEdQUI-QddBjNqg==
track.php
www1.hsbc-direct.com/ 		0
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www1.hsbc-direct.com/track.php?domain=hsbc-direct.com&toggle=browserjs&uid=MTcwNzc2Mjk1Ny4yMzk4OjJkNDlmYWFkMjU4MDhkZTQ1NTg1ZjE1M2FhNDJkYmUwNDA2MWI2NTU3ZmVjMTg5ODVjOWI3ZmU5NzliODNjYTc6NjVjYTY1MGQzYThkOA%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
75.2.73.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a783ef1244459d9c0.awsglobalaccelerator.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:35:58 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
browserjs
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
Connection
keep-alive
ls.php
www1.hsbc-direct.com/ 		16 B
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www1.hsbc-direct.com/ls.php?t=65ca650d&token=6441311ee7c463d15964f63e285b67a4f27af2c9
Requested by
Host: www1.hsbc-direct.com
URL: http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
Protocol
HTTP/1.1
Server
75.2.73.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a783ef1244459d9c0.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:35:58 GMT
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Transfer-Encoding
chunked
Accept-CH-Lifetime
30
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
Access-Control-Allow-Methods
POST, OPTIONS
Charset
utf-8
Access-Control-Max-Age
86400
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Y9XrQ3mH04UUN3cJWapu48A2YSmEAip38S5ZApbCamALplbS8yqVqHfsp/MRD/q55ysZeJRP9EXlfw6IPFmSUg==
Connection
keep-alive
X-Log-Success
65ca650e18774abee60588e7
track.php
www1.hsbc-direct.com/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www1.hsbc-direct.com/track.php?click=fb81174a71cc301346734670fe68f524cf434b54&domain=hsbc-direct.com&uid=MTcwNzc2Mjk1Ny4yMzk4OjJkNDlmYWFkMjU4MDhkZTQ1NTg1ZjE1M2FhNDJkYmUwNDA2MWI2NTU3ZmVjMTg5ODVjOWI3ZmU5NzliODNjYTc6NjVjYTY1MGQzYThkOA%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2NWNhNjUwZDNhOGFlfHx8MTcwNzc2Mjk1Ny42NTY1fDk2N2MzY2Q1OGYxZWNlMjk5M2YwY2M5M2I3ODRmNzNmMmQ4ODMxYWR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8ZXlKemRXSnBaRFFpT2lJeE56QTNOell5T1RVMkxqQXpOVEEyTkRBd01EQWlmUT09fDY0NDEzMTFlZTdjNDYzZDE1OTY0ZjYzZTI4NWI2N2E0ZjI3YWYyYzl8MHx8MHwwfHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: http://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
HTTP/1.1
Server
75.2.73.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a783ef1244459d9c0.awsglobalaccelerator.com
Software
nginx /
Resource Hash

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:35:58 GMT
Content-Encoding
gzip
Server
nginx
Accept-CH
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
X-Custom-Track
none
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Accept-CH-Lifetime
30
X-View-Match
true
Connection
keep-alive
85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d
facht-fmm.com/zclkvisitor/8fdf09c0-c9d5-11ee-9262-12033305d16f/ 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://facht-fmm.com/zclkvisitor/8fdf09c0-c9d5-11ee-9262-12033305d16f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8ffc7cd2-c9d5-11ee-9262-12033305d16f
Requested by
Host: www1.hsbc-direct.com
URL: http://www1.hsbc-direct.com/?tm=1&subid4=1707762956.0350640000
Protocol
HTTP/1.1
Server
44.215.221.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-221-129.compute-1.amazonaws.com
Software
UDmKGMoF /
Resource Hash
953ae361b4c78166d92e30fddbd57d2fbca668703cd0933847519fe3875b7e23
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://www1.hsbc-direct.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 12 Feb 2024 18:35:59 GMT
Server
UDmKGMoF
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
zclkredirect
facht-fmm.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://facht-fmm.com/zclkredirect?visitid=8fdf09c0-c9d5-11ee-9262-12033305d16f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Requested by
Host: facht-fmm.com
URL: http://facht-fmm.com/zclkvisitor/8fdf09c0-c9d5-11ee-9262-12033305d16f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8ffc7cd2-c9d5-11ee-9262-12033305d16f
Protocol
HTTP/1.1
Server
44.215.221.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-221-129.compute-1.amazonaws.com
Software
ImtxhWzP /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'
X-Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
http://facht-fmm.com/zclkvisitor/8fdf09c0-c9d5-11ee-9262-12033305d16f/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=8ffc7cd2-c9d5-11ee-9262-12033305d16f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
Date
Mon, 12 Feb 2024 18:35:59 GMT
Server
ImtxhWzP
Transfer-Encoding
chunked
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
redirected
JS
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
/
782942.buythetool.co/ 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://782942.buythetool.co/?ownid=qwqtc2mwq1-ylo-izxhl&enparms2=2232%2C2068874%2C3887189%2C2183%2C2184%2C4182%2C2361%2C0%2C0%2C2187%2C0%2C2073426%2C782942%2C185739%2C136713291519%2C11358166%2Cnlx.gxvirw-xyhs&u_agnt=cb83d64b66ce79c8180112a4f5eea90d&skter=gxvirw-xyhs%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=34a02ccdf3e2c2429a0e40b2b95adaeb&rn=30202686802&cf=8&dlt=0&da=405186&pbi=0&exids=&frdto=782942
Requested by
Host: facht-fmm.com
URL: http://facht-fmm.com/zclkredirect?visitid=8fdf09c0-c9d5-11ee-9262-12033305d16f&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected%20%20%20%20%20%20%20%20=false&usingEventListener=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfd64d3bb49cd623b862365fe3ef172a7c1bbcc50c2dc1d7ed491155c66e485c

Request headers

Referer
http://facht-fmm.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8546ef45d9e03e55-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Feb 2024 18:36:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQKHxEFVg%2FnlTZ%2FGIhyKGyE9QjKoLvDg%2Fg61wu0xU5dq3moegEk7xLKbTamLgHbqFzfJpnLmlndodngFC6WserUgVHrMRk9%2F1zuOT78ZITgWQRCo5yLl7gNMy62HmJ93XNOM0DXgoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
schec.js
782942.buythetool.co/ 		41 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
https://782942.buythetool.co/schec.js
Requested by
Host: 782942.buythetool.co
URL: https://782942.buythetool.co/?ownid=qwqtc2mwq1-ylo-izxhl&enparms2=2232%2C2068874%2C3887189%2C2183%2C2184%2C4182%2C2361%2C0%2C0%2C2187%2C0%2C2073426%2C782942%2C185739%2C136713291519%2C11358166%2Cnlx.gxvirw-xyhs&u_agnt=cb83d64b66ce79c8180112a4f5eea90d&skter=gxvirw-xyhs%2Cnivgplmey&czero=-1&cstate=vilkztmrh&skwdb=MLI&ccntry=TH&cctid=109&chsh=34a02ccdf3e2c2429a0e40b2b95adaeb&rn=30202686802&cf=8&dlt=0&da=405186&pbi=0&exids=&frdto=782942
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64cd1487a7a97d37fa3c627e2b40acfcf2b30501bf0761b9f3e5392c27e12fcf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:36:00 GMT
cf-cache-status
HIT
last-modified
Wed, 04 Oct 2023 09:18:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1553
etag
"cc495fbda3f6d91:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHyw%2FeV2UucwaJWSbm2VxM12UIMks20Ta%2FkrSdVneeGpNiKkhcugzrqVKl8fK9xZH6ijAc4bHDA6Ywga5EmtOykyjUFClsI9RkAi6pYkq%2BBdh1m5cLXfwYKDxMKU23Ee4TNrOsZaug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8546ef464a5c3e55-SIN
alt-svc
h3=":443"; ma=86400
content-length
41
Primary Request /
782942.buythetool.co/ 		517 B
760 B 		Document
General
Check archive.org
Download Go to
Full URL
https://782942.buythetool.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.4.106 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a052105ee63ad520f4c955fd8602ee58199314b540976f2aa164a8c54dc77e

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8546ef478bf43e55-SIN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Feb 2024 18:36:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cM94MEuigfmjj5m3B%2FLt4yMjr%2BFCp39DJjSFbDs5q4Bc%2BGMJAQxoVPHFs8ig%2FRLYMuzh%2BZa6Z5Bankv5XOqlh%2FCfZUxRbtWl%2FFsPeW0DZqj7jGmnT8%2FXdJBC2%2FE0qSYRsqEVc%2Fskg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
best.aliexpress.com/
Redirect Chain
  • https://774805.getyourtool.co/?yardr=1&subid=34a02ccdf3e2c2429a0e40b2b95adaeb&ccd=SG&type=I-CHI1-I-CHI2-I-B-CHIBT-MMK&dlt=0&lcid=2066692&czero=-1
  • https://s.click.aliexpress.com/e/_A3VZ2R?af=34a02ccdf3e2c2429a0e40b2b95adaeb
  • https://best.aliexpress.com/?af=34a02ccdf3e2c2429a0e40b2b95adaeb&aff_fcid=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&tt=CPS_NORMAL&aff_fsk=_A3VZ2R&aff_platform=portals-tool&sk=_A3...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://best.aliexpress.com/?af=34a02ccdf3e2c2429a0e40b2b95adaeb&aff_fcid=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&tt=CPS_NORMAL&aff_fsk=_A3VZ2R&aff_platform=portals-tool&sk=_A3VZ2R&aff_trace_key=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&terminal_id=da1f30920f1647cf9b2d791a2817fa4f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.69.163.61 -, , ASN (),
Reverse DNS
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://782942.buythetool.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 12 Feb 2024 18:36:02 GMT
eagleeye-traceid
2101ef7017077629617086483e1820
p3p
CP="CAO PSA OUR"
server
Tengine/Aserver
server-timing
ak_p; desc="1707762961596_1611772964_572161550_51241_899_12_0_255";dur=1
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-application-context
ae-fn-gateway-f:7001

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTION
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-language
en-US
content-length
0
date
Mon, 12 Feb 2024 18:36:01 GMT
eagleeye-traceid
2101c5c217077629614246954ee852
expires
0
location
https://best.aliexpress.com/?af=34a02ccdf3e2c2429a0e40b2b95adaeb&aff_fcid=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&tt=CPS_NORMAL&aff_fsk=_A3VZ2R&aff_platform=portals-tool&sk=_A3VZ2R&aff_trace_key=dc590fc593ae451c82ca6b45a33d2424-1707762961429-05883-_A3VZ2R&terminal_id=da1f30920f1647cf9b2d791a2817fa4f
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
Tengine/Aserver
server-timing
ak_p; desc="1707762961278_1611772964_572160464_25489_904_10_28_255";dur=1
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin
*
x-akamai-fwd-auth-data
1375408231, 96.17.180.36, 1707762961, 218.212.9.127
x-akamai-fwd-auth-sha
685685DA5D9371D46A7D4591E3CEF416CE6533C9872ACD9AACCE68BEBDE45A89
x-akamai-fwd-auth-sign
hU9sOMMGHTfk7peXEB5AycixUi3As6jDLpRVY42r6pDeAevIi1SdfoVLLAsVpDBdZJ9r4z2iDtEM1ZbCyUeLuAGr4LLeVIkouLWbgo7lw5w=
x-application-context
global-traffic-holmes-f:7001
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
hsbc-direct.com/ Name: mtm_delivered
Value: WyJoc2JjLWRpcmVjdC5jb20iLCJodHRwOi8vd3d3MS5oc2JjLWRpcmVjdC5jb20vP3RtPTEmc3ViaWQ0PTE3MDc3NjI5NTYuMDM1MDY0MDAwMCIsMSwiMjAyNC0wMi0xMiAxODozNTo1NiIsMSwiMTcwNzc2Mjk1Ni4wMzUwNjQwMDAwIiwxLG51bGwsbnVsbF0:1rZb9o:ElIpnu8VxhQTDTFjdCSXR9MrN9U
782942.buythetool.co/ Name: cib772154e32a9ac7fc7417e2d72ac405d9490
Value: 1707763020
782942.buythetool.co/ Name: cib772154e32a9ac7fc7417e2d72ac405d9490_js
Value: 1707763020340
782942.buythetool.co/ Name: CF8-15f7a1d46a0f5f4df64e49649792b5301
Value: 30202686802