urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin.net Open in urlscan Pro
2606:4700:3036::6818:7970  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shop.claw-gear.eu/campaigns/ze692skf9r7ce/track-url/we787jgg3p15c/3a22bc2bed2ae39f84047ea25c7f3c46e72670f8
Effective URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=...
Submission: On November 26 via manual from EE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3036::6818:7970, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.
This is the only time se.12xlwin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 45.129.184.64 205220 (RHC-HOSTING)
1 1 35.201.98.21 15169 (GOOGLE)
1 1 18.202.12.61 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
9 5
1    2606:4700:3030::6818:7019 (United States)

ASN13335 (CLOUDFLARENET, US)
shop.claw-gear.eu
1    45.129.184.64 (Russian Federation)

ASN205220 (RHC-HOSTING, GB)
PTR: host0.sejours-linguistique.eu
pletform.eu
1    35.201.98.21 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 21.98.201.35.bc.googleusercontent.com
trk.an3trk7.tech
1    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
x.trc90.com
2    2606:4700:3036::6818:7970 (United States)

ASN13335 (CLOUDFLARENET, US)
se.12xlwin.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:20::681a:b50 (United States)

ASN13335 (CLOUDFLARENET, US)
img17.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700:20::ac43:44e1 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.img117.com
Apex Domain
Subdomains		 Transfer
3 img117.com
cdn.img117.com
479 KB
2 img17.com
img17.com
2 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
34 KB
2 12xlwin.net
se.12xlwin.net
3 KB
1 trc90.com
x.trc90.com
2 KB
1 an3trk7.tech
trk.an3trk7.tech
248 B
1 pletform.eu
pletform.eu
502 B
1 claw-gear.eu
shop.claw-gear.eu
663 B
9 8
Domain Requested by
3 cdn.img117.com se.12xlwin.net
2 img17.com se.12xlwin.net
2 se.12xlwin.net
1 ajax.googleapis.com se.12xlwin.net
1 fonts.googleapis.com se.12xlwin.net
1 x.trc90.com 1 redirects
1 trk.an3trk7.tech 1 redirects
1 pletform.eu 1 redirects
1 shop.claw-gear.eu 1 redirects
9 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-13 -
2021-08-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 1CF0599CC721E88FE1DA83F3B36E8EA8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

5
IPs

5
Countries

518 kB
Transfer

585 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://shop.claw-gear.eu/campaigns/ze692skf9r7ce/track-url/we787jgg3p15c/3a22bc2bed2ae39f84047ea25c7f3c46e72670f8 HTTP 302
  • https://pletform.eu/campaigns/ze692skf9r7ce/track-url/we787jgg3p15c/3a22bc2bed2ae39f84047ea25c7f3c46e72670f8 HTTP 301
  • https://trk.an3trk7.tech/t/NzdfNjQ0/?source=JE HTTP 302
  • http://x.trc90.com/aff_c?offer_id=558&aff_id=1548&url_id=9541&pl=234&source=77%20&aff_sub=5fbfd46b69109e0476e5ec3b HTTP 302
  • https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=234

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
se.12xlwin.net/
Redirect Chain
  • https://shop.claw-gear.eu/campaigns/ze692skf9r7ce/track-url/we787jgg3p15c/3a22bc2bed2ae39f84047ea25c7f3c46e72670f8
  • https://pletform.eu/campaigns/ze692skf9r7ce/track-url/we787jgg3p15c/3a22bc2bed2ae39f84047ea25c7f3c46e72670f8
  • https://trk.an3trk7.tech/t/NzdfNjQ0/?source=JE
  • http://x.trc90.com/aff_c?offer_id=558&aff_id=1548&url_id=9541&pl=234&source=77%20&aff_sub=5fbfd46b69109e0476e5ec3b
  • https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome-...
0
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=234
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:7970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin.net
:scheme
https
:path
/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=234
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 16:14:35 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d14ae616453b15a65f73d2fd9341b1cb41606407275; expires=Sat, 26-Dec-20 16:14:35 GMT; path=/; domain=.12xlwin.net; HttpOnly; SameSite=Lax PHPSESSID=8618719c4756fa35ea856713aef86e18; path=/
x-powered-by
PHP/7.3.23
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
cf-cache-status
DYNAMIC
cf-request-id
06a6eedc860000061c13334000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QySwbUj%2B%2FG%2BzEw9g8SGzjqdii9nliP%2B6BvUlM87Grg5%2FHLUsl0Gwq9k59H9Ua7e%2FtTUZ7pmc1fGZ8bt8oCyZTNxJtYV7aKyvQxjoctytPA2sgQrN3g7%2BYwUPsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f84e740da46061c-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Thu, 26 Nov 2020 16:14:35 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
516
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
102bb270b39d233888d36668cba947
Location
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=234
Set-Cookie
aff_ran_url_558=9541; expires=Fri, 27 Nov 2020 16:14:35 GMT; path=/; SameSite=None; Secure enc_aff_session_558=ENC0306480928921e0a2cc48aeb9cfb84f6f2bebb69cd831a68fda147d21913a18c400ff3364e8300ceac1ea824476176ab386597718589bc12709d4cb6d2486702b140759941b7e0cff7eafc19b19639fe2860a23491aa87e02259cb23d816708c3860b3ce6d87cb4ac8d9d1aec03bec8460b44bdb0efd7ff70989295cd8ca5623f46755fb43842c818b0d1edf0d22237a76edf33a7f5943d8e8e8151589970062e1040e794e; expires=Sat, 26 Dec 2020 16:14:35 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 22 Oct 2023 02:54:35 GMT; path=/; SameSite=None; Secure
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
78ff764987277f9c9850eb5ef1948234
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request w0.php
se.12xlwin.net/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:7970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
d53f451e32980a40d8575e285fac49c33f232b40398f1f147ecbc505b3d8bc63

Request headers

:method
GET
:authority
se.12xlwin.net
:scheme
https
:path
/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=234
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d14ae616453b15a65f73d2fd9341b1cb41606407275; PHPSESSID=8618719c4756fa35ea856713aef86e18
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=1&v=5042&offer_id=558&sub_source=77%20&t1=102bb270b39d233888d36668cba947&t2=5fbfd46b69109e0476e5ec3b&t3=82.102.18.235-FR&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=234

Response headers

date
Thu, 26 Nov 2020 16:14:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.23
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
06a6eedd960000061c263ba000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVZmL9GzUr6ketOOLNjlcMn3r3jGkIjGOHtYiVJaJ6szqoE9jHM02qyOK0dtdsh6eZZePwAeVvkENWyZgGBTR33gDfVGTn8EVosFniNiGsYXGkR3gU5PnnfPgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5f84e7428fa1061c-FRA
content-encoding
br
css
fonts.googleapis.com/ 		2 KB
603 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52e5d4385f0a8f37f700f7f0ccda365e2f4b1767b6908c859360d6b0d6ae1264
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 26 Nov 2020 14:30:24 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
date
Thu, 26 Nov 2020 16:14:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 26 Nov 2020 16:14:36 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 16:14:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3413
cf-request-id
06a6eede5a00003240da3e3000000001
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688701e440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nB3lrIma5XaW86aqULCi2sermeyEhWLwsIoGfxL2xlFea%2BzsXsZiW8eUR4PfDUxIQ3wAeASh4V0QmYNxkcHD8Lsgzj%2Fayz%2B3LUQFkU7nfEAzt%2FxXHXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
5f84e743c86f3240-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 08:22:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28327
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Nov 2021 08:22:29 GMT
img_221.png
cdn.img117.com/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.img117.com/img_221.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e2660c594a1ff281bb60278711be573219e005ee987ebefc542ba795b959c3

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 16:14:36 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Nov 2020 02:32:30 GMT
server
cloudflare
etag
"228a1-5b3dfb93deb52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Yyv4eDEHnQ0ALGc3t9qJnNh5UNF45W7vkD5xrLMr1gkOvUQXRhd9zW7tPE01PhQR2Xc6U58eJtrfQ5%2BMDvU9w8vFXUXH0dcGYD5GAbENnQKaQu6STV1WsZfoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5f84e743d9fb3244-FRA
content-length
141473
cf-request-id
06a6eede65000032445e000000000001
img_219.png
cdn.img117.com/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.img117.com/img_219.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfb43ed0b9e2f9f63a91388638f2021fe20c4c6633c9393b3f4788ace08e39c8

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 16:14:36 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Nov 2020 02:31:15 GMT
server
cloudflare
etag
"228a1-5b3dfb4c3fa97"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BpqYxQR%2FBxOMOnZdWnVvuHob0Yh8HMCQCci%2BO3du7kZfNajFQdS4G4DCwZSsFLgRy0jgnnRfHyA%2FKV6ndKrBgr4%2BR7Wy%2B5hfCXWJyzs2wN9z%2BEUVs31Q9zCUDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=259200
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5f84e7441ace3244-FRA
content-length
141473
cf-request-id
06a6eede8f00003244319b8000000001
loader.gif
img17.com/pl/1/ 		748 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c380a030da24f18f9ac8f890c39928ed5deab64213ffe750231006a44168b6

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 16:14:36 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4057
cf-polished
origFmt=gif, origSize=1633
content-disposition
inline; filename="loader.webp"
content-length
748
cf-request-id
06a6eede9700003240381f9000000001
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810c0340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0OW889B1A2GNVTVymzEJfMri56RxEwBjNV%2FQoO1xW36La7i9S78NgBH%2FAC8zyx0tDkuRJcao3WY8Adv2ApgLBkWNVuGxlVGLimLzl%2FtB89fAbIh3XD4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5f84e744294c3240-FRA
cf-bgj
imgq:85,h2pri
img_220.jpg
cdn.img117.com/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.img117.com/img_220.jpg
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:44e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8800721062e103d48788b41e15286e185f1f5210b89ade8c77f4f1132173a5de

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5042&aff_id=1548&aff_sub=&aff_sub2=&tid=19587712&pl=234&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 16:14:36 GMT
cf-cache-status
MISS
last-modified
Thu, 12 Nov 2020 02:31:49 GMT
server
cloudflare
etag
"322c9-5b3dfb6cdade5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C%2FRjinVtZ%2B2lkk4Vv8YmURUk4RvSb27YIFiHSVf1gzl1uapjk4pwSp1%2BTWnS%2B4vohgJJ9A2HcCW2sgZJz%2FtFP4B5qILfP7Q5IyrxGksRWlxAlEWMaU1q2BGsWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=259200
nel
{"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
5f84e7442ae73244-FRA
content-length
205513
cf-request-id
06a6eede98000032445e004000000001

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

2 Cookies

Domain/Path Name / Value
se.12xlwin.net/ Name: PHPSESSID
Value: 8618719c4756fa35ea856713aef86e18
.12xlwin.net/ Name: __cfduid
Value: d14ae616453b15a65f73d2fd9341b1cb41606407275