urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin.net Open in urlscan Pro
2606:4700:3036::6818:7970  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://womantell.com/link.php?M=1593127&N=61&L=19&F=H
Effective URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=...
Submission: On October 02 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 5 countries across 6 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3036::6818:7970, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.
This is the only time se.12xlwin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 46.16.130.109 202263 (ETERNAL)
1 1 35.201.98.21 15169 (GOOGLE)
1 1 52.210.174.128 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 4
1    46.16.130.109 (Estonia)

ASN202263 (ETERNAL, EE)
PTR: womantell.com
womantell.com
1    35.201.98.21 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 21.98.201.35.bc.googleusercontent.com
trk.an7trk7.tech
1    52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
x.trc90.com
2    2606:4700:3036::6818:7970 (United States)

ASN13335 (CLOUDFLARENET, US)
se.12xlwin.net
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700:20::ac43:49a9 (United States)

ASN13335 (CLOUDFLARENET, US)
img17.com
1    2a00:1450:4001:815::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
6 img17.com
img17.com
322 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
33 KB
2 12xlwin.net
se.12xlwin.net
3 KB
1 trc90.com
x.trc90.com
2 KB
1 an7trk7.tech
trk.an7trk7.tech
330 B
1 womantell.com
womantell.com
290 B
10 6
Domain Requested by
6 img17.com se.12xlwin.net
2 se.12xlwin.net
1 ajax.googleapis.com se.12xlwin.net
1 fonts.googleapis.com se.12xlwin.net
1 x.trc90.com 1 redirects
1 trk.an7trk7.tech 1 redirects
1 womantell.com 1 redirects
10 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-13 -
2021-08-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 9573CD93311E07F5B6FF9B513D93748D
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

4
IPs

5
Countries

359 kB
Transfer

428 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://womantell.com/link.php?M=1593127&N=61&L=19&F=H HTTP 302
  • https://trk.an7trk7.tech/t/NjdfMzY5/ HTTP 302
  • http://x.trc90.com/aff_c?offer_id=1852&aff_id=1548&url_id=8272&pl=199&source=67&aff_sub=5f7689baf13b6204668d42ee HTTP 302
  • https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=199

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
se.12xlwin.net/
Redirect Chain
  • http://womantell.com/link.php?M=1593127&N=61&L=19&F=H
  • https://trk.an7trk7.tech/t/NjdfMzY5/
  • http://x.trc90.com/aff_c?offer_id=1852&aff_id=1548&url_id=8272&pl=199&source=67&aff_sub=5f7689baf13b6204668d42ee
  • https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%...
0
755 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=199
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:7970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin.net
:scheme
https
:path
/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=199
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Fri, 02 Oct 2020 02:00:27 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dbf3f7de4877ca727f7b35e8c282f4fef1601604026; expires=Sun, 01-Nov-20 02:00:26 GMT; path=/; domain=.12xlwin.net; HttpOnly; SameSite=Lax PHPSESSID=6fc50ad989c8a57a93d01dd501102018; path=/
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
cf-cache-status
DYNAMIC
cf-request-id
0588a319b10000fa6444123200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1601604027"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5dbad46f88d2fa64-AMS
content-encoding
br

Redirect headers

Server
nginx
Date
Fri, 02 Oct 2020 02:00:26 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
514
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
10261c463acd588dcedd5ebe28a3d8
Location
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=199
Set-Cookie
aff_ran_url_1852=8272; expires=Sat, 03 Oct 2020 02:00:26 GMT; path=/; SameSite=None; Secure enc_aff_session_1852=ENC03ccada2f34526912e3f4b8537ef2fb67feebd1903177fc58afe967fd636674d527ddbae1d20bae62c4d63a89f38436a8f5a5bc0ae47eca6e531b3a5c53765e5304abf77d2db8155d8248483ada5ff7da7ad6cdd8a8769ddc4b55bc1fc0bd133973b95058de5463413c825354f7a2083a75d8cc2fe82ace2d8e977c69f1804e315a2c4d7d2f3c99159364cb2c4da646dfae8ca98bc1762e474a0e036d5105ae88b289c1582; expires=Mon, 02 Nov 2020 02:00:26 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sun, 27 Aug 2023 12:40:26 GMT; path=/; SameSite=None; Secure
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
f05b028f0f65135cc7dfaf2292687eb5
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request w0.php
se.12xlwin.net/ 		11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:7970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
98136db215d5ebd7dea96f0009e83cdcea91a42f1f46bbe75a777b77b159b15d

Request headers

:method
GET
:authority
se.12xlwin.net
:scheme
https
:path
/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=199
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dbf3f7de4877ca727f7b35e8c282f4fef1601604026; PHPSESSID=6fc50ad989c8a57a93d01dd501102018
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://se.12xlwin.net/gtrax.php?aff_id=1548&ct=2&v=5013&offer_id=1852&sub_source=67&t1=10261c463acd588dcedd5ebe28a3d8&t2=5f7689baf13b6204668d42ee&t3=82.102.20.235-DK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=199

Response headers

status
200
date
Fri, 02 Oct 2020 02:00:27 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0588a31c6d0000fa6444143200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=20&lkg-time=1601604028"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5dbad473edfafa64-AMS
content-encoding
br
css
fonts.googleapis.com/ 		2 KB
627 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f17e4bead4632bb29b7160316d166559ebe10aa446153978a5136e65876dc9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Oct 2020 00:29:21 GMT
server
ESF
date
Fri, 02 Oct 2020 02:00:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Oct 2020 02:00:27 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
862 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 02:00:27 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688701e440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-polished
origSize=3413
cf-ray
5dbad47518141fd2-AMS
cf-request-id
0588a31d3100001fd282973200000001
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Sep 2020 23:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439374
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Sep 2021 23:57:33 GMT
IMG_P1_2_GEKAS_SE.png
img17.com/pl/1/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/IMG_P1_2_GEKAS_SE.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8518a6ae26f44acfd9a74f5bc73fc26bdfd0dc5480fc453a94075b8f8024afe2

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 02:00:27 GMT
cf-cache-status
HIT
age
6777
cf-polished
origFmt=png, origSize=75601
status
200
content-disposition
inline; filename="IMG_P1_2_GEKAS_SE.webp"
content-length
46544
cf-request-id
0588a31d3100001fd282974200000001
last-modified
Fri, 06 Dec 2019 06:36:07 GMT
server
cloudflare
etag
"12751-5990342ba23c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbad47518151fd2-AMS
cf-bgj
imgq:85,h2pri
IMG_P1_1_GEKAS_SE.png
img17.com/pl/1/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/IMG_P1_1_GEKAS_SE.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67dffd654b4e3f7ce4fa5700e36a460c511af03f9621154b986a963fc6347e0e

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 02:00:27 GMT
cf-cache-status
HIT
age
4858
cf-polished
origFmt=png, origSize=237456
status
200
content-disposition
inline; filename="IMG_P1_1_GEKAS_SE.webp"
content-length
170762
cf-request-id
0588a31d4500001fd282976200000001
last-modified
Fri, 06 Dec 2019 06:36:09 GMT
server
cloudflare
etag
"39f90-5990342d8a840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbad475383f1fd2-AMS
cf-bgj
imgq:85,h2pri
loader.gif
img17.com/pl/1/ 		748 B
927 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c380a030da24f18f9ac8f890c39928ed5deab64213ffe750231006a44168b6

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 02:00:27 GMT
cf-cache-status
HIT
age
5155
cf-polished
origFmt=gif, origSize=1633
status
200
content-disposition
inline; filename="loader.webp"
content-length
748
cf-request-id
0588a31d6e00001fd282977200000001
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810c0340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbad475789b1fd2-AMS
cf-bgj
imgq:85,h2pri
IMG_P1_3_GEKAS_SE.png
img17.com/pl/1/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/IMG_P1_3_GEKAS_SE.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c385d9f540243792c7533299608096f6b75e329e0f1a79432f53578a6887bf5

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 02:00:27 GMT
cf-cache-status
HIT
age
6777
cf-polished
origFmt=png, origSize=129545
status
200
content-disposition
inline; filename="IMG_P1_3_GEKAS_SE.webp"
content-length
90718
cf-request-id
0588a31d7f00001fd282979200000001
last-modified
Fri, 06 Dec 2019 06:36:07 GMT
server
cloudflare
etag
"1fa09-5990342ba23c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbad47598c31fd2-AMS
cf-bgj
imgq:85,h2pri
BODY_BACKGROUND_IMAGE_GEKAS_SE.jpg
img17.com/pl/1/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/BODY_BACKGROUND_IMAGE_GEKAS_SE.jpg
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65a44287985d3c8c6b9b36f046d85d429b0d643ef2c8df13ad3f6dfae343a34b

Request headers

Referer
https://se.12xlwin.net/w0.php?v=5013&aff_id=1548&aff_sub=&aff_sub2=&tid=19253394&pl=199&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 02 Oct 2020 02:00:27 GMT
cf-cache-status
HIT
age
6776
cf-polished
qual=85, origFmt=jpeg, origSize=48068
status
200
content-disposition
inline; filename="BODY_BACKGROUND_IMAGE_GEKAS_SE.webp"
content-length
18920
cf-request-id
0588a31dc000001fd28297b200000001
last-modified
Fri, 06 Dec 2019 06:36:09 GMT
server
cloudflare
etag
"bbc4-5990342d8a840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5dbad476093f1fd2-AMS
cf-bgj
imgq:85,h2pri

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

2 Cookies

Domain/Path Name / Value
se.12xlwin.net/ Name: PHPSESSID
Value: 6fc50ad989c8a57a93d01dd501102018
.12xlwin.net/ Name: __cfduid
Value: dbf3f7de4877ca727f7b35e8c282f4fef1601604026