urlscan.io logo urlscan.io
SecurityTrails logo

getxitox.com Open in urlscan Pro
52.207.55.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://swhv.blob.core.windows.net/sbwhsw/delsop.html
Effective URL: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub...
Submission: On October 14 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 52.207.55.113, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is getxitox.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 11th 2024. Valid for: a year.
This is the only time getxitox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 20.60.102.1 8075 (MICROSOFT...)
1 1 172.67.213.103 13335 (CLOUDFLAR...)
1 1 50.18.72.103 16509 (AMAZON-02)
2 52.207.55.113 14618 (AMAZON-AES)
4 2
Apex Domain
Subdomains		 Transfer
2 getxitox.com
getxitox.com
466 B
2 windows.net
swhv.blob.core.windows.net
1 KB
1 getxitox-at.com
tracking.getxitox-at.com
2 KB
1 mwebscope.com
mwebscope.com
563 B
4 4
Domain Requested by
2 getxitox.com
2 swhv.blob.core.windows.net
1 tracking.getxitox-at.com 1 redirects
1 mwebscope.com 1 redirects
4 4

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-04-01 -
2025-03-27		 a year crt.sh
getxitox.com
Amazon RSA 2048 M03		 2024-06-11 -
2025-07-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629
Frame ID: A68BC16CBA2EBB1A49C2B4FCCD422757
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://swhv.blob.core.windows.net/sbwhsw/delsop.html Page URL
  2. https://mwebscope.com/8712/198/3/ HTTP 302
    https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid2024101409321... HTTP 302
    http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=1... HTTP 307
    https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=1... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://swhv.blob.core.windows.net/sbwhsw/delsop.html Page URL
  2. https://mwebscope.com/8712/198/3/ HTTP 302
    https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20241014093213369&aff_sub=198 HTTP 302
    http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629 HTTP 307
    https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
delsop.html
swhv.blob.core.windows.net/sbwhsw/ 		165 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://swhv.blob.core.windows.net/sbwhsw/delsop.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.102.1 Canberra, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3e505b9cd5c8f0859bcc1d6f67840c3ccfa85a54da6bdef6d0e4c02e7695afce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Content-Length
165
Content-MD5
nE4ZN3IQ4jAu4VcmB5Mh3Q==
Content-Type
text/html
Date
Mon, 14 Oct 2024 09:32:11 GMT
ETag
0x8DCEBAB5680855A
Last-Modified
Sun, 13 Oct 2024 17:20:30 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
e3e3a7e4-701e-000e-2e1b-1e108a000000
x-ms-version
2009-09-19
Primary Request indexnoaffprog-maxweb.php
getxitox.com/go/
Redirect Chain
  • https://mwebscope.com/8712/198/3/?
  • https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20241014093213369&aff_sub=198
  • http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629
  • https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629
5 B
118 B 		Document
General
Check archive.org
Download Go to
Full URL
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.55.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-55-113.compute-1.amazonaws.com
Software
nginx/1.22.1 / PHP/5.6.40
Resource Hash
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178

Request headers

Referer
https://swhv.blob.core.windows.net/sbwhsw/delsop.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length
5
content-type
text/html; charset=UTF-8
date
Mon, 14 Oct 2024 09:32:13 GMT
server
nginx/1.22.1
x-powered-by
PHP/5.6.40

Redirect headers

Location
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
swhv.blob.core.windows.net/ 		226 B
485 B 		Other
General
Check archive.org
Download Go to
Full URL
https://swhv.blob.core.windows.net/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.60.102.1 Canberra, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Blob Service Version 1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://swhv.blob.core.windows.net/sbwhsw/delsop.html

Response headers

x-ms-request-id
e3e3a80e-701e-000e-541b-1e108a000000
Content-Length
226
Date
Mon, 14 Oct 2024 09:32:11 GMT
Content-Type
application/xml
Server
Blob Service Version 1.0 Microsoft-HTTPAPI/2.0
favicon.ico
getxitox.com/ 		287 B
348 B 		Other
General
Check archive.org
Download Go to
Full URL
https://getxitox.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.55.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-55-113.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
d7918cb1db9895081e7d06f1cd91bbcf4bca6db65090284f27e665f112d8315f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629

Response headers

content-encoding
gzip
date
Mon, 14 Oct 2024 09:32:14 GMT
content-type
text/html; charset=iso-8859-1
server
nginx/1.22.1

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
mwebscope.com/ Name: __cflb
Value: 02DiuDvnJbjKdBkxKLUNnR5XRfWaf6WDKw96ZV4Mkveex
tracking.getxitox-at.com/ Name: aff_ran_url_111
Value: 1969
tracking.getxitox-at.com/ Name: enc_aff_session_111
Value: ENC0385e076e77eb195b7442b04a4dd5f249ed1a3e8ef4789ed9ca5a4d9597f4e0822c0894e7a655a5a7d413b54de8b2b732f4ecd24d6656b009e1dbf983335957046673235ce9a74deb8f9e0c7792eebecf2d7500bcd2f1e115a7911668242604ed7ffee7644ede14874585d910944003c291a96f77347a7acb1e48bd9c02f15dab4359f4bbd381e690b2f3416be1e2aec196e10dda34ac61b3fb9f8041268b713767cf566355eeac540a1e34ccc0a8d00c4d34bb0129fc5339f90de18d102b0e6af03ddefc9
tracking.getxitox-at.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1BVSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==

2 Console Messages

Source Level URL
Text
network error URL: https://swhv.blob.core.windows.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 400 (One of the request inputs is out of range.)
network error URL: https://getxitox.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()