getxitox.com
Open in
urlscan Pro
52.207.55.113
Public Scan
Effective URL: https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub...
Submission: On October 14 via manual from US — Scanned from AU
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on June 11th 2024. Valid for: a year.
This is the only time getxitox.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 20.60.102.1 20.60.102.1 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 1 | 172.67.213.103 172.67.213.103 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 50.18.72.103 50.18.72.103 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 52.207.55.113 52.207.55.113 | 14618 (AMAZON-AES) (AMAZON-AES) | |
4 | 2 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
swhv.blob.core.windows.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-72-103.us-west-1.compute.amazonaws.com
tracking.getxitox-at.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-55-113.compute-1.amazonaws.com
getxitox.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
getxitox.com
getxitox.com |
466 B |
2 |
windows.net
swhv.blob.core.windows.net |
1 KB |
1 |
getxitox-at.com
1 redirects
tracking.getxitox-at.com |
2 KB |
1 |
mwebscope.com
1 redirects
mwebscope.com |
563 B |
4 | 4 |
Domain | Requested by | |
---|---|---|
2 | getxitox.com | |
2 | swhv.blob.core.windows.net | |
1 | tracking.getxitox-at.com | 1 redirects |
1 | mwebscope.com | 1 redirects |
4 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 07 |
2024-04-01 - 2025-03-27 |
a year | crt.sh |
getxitox.com Amazon RSA 2048 M03 |
2024-06-11 - 2025-07-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629
Frame ID: A68BC16CBA2EBB1A49C2B4FCCD422757
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://swhv.blob.core.windows.net/sbwhsw/delsop.html Page URL
-
https://mwebscope.com/8712/198/3/
HTTP 302
https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid2024101409321... HTTP 302
http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=1... HTTP 307
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=1... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://swhv.blob.core.windows.net/sbwhsw/delsop.html Page URL
-
https://mwebscope.com/8712/198/3/
HTTP 302
https://tracking.getxitox-at.com/aff_c?offer_id=111&aff_id=2629&url_id=1969&aff_sub5=8712_sessid20241014093213369&aff_sub=198 HTTP 302
http://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629 HTTP 307
https://getxitox.com/go/indexnoaffprog-maxweb.php?trans=102b32ae98002718d733610d7890dc&aff_sub1=198&aff_sub2=&aff_sub3=&aff_sub4=&aff_sub5=8712_sessid20241014093213369&affiliate_id=2629 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
delsop.html
swhv.blob.core.windows.net/sbwhsw/ |
165 B 568 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
indexnoaffprog-maxweb.php
getxitox.com/go/ Redirect Chain
|
5 B 118 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
swhv.blob.core.windows.net/ |
226 B 485 B |
Other
application/xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
getxitox.com/ |
287 B 348 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
mwebscope.com/ | Name: __cflb Value: 02DiuDvnJbjKdBkxKLUNnR5XRfWaf6WDKw96ZV4Mkveex |
|
tracking.getxitox-at.com/ | Name: aff_ran_url_111 Value: 1969 |
|
tracking.getxitox-at.com/ | Name: enc_aff_session_111 Value: ENC0385e076e77eb195b7442b04a4dd5f249ed1a3e8ef4789ed9ca5a4d9597f4e0822c0894e7a655a5a7d413b54de8b2b732f4ecd24d6656b009e1dbf983335957046673235ce9a74deb8f9e0c7792eebecf2d7500bcd2f1e115a7911668242604ed7ffee7644ede14874585d910944003c291a96f77347a7acb1e48bd9c02f15dab4359f4bbd381e690b2f3416be1e2aec196e10dda34ac61b3fb9f8041268b713767cf566355eeac540a1e34ccc0a8d00c4d34bb0129fc5339f90de18d102b0e6af03ddefc9 |
|
tracking.getxitox-at.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjkiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI5LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1BVSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ== |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
getxitox.com
mwebscope.com
swhv.blob.core.windows.net
tracking.getxitox-at.com
172.67.213.103
20.60.102.1
50.18.72.103
52.207.55.113
3e505b9cd5c8f0859bcc1d6f67840c3ccfa85a54da6bdef6d0e4c02e7695afce
ca00fccfb408989eddc401062c4d1219a6aceb6b9b55412357f1790862e8f178
d7918cb1db9895081e7d06f1cd91bbcf4bca6db65090284f27e665f112d8315f