nz.12xlwin6a.net
Open in
urlscan Pro
2606:4700:30::681b:9cdb
Public Scan
Effective URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&...
Submission: On May 07 via manual from NZ
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 20th 2018. Valid for: a year.
This is the only time nz.12xlwin6a.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 52.48.82.149 52.48.82.149 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.50.109.222 52.50.109.222 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 54.171.19.108 54.171.19.108 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 2606:4700:30:... 2606:4700:30::681b:9cdb | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:817::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 2606:4700:20:... 2606:4700:20::6818:1902 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
10 | 4 |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-82-149.eu-west-1.compute.amazonaws.com
track.euclides.website |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
koiadv.go2cloud.org |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-19-108.eu-west-1.compute.amazonaws.com
x.trc81.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
nz.12xlwin6a.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
img17.com
img17.com |
336 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
33 KB |
2 |
12xlwin6a.net
nz.12xlwin6a.net |
3 KB |
1 |
trc81.com
1 redirects
x.trc81.com |
2 KB |
1 |
go2cloud.org
1 redirects
koiadv.go2cloud.org |
1 KB |
1 |
euclides.website
1 redirects
track.euclides.website |
265 B |
10 | 6 |
Domain | Requested by | |
---|---|---|
6 | img17.com |
nz.12xlwin6a.net
|
2 | nz.12xlwin6a.net | |
1 | ajax.googleapis.com |
nz.12xlwin6a.net
|
1 | fonts.googleapis.com |
nz.12xlwin6a.net
|
1 | x.trc81.com | 1 redirects |
1 | koiadv.go2cloud.org | 1 redirects |
1 | track.euclides.website | 1 redirects |
10 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2018-10-20 - 2019-10-20 |
a year | crt.sh |
*.googleapis.com Google Internet Authority G3 |
2019-04-16 - 2019-07-09 |
3 months | crt.sh |
ssl389703.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-04-17 - 2019-10-24 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 0E07DDDC366E440D465F258C0ECF3FF0
Requests: 10 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://track.euclides.website/track/cmp/64df6/10735/32036097/clk/2/ HTTP 302
- http://koiadv.go2cloud.org/aff_c?offer_id=28&aff_id=1000&source=koi&file_id=37 HTTP 302
- http://x.trc81.com/aff_c?offer_id=144&aff_id=1223&url_id=3784&pl=65&source=1000_triptobangkok&aff_sub2=102991ffe1726776a572d72574e015 HTTP 302
- https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
gtrax.php
nz.12xlwin6a.net/ Redirect Chain
|
0 528 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
w0.php
nz.12xlwin6a.net/ |
11 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 582 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl1_2.css
img17.com/pl/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2657_p1_2.png
img17.com/pl/1/ |
30 KB 30 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2657_p1_1.png
img17.com/pl/1/ |
44 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
img17.com/pl/1/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2657_p1_3.png
img17.com/pl/1/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2657_bg.jpg
img17.com/pl/1/ |
238 KB 238 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
nz.12xlwin6a.net/ | Name: PHPSESSID Value: ddff73860366e4304a2db4d365862e59 |
|
.12xlwin6a.net/ | Name: __cfduid Value: d3b7b90d94b69d571f223aab424d4495f1557191682 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
fonts.googleapis.com
img17.com
koiadv.go2cloud.org
nz.12xlwin6a.net
track.euclides.website
x.trc81.com
2606:4700:20::6818:1902
2606:4700:30::681b:9cdb
2a00:1450:4001:815::200a
2a00:1450:4001:817::200a
52.48.82.149
52.50.109.222
54.171.19.108
00f5e416ad6e30ec94bd8ee4986bc45f58c80be5c67bb02dbe657ba42e79b60c
1d2a68fdc98e9e706b4f7e9c9417a42c1299fc2d76bedc5e8e158a39cce1f981
287024c556ee2d7bba5e7f810c9fd97187e4629c273c19f0e6a6e4f47805fd0f
29425f30871c7692266f5d0eeaaec10edbfd92040bf50f0d7abd456a3f2465d0
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e
4f11ba60e1d4e6c9b08a8c5ebc8a5f7a1a4941bc9e75569ef6ee33ad6381a9e7
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
7d3f63262d3f9c930c77dc67b0c311cf32bbee302bed0eb2e55999b78f86d07d
92d619282a3d1a329605067fb43a6987b74e454aed2ffbd15974152c07ae7c0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855