urlscan.io logo urlscan.io
SecurityTrails logo

nz.12xlwin6a.net Open in urlscan Pro
2606:4700:30::681b:9cdb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track.euclides.website/track/cmp/64df6/10735/32036097/clk/2/
Effective URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&...
Submission: On May 07 via manual from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 10 HTTP transactions. The main IP is 2606:4700:30::681b:9cdb, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is nz.12xlwin6a.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on October 20th 2018. Valid for: a year.
This is the only time nz.12xlwin6a.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.48.82.149 16509 (AMAZON-02)
1 1 52.50.109.222 16509 (AMAZON-02)
1 1 54.171.19.108 16509 (AMAZON-02)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
10 4
1    52.48.82.149 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-48-82-149.eu-west-1.compute.amazonaws.com
track.euclides.website
1    52.50.109.222 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-109-222.eu-west-1.compute.amazonaws.com
koiadv.go2cloud.org
1    54.171.19.108 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-171-19-108.eu-west-1.compute.amazonaws.com
x.trc81.com
2    2606:4700:30::681b:9cdb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
nz.12xlwin6a.net
1    2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2606:4700:20::6818:1902 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
img17.com
1    2a00:1450:4001:815::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
Domain Requested by
6 img17.com nz.12xlwin6a.net
2 nz.12xlwin6a.net
1 ajax.googleapis.com nz.12xlwin6a.net
1 fonts.googleapis.com nz.12xlwin6a.net
1 x.trc81.com 1 redirects
1 koiadv.go2cloud.org 1 redirects
1 track.euclides.website 1 redirects
10 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2018-10-20 -
2019-10-20		 a year crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
ssl389703.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-17 -
2019-10-24		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 0E07DDDC366E440D465F258C0ECF3FF0
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

10
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

373 kB
Transfer

442 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://track.euclides.website/track/cmp/64df6/10735/32036097/clk/2/ HTTP 302
  • http://koiadv.go2cloud.org/aff_c?offer_id=28&aff_id=1000&source=koi&file_id=37 HTTP 302
  • http://x.trc81.com/aff_c?offer_id=144&aff_id=1223&url_id=3784&pl=65&source=1000_triptobangkok&aff_sub2=102991ffe1726776a572d72574e015 HTTP 302
  • https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
nz.12xlwin6a.net/
Redirect Chain
  • https://track.euclides.website/track/cmp/64df6/10735/32036097/clk/2/
  • http://koiadv.go2cloud.org/aff_c?offer_id=28&aff_id=1000&source=koi&file_id=37
  • http://x.trc81.com/aff_c?offer_id=144&aff_id=1223&url_id=3784&pl=65&source=1000_triptobangkok&aff_sub2=102991ffe1726776a572d72574e015
  • https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&ge...
0
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9cdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.5.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
nz.12xlwin6a.net
:scheme
https
:path
/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Tue, 07 May 2019 01:14:42 GMT
content-type
text/html
set-cookie
__cfduid=d3b7b90d94b69d571f223aab424d4495f1557191682; expires=Wed, 06-May-20 01:14:42 GMT; path=/; domain=.12xlwin6a.net; HttpOnly PHPSESSID=ddff73860366e4304a2db4d365862e59; path=/
x-powered-by
PHP/5.5.30
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
refresh
0.2;url=w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d2f56ae59966467-FRA
content-encoding
br

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=iso-8859-1
Date
Tue, 07 May 2019 01:14:42 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65
P3P
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx/1.13.12
Set-Cookie
aff_ran_url_144=3784; expires=Wed, 08 May 2019 01:14:42 GMT; path=/; enc_aff_session_144=ENC034efb1863a684f77e910c535a1101744e9fcc356c14739e1259181dce4e3ce826981122ed7abf0e20eb21f99e01fd479dd32a321896e4c11eca20173d82a3014249dea7157e7edf65dd5e1ba1013c36ccdf9515e384fbbf83d9fb44b35dde88de09af423b03c138aa9e114cfbc13f2d9a570651def468de74607deb7cf323b02960097be487d77014f815146586a12ad6c75928595b10962a86629ffb51163140059ec288; expires=Fri, 07 Jun 2019 01:14:42 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI2Ny4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Thu, 31 Mar 2022 11:54:42 GMT; path=/;
tracking_id
102b9df04453df3bfa3ff7240f2f76
X-Robots-Tag
noindex, nofollow
Content-Length
508
Connection
keep-alive
Primary Request w0.php
nz.12xlwin6a.net/ 		11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:9cdb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.5.30
Resource Hash
287024c556ee2d7bba5e7f810c9fd97187e4629c273c19f0e6a6e4f47805fd0f

Request headers

:method
GET
:authority
nz.12xlwin6a.net
:scheme
https
:path
/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65
accept-encoding
gzip, deflate, br
cookie
__cfduid=d3b7b90d94b69d571f223aab424d4495f1557191682; PHPSESSID=ddff73860366e4304a2db4d365862e59
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://nz.12xlwin6a.net/gtrax.php?aff_id=1223&ct=1&v=2657&offer_id=144&sub_source=1000_triptobangkok&t1=102b9df04453df3bfa3ff7240f2f76&t2=&t3=185.130.184.117-DE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=65

Response headers

status
200
date
Tue, 07 May 2019 01:14:42 GMT
content-type
text/html
x-powered-by
PHP/5.5.30
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4d2f56b02a716467-FRA
content-encoding
br
css
fonts.googleapis.com/ 		2 KB
582 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
4f11ba60e1d4e6c9b08a8c5ebc8a5f7a1a4941bc9e75569ef6ee33ad6381a9e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 07 May 2019 01:14:42 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 07 May 2019 01:14:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 07 May 2019 01:14:42 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1902 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 01:14:42 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688710aa7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
expires
Tue, 07 May 2019 05:14:42 GMT
cache-control
public, max-age=14400
cf-polished
origSize=3413
cf-ray
4d2f56b0c88ec26d-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 00:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5098576
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
33593
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 00:58:26 GMT
2657_p1_2.png
img17.com/pl/1/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_p1_2.png
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1902 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f5e416ad6e30ec94bd8ee4986bc45f58c80be5c67bb02dbe657ba42e79b60c

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 01:14:42 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=54780
status
200
content-disposition
inline; filename="2657_p1_2.webp"
cf-bgj
imgq:85
content-length
30854
last-modified
Thu, 17 May 2018 15:28:40 GMT
server
cloudflare
etag
"d5fc-56c687d698b02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d2f56b0c893c26d-FRA
expires
Tue, 07 May 2019 05:14:42 GMT
2657_p1_1.png
img17.com/pl/1/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_p1_1.png
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1902 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3f63262d3f9c930c77dc67b0c311cf32bbee302bed0eb2e55999b78f86d07d

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 01:14:42 GMT
cf-cache-status
MISS
last-modified
Thu, 17 May 2018 15:28:39 GMT
server
cloudflare
etag
"b0e1-56c687d60c100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d2f56b0c892c26d-FRA
content-length
45281
expires
Tue, 07 May 2019 05:14:42 GMT
loader.gif
img17.com/pl/1/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1902 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d619282a3d1a329605067fb43a6987b74e454aed2ffbd15974152c07ae7c0a

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 01:14:42 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810f4ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d2f56b1291ac26d-FRA
content-length
1633
expires
Tue, 07 May 2019 05:14:42 GMT
2657_p1_3.png
img17.com/pl/1/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_p1_3.png
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1902 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d2a68fdc98e9e706b4f7e9c9417a42c1299fc2d76bedc5e8e158a39cce1f981

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 01:14:42 GMT
cf-cache-status
MISS
last-modified
Thu, 17 May 2018 15:28:40 GMT
server
cloudflare
etag
"536a-56c687d711c84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d2f56b1291bc26d-FRA
content-length
21354
expires
Tue, 07 May 2019 05:14:42 GMT
2657_bg.jpg
img17.com/pl/1/ 		238 KB
238 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_bg.jpg
Requested by
Host: nz.12xlwin6a.net
URL: https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1902 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29425f30871c7692266f5d0eeaaec10edbfd92040bf50f0d7abd456a3f2465d0

Request headers

Referer
https://nz.12xlwin6a.net/w0.php?v=2657&aff_id=1223&aff_sub=&aff_sub2=&tid=18289787&pl=65&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 07 May 2019 01:14:42 GMT
cf-cache-status
MISS
last-modified
Thu, 17 May 2018 15:28:38 GMT
server
cloudflare
etag
"3b685-56c687d583d4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4d2f56b12920c26d-FRA
content-length
243333
expires
Tue, 07 May 2019 05:14:42 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

2 Cookies

Domain/Path Name / Value
nz.12xlwin6a.net/ Name: PHPSESSID
Value: ddff73860366e4304a2db4d365862e59
.12xlwin6a.net/ Name: __cfduid
Value: d3b7b90d94b69d571f223aab424d4495f1557191682