urlscan.io logo urlscan.io
SecurityTrails logo

au.12xlwin3p.com Open in urlscan Pro
151.101.2.132  Public Scan

Go To Rescan Add Verdict Report
URL: https://au.12xlwin3p.com/index.php?v=5087
Submission: On August 03 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 151.101.2.132, located in United States and belongs to FASTLY, US. The main domain is au.12xlwin3p.com.
TLS certificate: Issued by R3 on June 29th 2023. Valid for: 3 months.
This is the only time au.12xlwin3p.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 151.101.2.132 54113 (FASTLY)
1 172.217.26.234 15169 (GOOGLE)
1 117.18.232.200 15133 (EDGECAST)
1 172.217.161.74 15169 (GOOGLE)
1 142.251.222.35 15169 (GOOGLE)
11 5
7    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
au.12xlwin3p.com
inc-au.12xlwin3p.com
1    172.217.26.234 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f10.1e100.net
ajax.googleapis.com
1    117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    172.217.161.74 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f10.1e100.net
fonts.googleapis.com
1    142.251.222.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 12xlwin3p.com
au.12xlwin3p.com
inc-au.12xlwin3p.com
163 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 406
fonts.googleapis.com — Cisco Umbrella Rank: 77
34 KB
1 gstatic.com
fonts.gstatic.com
29 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2130
8 KB
11 4
Domain Requested by
4 inc-au.12xlwin3p.com au.12xlwin3p.com
3 au.12xlwin3p.com au.12xlwin3p.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com au.12xlwin3p.com
1 ajax.aspnetcdn.com au.12xlwin3p.com
1 ajax.googleapis.com au.12xlwin3p.com
11 6

This site contains no links.

Subject Issuer Validity Valid
*.12xlwin5e.net
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-05-05 -
2024-04-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://au.12xlwin3p.com/index.php?v=5087
Frame ID: 85BF17536F036825B4045E5C5182EF47
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayPal

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

235 kB
Transfer

371 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
au.12xlwin3p.com/ 		24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5da10b5e06c49d573de2f06972054a40bfbd8e8b7a3db3a010abec216d953173

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
jp-jp,jp;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 03 Aug 2023 19:29:40 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-cache-status
BYPASS
x-served-by
cache-nrt-rjtf7700062-NRT
x-timer
S1691090980.551895,VS0,VE512
gen.css
au.12xlwin3p.com/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://au.12xlwin3p.com/css/gen.css?5
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6e096459890ee866f93a796e37e4137330fb79680c2cb4366eccf347387284f2

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/index.php?v=5087
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 19:29:40 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache-status
BYPASS
x-cache
MISS
content-length
3717
x-served-by
cache-nrt-rjtf7700062-NRT
last-modified
Wed, 26 Jul 2023 15:09:20 GMT
server
nginx
x-timer
S1691090980.105069,VS0,VE489
etag
W/"4b4a-601653b6d92a6"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-cache-hits
0
template50.css
au.12xlwin3p.com/css/ 		36 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://au.12xlwin3p.com/css/template50.css
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d5b698dcfec204c9d774b76e517b25edf465b982830e50508481cd1e4594dac4

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/index.php?v=5087
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 19:29:40 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache-status
BYPASS
x-cache
MISS
content-length
3973
x-served-by
cache-nrt-rjtf7700062-NRT
last-modified
Sun, 25 Aug 2019 17:06:57 GMT
server
nginx
x-timer
S1691090980.118691,VS0,VE481
etag
W/"9122-590f41126ad5a"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
x-cache-hits
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f10.1e100.net
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 02 Aug 2023 02:43:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146750
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Aug 2024 02:43:50 GMT
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.10.0/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.10.0/jquery.validate.min.js
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89D7) /
Resource Hash
cde0578486717bb6f75c3a33376116b77677619475c38b5904258e5b118e8436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 19:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
437967
x-cache
HIT
content-length
8058
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:27 GMT
server
ECAcc (tka/89D7)
etag
"75f84c70d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		2 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f10.1e100.net
Software
ESF /
Resource Hash
03cd27383624fe9c5fd5c20ae3cf56553e254b1b796327d452550908cd7ba21d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 03 Aug 2023 19:29:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 03 Aug 2023 17:56:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Aug 2023 19:29:40 GMT
AU_5087_IMG_P1_4_PAYPAL.png
inc-au.12xlwin3p.com/images2/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-au.12xlwin3p.com/images2/AU_5087_IMG_P1_4_PAYPAL.png
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17b26e3b060477d946f7d0e556b276d64303012dbde6ad0b56a22233301ab2f4

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-nrt-rjtf7700062-NRT
date
Thu, 03 Aug 2023 19:29:41 GMT
via
1.1 varnish
last-modified
Tue, 22 Feb 2022 11:38:23 GMT
server
nginx
age
0
x-timer
S1691090981.804863,VS0,VE733
etag
"df73-5d899c95a53f3"
x-cache-status
BYPASS
x-cache
MISS
content-type
image/png
accept-ranges
bytes
content-length
57203
x-cache-hits
0
AU_5087_IMG_P1_5_PAYPAL.png
inc-au.12xlwin3p.com/images2/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-au.12xlwin3p.com/images2/AU_5087_IMG_P1_5_PAYPAL.png
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea198e8d255d9d7c98144dbe5940393093866526dffe6f54c337ff16a33f83ca

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-nrt-rjtf7700062-NRT
date
Thu, 03 Aug 2023 19:29:41 GMT
via
1.1 varnish
last-modified
Tue, 22 Feb 2022 11:38:23 GMT
server
nginx
age
0
x-timer
S1691090981.804887,VS0,VE718
etag
"800e-5d899c95cec04"
x-cache-status
BYPASS
x-cache
MISS
content-type
image/png
accept-ranges
bytes
content-length
32782
x-cache-hits
0
AU_5087_IMG_P1_6_PAYPAL.png
inc-au.12xlwin3p.com/images2/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-au.12xlwin3p.com/images2/AU_5087_IMG_P1_6_PAYPAL.png
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7bad6a3ce23dda3840879186e0996f44ec478ae4ab97ad5b1b414b015f3a7704

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-nrt-rjtf7700062-NRT
date
Thu, 03 Aug 2023 19:29:41 GMT
via
1.1 varnish
last-modified
Tue, 22 Feb 2022 11:38:23 GMT
server
nginx
age
0
x-timer
S1691090981.804910,VS0,VE712
etag
"8d9a-5d899c95dd664"
x-cache-status
BYPASS
x-cache
MISS
content-type
image/png
accept-ranges
bytes
content-length
36250
x-cache-hits
0
AU_5087_background_paypal.jpg
inc-au.12xlwin3p.com/images2/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-au.12xlwin3p.com/images2/AU_5087_background_paypal.jpg
Requested by
Host: au.12xlwin3p.com
URL: https://au.12xlwin3p.com/index.php?v=5087
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f82b475c8be9bc2a971a83f8ad0f8ddbdd290ba0d0c0c048cc0cedfbd1e86431

Request headers

accept-language
jp-jp,jp;q=0.9
Referer
https://au.12xlwin3p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-nrt-rjtf7700062-NRT
date
Thu, 03 Aug 2023 19:29:41 GMT
via
1.1 varnish
last-modified
Wed, 05 May 2021 08:03:06 GMT
server
nginx
age
0
x-timer
S1691090981.804878,VS0,VE731
etag
"67f8-5c1909ff6372a"
x-cache-status
BYPASS
x-cache
MISS
content-type
image/jpeg
accept-ranges
bytes
content-length
26616
x-cache-hits
0
u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f3.1e100.net
Software
sffe /
Resource Hash
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://au.12xlwin3p.com
accept-language
jp-jp,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 29 Jul 2023 01:26:28 GMT
x-content-type-options
nosniff
age
496993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29252
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:46:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Jul 2024 01:26:28 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| unhide function| hide function| toggle_display function| $ function| jQuery function| open_affiliate_div function| close_affiliate_div

1 Cookies

Domain/Path Name / Value
au.12xlwin3p.com/ Name: PHPSESSID
Value: kndp343qa5rg19g07mbp66mau0