urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin.net Open in urlscan Pro
2606:4700:3036::6818:7970  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://x.trc81.com/aff_c?offer_id=564&aff_id=2890&url_id=6594&pl=185&source=2215&aff_sub=5f750e886899f90474da65d2
Effective URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=...
Submission: On October 01 via manual from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3036::6818:7970, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.
This is the only time se.12xlwin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.72.181.91 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
10 3
Apex Domain
Subdomains		 Transfer
6 img17.com
img17.com
298 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
34 KB
2 12xlwin.net
se.12xlwin.net
3 KB
1 trc81.com
x.trc81.com
2 KB
10 4
Domain Requested by
6 img17.com se.12xlwin.net
2 se.12xlwin.net
1 ajax.googleapis.com se.12xlwin.net
1 fonts.googleapis.com se.12xlwin.net
1 x.trc81.com 1 redirects
10 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-13 -
2021-08-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-09-03 -
2020-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: AFB67B2F9F6079C405F2FD91EAAAC996
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

3
IPs

3
Countries

336 kB
Transfer

404 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://x.trc81.com/aff_c?offer_id=564&aff_id=2890&url_id=6594&pl=185&source=2215&aff_sub=5f750e886899f90474da65d2 HTTP 302
  • https://se.12xlwin.net/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
se.12xlwin.net/
Redirect Chain
  • http://x.trc81.com/aff_c?offer_id=564&aff_id=2890&url_id=6594&pl=185&source=2215&aff_sub=5f750e886899f90474da65d2
  • https://se.12xlwin.net/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--...
0
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin.net/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:7970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin.net
:scheme
https
:path
/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 01 Oct 2020 06:33:17 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd1a43885b7bfbb4f55eef1676f00632e1601533997; expires=Sat, 31-Oct-20 06:33:17 GMT; path=/; domain=.12xlwin.net; HttpOnly; SameSite=Lax PHPSESSID=1c5d144ce3d7dd4676a7329aab1f97f8; path=/
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
cf-cache-status
DYNAMIC
cf-request-id
05847688f40000d6b97c9bd200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533997"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5db426bb2a51d6b9-FRA
content-encoding
br

Redirect headers

Server
nginx
Date
Thu, 01 Oct 2020 06:33:17 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
515
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
102b7956d7aa0fc9087160e6ce9bae
Location
https://se.12xlwin.net/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
Set-Cookie
aff_ran_url_564=6594; expires=Fri, 02 Oct 2020 06:33:17 GMT; path=/; SameSite=None; Secure enc_aff_session_564=ENC035b9a61e13b31fb4bfd8b25cb8c037b3039557355b792261d1c65a474db95747f05f4504c34d6bb8462888520e7f0bbe14d80905e3c260a4c78619fe9d4060f9954bf8b51412aecfc3da2a57d8e64153fa6866978d49c277419707656eeda1223d2d0d67c2ea4851ad61742ba9106677075db32f0a1e216a830345e2a358e31545986f287526b9010876935dcd8e17a45d32eda82ef8d868219121cb7dae5f0d90d5d583f; expires=Sun, 01 Nov 2020 06:33:17 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 26 Aug 2023 17:13:17 GMT; path=/; SameSite=None; Secure
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
dff8a05bbbe9c51c6d83555b3ad4287d
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request w0.php
se.12xlwin.net/ 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:7970 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
9d90cadfe42cc12eea752dd41b9358cee2eaf5e6fda0c5b339bef8f55af6c9ce

Request headers

:method
GET
:authority
se.12xlwin.net
:scheme
https
:path
/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se.12xlwin.net/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dd1a43885b7bfbb4f55eef1676f00632e1601533997; PHPSESSID=1c5d144ce3d7dd4676a7329aab1f97f8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://se.12xlwin.net/gtrax.php?aff_id=2890&ct=1&v=2656&offer_id=564&sub_source=2215&t1=102b7956d7aa0fc9087160e6ce9bae&t2=5f750e886899f90474da65d2&t3=82.102.19.136-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185

Response headers

status
200
date
Thu, 01 Oct 2020 06:33:17 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
05847689fc0000d6b97c9d2200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601533998"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
5db426bccd9fd6b9-FRA
content-encoding
br
css
fonts.googleapis.com/ 		2 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f17e4bead4632bb29b7160316d166559ebe10aa446153978a5136e65876dc9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 01 Oct 2020 06:26:49 GMT
server
ESF
date
Thu, 01 Oct 2020 06:33:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 01 Oct 2020 06:33:17 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 06:33:17 GMT
content-encoding
br
cf-cache-status
HIT
age
4958
cf-polished
origSize=3413
status
200
cf-request-id
0584768a5e00001f2d5b10d200000001
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688701e440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
5db426bd6dd71f2d-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 26 Sep 2020 23:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
369344
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Sep 2021 23:57:33 GMT
p1_2_lindex.png
img17.com/pl/1/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_2_lindex.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c818e0a075fb0e286c7f36121c9dee10a0bb6ce1b829e6b6a68d42af3ab948b

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 06:33:17 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Mar 2019 10:26:37 GMT
server
cloudflare
etag
"6ae3-5836a6cb31140"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5db426bd7df11f2d-FRA
content-length
27363
cf-request-id
0584768a6800001f2d5b10f200000001
p1_1_lindex.png
img17.com/pl/1/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_1_lindex.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50e9e20e0cf0b7dafdb928e18d158ee72e09a7c7698055d1b9ce14fc0264c99c

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 06:33:17 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Mar 2019 10:26:39 GMT
server
cloudflare
etag
"a5a4-5836a6cd195c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5db426bd8e0f1f2d-FRA
content-length
42404
cf-request-id
0584768a7200001f2d5b112200000001
loader.gif
img17.com/pl/1/ 		748 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c380a030da24f18f9ac8f890c39928ed5deab64213ffe750231006a44168b6

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 06:33:17 GMT
cf-cache-status
HIT
age
3810
cf-polished
origFmt=gif, origSize=1633
status
200
content-disposition
inline; filename="loader.webp"
content-length
748
cf-request-id
0584768a7e00001f2d5b113200000001
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810c0340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5db426bd9e261f2d-FRA
cf-bgj
imgq:85,h2pri
p1_3_lindex.png
img17.com/pl/1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_3_lindex.png
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b63f53b23474d84cfedab76cf50cbb568caa664a0a66b835ed8a321f0b1948c

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 06:33:17 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Mar 2019 10:26:36 GMT
server
cloudflare
etag
"572c-5836a6ca3cf00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5db426bd9e291f2d-FRA
content-length
22316
cf-request-id
0584768a7f00001f2d5b114200000001
background-pl-lindex.jpg
img17.com/pl/1/ 		205 KB
206 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/background-pl-lindex.jpg
Requested by
Host: se.12xlwin.net
URL: https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
985b2b4082ed8a3e584b15880ba574ac7118212645ae426b810bbc4f860df822

Request headers

Referer
https://se.12xlwin.net/w0.php?v=2656&aff_id=2890&aff_sub=&aff_sub2=&tid=19228871&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 01 Oct 2020 06:33:17 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Mar 2019 10:26:39 GMT
server
cloudflare
etag
"335e9-5836a6cd195c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5db426bd9e2c1f2d-FRA
content-length
210409
cf-request-id
0584768a7f00001f2d5b115200000001

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

2 Cookies

Domain/Path Name / Value
se.12xlwin.net/ Name: PHPSESSID
Value: 1c5d144ce3d7dd4676a7329aab1f97f8
.12xlwin.net/ Name: __cfduid
Value: dd1a43885b7bfbb4f55eef1676f00632e1601533997