urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin1.net Open in urlscan Pro
2606:4700:3036::681c:e26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://emily.patrolpromex.com/redirect.php?id=PGMzNGNjNjc2ODdhOGFiZmNkNWE5OTZkNzc2NjE0OWVlQGVtaWx5LnBhdHJvbHByb21leC5jb20%2B&r...
Effective URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&...
Submission: On May 18 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3036::681c:e26, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin1.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 16th 2019. Valid for: a year.
This is the only time se.12xlwin1.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 35.241.7.124 15169 (GOOGLE)
1 1 52.210.174.128 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 5
1    2606:4700:3032::6812:37a4 (United States)

ASN13335 (CLOUDFLARENET, US)
emily.patrolpromex.com
1    35.241.7.124 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 124.7.241.35.bc.googleusercontent.com
trk.an7trk9.tech
1    52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
x.trc90.com
2    2606:4700:3036::681c:e26 (United States)

ASN13335 (CLOUDFLARENET, US)
se.12xlwin1.net
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700:20::681a:b50 (United States)

ASN13335 (CLOUDFLARENET, US)
img17.com
1    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
8 img17.com se.12xlwin1.net
2 se.12xlwin1.net
1 fonts.gstatic.com se.12xlwin1.net
1 ajax.googleapis.com se.12xlwin1.net
1 fonts.googleapis.com se.12xlwin1.net
1 x.trc90.com 1 redirects
1 trk.an7trk9.tech 1 redirects
1 emily.patrolpromex.com 1 redirects
13 8

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-16 -
2020-09-15		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-04-28 -
2020-07-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 57E51B4B22C8B3E3DA1CB5DC94CD888D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

13
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

5
IPs

4
Countries

258 kB
Transfer

328 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://emily.patrolpromex.com/redirect.php?id=PGMzNGNjNjc2ODdhOGFiZmNkNWE5OTZkNzc2NjE0OWVlQGVtaWx5LnBhdHJvbHByb21leC5jb20%2B&ref=aHR0cHM6Ly90cmsuYW43dHJrOS50ZWNoLzVkYmQ0MDEyYjY5MjBkNzU3Mzc0ODBkNA%3D%3D&e=1 HTTP 302
  • https://trk.an7trk9.tech/5dbd4012b6920d75737480d4 HTTP 302
  • http://x.trc90.com/aff_c?offer_id=1852&aff_id=1548&url_id=6622&pl=12&source=63&aff_sub=5ec262fff7917b046f573377 HTTP 302
  • https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=12

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
se.12xlwin1.net/
Redirect Chain
  • http://emily.patrolpromex.com/redirect.php?id=PGMzNGNjNjc2ODdhOGFiZmNkNWE5OTZkNzc2NjE0OWVlQGVtaWx5LnBhdHJvbHByb21leC5jb20%2B&ref=aHR0cHM6Ly90cmsuYW43dHJrOS50ZWNoLzVkYmQ0MDEyYjY5MjBkNzU3Mzc0ODBkNA%3...
  • https://trk.an7trk9.tech/5dbd4012b6920d75737480d4
  • http://x.trc90.com/aff_c?offer_id=1852&aff_id=1548&url_id=6622&pl=12&source=63&aff_sub=5ec262fff7917b046f573377
  • https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome-...
0
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:e26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin1.net
:scheme
https
:path
/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=12
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 18 May 2020 10:27:11 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd80fdc42f106a40162a569b4c6cfd2761589797631; expires=Wed, 17-Jun-20 10:27:11 GMT; path=/; domain=.12xlwin1.net; HttpOnly; SameSite=Lax PHPSESSID=8e6a41a8c34eb680791d2ec65e8cdb7e; path=/
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5954e25ebdb50614-FRA
content-encoding
br
cf-request-id
02c8ebcf350000061440225200000001

Redirect headers

Server
nginx
Date
Mon, 18 May 2020 10:27:11 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
515
Connection
keep-alive
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
102d3e5b945f2303491ea290818773
Location
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=12
Set-Cookie
aff_ran_url_1852=6622; expires=Tue, 19 May 2020 10:27:11 GMT; path=/; SameSite=None; Secure enc_aff_session_1852=ENC03494651802974baadfca15b36cb8da260ba2ffd5f594a7ed214d2177f2dd81dd6e41cd6567a78da90b9c65f4502e73bb2a1ffe18b49b44fcf05d9499761b7858e8b984487014270976af9e3e2875579848e0b3e19928ca63afdafceced76ea9a7bd033de984c6178490e9f882ccb5af18357654ba4dabaf7e3e12423c6f77242d373a02ca; expires=Thu, 18 Jun 2020 10:27:11 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Wed, 12 Apr 2023 21:07:11 GMT; path=/; SameSite=None; Secure
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
07f339ed1d229d715229c1988ad73148
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request w0.php
se.12xlwin1.net/ 		14 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:e26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
463df5361332db3cc9dda914bf98c8b71f7cbc6109dee4eebaa331e4dedb220b

Request headers

:method
GET
:authority
se.12xlwin1.net
:scheme
https
:path
/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=12
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dd80fdc42f106a40162a569b4c6cfd2761589797631; PHPSESSID=8e6a41a8c34eb680791d2ec65e8cdb7e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2654&offer_id=1852&sub_source=63&t1=102d3e5b945f2303491ea290818773&t2=5ec262fff7917b046f573377&t3=165.231.142.36-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=12

Response headers

status
200
date
Mon, 18 May 2020 10:27:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5954e2611e300614-FRA
content-encoding
br
cf-request-id
02c8ebd0b00000061440242200000001
css
fonts.googleapis.com/ 		2 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3d63b9ae0f8cccb888886d453950046c6925e5bb4e2a9096d5ad1d2f14d573a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 May 2020 10:27:12 GMT
server
ESF
date
Mon, 18 May 2020 10:27:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 18 May 2020 10:27:12 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
content-encoding
br
cf-cache-status
HIT
age
6975
cf-polished
origSize=3413
status
200
cf-request-id
02c8ebd1200000c2d1c519f200000001
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688701e440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
5954e261ced6c2d1-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 27 Apr 2020 23:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1768207
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Apr 2021 23:17:05 GMT
2654_p1_2_se.png
img17.com/pl/1/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2654_p1_2_se.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f26e5a8ed3ceeac1a1e94dd8f336d19189321e63a6865b3ffbcce5310401e4

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=89993
status
200
content-disposition
inline; filename="2654_p1_2_se.webp"
content-length
64162
cf-request-id
02c8ebd1200000c2d1c51a0200000001
last-modified
Thu, 17 May 2018 15:28:34 GMT
server
cloudflare
etag
"15f89-56c687d0dac80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ced7c2d1-FRA
cf-bgj
imgq:85,h2pri
2654_p1_1_se.png
img17.com/pl/1/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2654_p1_1_se.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38334b4515fee1961fa41fb9ff0fcc6faddff727794bbf609e58487dbf6aab9

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=109778
status
200
content-disposition
inline; filename="2654_p1_1_se.webp"
content-length
72548
cf-request-id
02c8ebd1330000c2d1c51a3200000001
last-modified
Thu, 17 May 2018 15:28:34 GMT
server
cloudflare
etag
"1acd2-56c687d0dac80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ef39c2d1-FRA
cf-bgj
imgq:85,h2pri
se_petrol_okq8.jpg
img17.com/pl/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/se_petrol_okq8.jpg
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9cd2e4a13f65009852473c177aa16a73928b3642f34cb43efe86f7611c9769d

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:29:55 GMT
server
cloudflare
etag
"1347-56c6881e1a2c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ff72c2d1-FRA
content-length
4935
cf-request-id
02c8ebd13b0000c2d1c51a6200000001
se_petrol_preem.jpg
img17.com/pl/1/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/se_petrol_preem.jpg
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3a3e5759117d5dceb038260bcaf53cb9882094e9c24648a9c803b152cd876a

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:29:55 GMT
server
cloudflare
etag
"135b-56c6881e1a2c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ff76c2d1-FRA
content-length
4955
cf-request-id
02c8ebd13b0000c2d1c51a7200000001
se_petrol_circlek.jpg
img17.com/pl/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/se_petrol_circlek.jpg
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d2ce1a4b42eca443bd77bf1cac8f27d8282ae6da6813a6877c2976dee7977e4

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:29:54 GMT
server
cloudflare
etag
"17ee-56c6881d26080"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ff7bc2d1-FRA
content-length
6126
cf-request-id
02c8ebd13c0000c2d1c51a8200000001
loader.gif
img17.com/pl/1/ 		764 B
973 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9555393dedd60498fb82368e50d7645eb5006562e10e016f01ec663e5f59e0cf

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
HIT
age
4802
cf-polished
origFmt=gif, origSize=1633
status
200
content-disposition
inline; filename="loader.webp"
content-length
764
cf-request-id
02c8ebd13c0000c2d1c51a9200000001
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810c0340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ff7dc2d1-FRA
cf-bgj
imgq:85,h2pri
2654_p1_3_se.png
img17.com/pl/1/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2654_p1_3_se.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4db79ed367c4e6cec9b2453fe81760610396275856fb1063eedb48e83c5392

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 18 May 2020 10:27:12 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=87002
status
200
content-disposition
inline; filename="2654_p1_3_se.webp"
content-length
58818
cf-request-id
02c8ebd13c0000c2d1c51aa200000001
last-modified
Thu, 17 May 2018 15:28:35 GMT
server
cloudflare
etag
"153da-56c687d1ceec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5954e261ff81c2d1-FRA
cf-bgj
imgq:85,h2pri
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2654&aff_id=1548&aff_sub=&aff_sub2=&tid=18618971&pl=12&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:400
Origin
https://se.12xlwin1.net

Response headers

date
Fri, 08 May 2020 19:19:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
832087
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 08 May 2021 19:19:05 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

2 Cookies

Domain/Path Name / Value
se.12xlwin1.net/ Name: PHPSESSID
Value: 8e6a41a8c34eb680791d2ec65e8cdb7e
.12xlwin1.net/ Name: __cfduid
Value: dd80fdc42f106a40162a569b4c6cfd2761589797631