zincatetumpil.com - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 5 HTTP transactions. The main IP is 45.139.123.58, located in Ashburn, United States and belongs to ASN-QUADRANET-GLOBAL, US. The main domain is zincatetumpil.com.
TLS certificate: Issued by R3 on January 21st 2024. Valid for: 3 months.

This is the only time zincatetumpil.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	81.181.68.147 81.181.68.147	9009 (M247) (M247)
1	45.139.123.58 45.139.123.58	8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL)
2 2	79.133.41.53 79.133.41.53	() ()
1 1	52.210.26.68 52.210.26.68	() ()
1	2606:4700:303... 2606:4700:3032::ac43:a471	() ()
5	4

2 81.181.68.147 (London, United Kingdom)

ASN9009 (M247, RO)

dianalop.ddnsking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.123.58 (Ashburn, United States)

ASN8100 (ASN-QUADRANET-GLOBAL, US)

zincatetumpil.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.133.41.53 (None, ) 2 redirects

ASN- ()

6ecq0.firstnowload.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6ecq0.linkstoknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.26.68 (None, ) 1 redirects

ASN- ()

x.trc85.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:a471 (None, )

ASN- ()

uk.12xlwin12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ddnsking.com dianalop.ddnsking.com	1 KB
1	12xlwin12.com uk.12xlwin12.com	583 B
1	trc85.com 1 redirects x.trc85.com	2 KB
1	linkstoknow.com 1 redirects 6ecq0.linkstoknow.com	735 B
1	firstnowload.com 1 redirects 6ecq0.firstnowload.com	700 B
1	zincatetumpil.com zincatetumpil.com	405 B
5	6

	Domain	Requested by
2	dianalop.ddnsking.com	dianalop.ddnsking.com
1	uk.12xlwin12.com	zincatetumpil.com
1	x.trc85.com	1 redirects
1	6ecq0.linkstoknow.com	1 redirects
1	6ecq0.firstnowload.com	1 redirects
1	zincatetumpil.com	dianalop.ddnsking.com
5	6

This site contains no links.

Subject Issuer	Validity	Valid
zincatetumpil.com R3	`2024-01-21` - `2024-04-20`	3 months	crt.sh
12xlwin12.com E1	`2024-03-10` - `2024-06-08`	3 months	crt.sh

This page contains 1 frames:

Frame: https://uk.12xlwin12.com/index.php?v=5001
Frame ID: B6909FCD1C49A24A01B181B44093811D
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://dianalop.ddnsking.com/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Page URL
http://dianalop.ddnsking.com/t/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Page URL
https://zincatetumpil.com/0/0/0/6a7bb545645c354e5cde099ac2548898/14/1432-10765/2362-13-104 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

40 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

2 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dianalop.ddnsking.com/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Page URL
http://dianalop.ddnsking.com/t/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Page URL
https://zincatetumpil.com/0/0/0/6a7bb545645c354e5cde099ac2548898/14/1432-10765/2362-13-104 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://6ecq0.firstnowload.com/?kw=31&s2=1154358212 HTTP 302
https://6ecq0.linkstoknow.com/o/STA3HVVJ/652886d8-dfed-11ee-90d9-9df3dbadbd8c/6532a97e-dfed-11ee-a487-59e6aba25e96 HTTP 302
http://x.trc85.com/aff_c?offer_id=4333&aff_id=1161&url_id=12142&aff_sub=6588c502-dfed-11ee-8436-4fc605160203&source=77403&aff_sub3=ed0c6c9ca60&pl=1& HTTP 302
https://uk.12xlwin12.com/gtrax.php?ct=1&v=5001&aff_id=1161&offer_id=4333&sub_source=77403&t1=102fe28690994b45b6e8731b669998&t2=6588c502-dfed-11ee-8436-4fc605160203&t3=194.74.212.110&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=1

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	104L14 Show response dianalop.ddnsking.com/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/	458 B 712 B	101ms 87ms	Document text/html	81.181.68.147 M247
General Check archive.org Show headers Download Go to Full URL http://dianalop.ddnsking.com/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Protocol HTTP/1.1 Server 81.181.68.147 London, United Kingdom, ASN9009 (M247, RO), Reverse DNS Software / Resource Hash `0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Content-Length 458 Content-Type text/html; charset=utf-8 Date Mon, 11 Mar 2024 21:21:55 GMT X-Address gin_throttle_mw_7200000000_194.74.212.110 X-Ratelimit-Limit 500 X-Ratelimit-Remaining 444 X-Ratelimit-Reset 1710195298
GET H/1.1	200 OK	104L14 Show response dianalop.ddnsking.com/t/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/	306 B 560 B	95ms 95ms	Document text/html	81.181.68.147 M247
General Check archive.org Show headers Download Go to Full URL http://dianalop.ddnsking.com/t/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Requested by Host: dianalop.ddnsking.com URL: http://dianalop.ddnsking.com/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Protocol HTTP/1.1 Server 81.181.68.147 London, United Kingdom, ASN9009 (M247, RO), Reverse DNS Software / Resource Hash `fa2769c8bc3345c1487f16c53ba32e09ccf7c1bb43b9d887163b0ad08118290d` Request headers Referer http://dianalop.ddnsking.com/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Content-Length 306 Content-Type text/html; charset=utf-8 Date Mon, 11 Mar 2024 21:21:56 GMT X-Address gin_throttle_mw_7200000000_194.74.212.110 X-Ratelimit-Limit 500 X-Ratelimit-Remaining 443 X-Ratelimit-Reset 1710195298
GET H/1.1	200 OK	Primary Request 2362-13-104 zincatetumpil.com/0/0/0/6a7bb545645c354e5cde099ac2548898/14/1432-10765/	114 B 405 B	1034ms 491ms	Document text/html	45.139.123.58 ASN-QUADRANET-GLOBAL
General Check archive.org Show headers Download Go to Full URL https://zincatetumpil.com/0/0/0/6a7bb545645c354e5cde099ac2548898/14/1432-10765/2362-13-104 Requested by Host: dianalop.ddnsking.com URL: http://dianalop.ddnsking.com/t/4xQcjf10765uYug1432jfheeocupy2362EYGMHXLEMGDNFIS13/104L14 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 45.139.123.58 Ashburn, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US), Reverse DNS Software Apache / Resource Hash Request headers Referer http://dianalop.ddnsking.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-length 114 content-type text/html; charset=UTF-8 date Mon, 11 Mar 2024 21:21:58 GMT server Apache
GET H2	200	gtrax.php Show response uk.12xlwin12.com/ Redirect Chain https://6ecq0.firstnowload.com/?kw=31&s2=1154358212 https://6ecq0.linkstoknow.com/o/STA3HVVJ/652886d8-dfed-11ee-90d9-9df3dbadbd8c/6532a97e-dfed-11ee-a487-59e6aba25e96 http://x.trc85.com/aff_c?offer_id=4333&aff_id=1161&url_id=12142&aff_sub=6588c502-dfed-11ee-8436-4fc605160203&source=77403&aff_sub3=ed0c6c9ca60&pl=1& https://uk.12xlwin12.com/gtrax.php?ct=1&v=5001&aff_id=1161&offer_id=4333&sub_source=77403&t1=102fe28690994b45b6e8731b669998&t2=6588c502-dfed-11ee-8436-4fc605160203&t3=194.74.212.110&udc=Desktop--Go...	0 583 B	208ms 104ms	Document text/html	2606:4700:3032::ac43:a471
General Check archive.org Show headers Download Go to Full URL https://uk.12xlwin12.com/gtrax.php?ct=1&v=5001&aff_id=1161&offer_id=4333&sub_source=77403&t1=102fe28690994b45b6e8731b669998&t2=6588c502-dfed-11ee-8436-4fc605160203&t3=194.74.212.110&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=1 Requested by Host: zincatetumpil.com URL: https://zincatetumpil.com/0/0/0/6a7bb545645c354e5cde099ac2548898/14/1432-10765/2362-13-104 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:a471 -, , ASN (), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://zincatetumpil.com/0/0/0/6a7bb545645c354e5cde099ac2548898/14/1432-10765/2362-13-104 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 862e98ef9edbdcab-LHR content-encoding br content-type text/html; charset=utf-8 date Mon, 11 Mar 2024 21:22:00 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache refresh 0.2;url=index.php?v=5001 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Fa1cghNvi8y6mm6OkUzJHoojEUcpWtTOg%2BduLSnNxLke05ddZXNt%2FCi%2B5FyqOc0e1T%2BNvGocypJUwF6DMiswkJ84iuoWMboDFMtHRDHq7PbEK4mLBZOql2gHukl3zQmufv4eD2WZqKy78yGoyR2"}],"group":"cf-nel","max_age":604800} server cloudflare x-cache-status BYPASS Redirect headers Access-Control-Allow-Headers Tune-SDK-Version Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 527 Content-Type text/html; charset=iso-8859-1 Date Mon, 11 Mar 2024 21:22:00 GMT Expires Sat, 26 Jul 1997 05:00:00 GMT Location https://uk.12xlwin12.com/gtrax.php?ct=1&v=5001&aff_id=1161&offer_id=4333&sub_source=77403&t1=102fe28690994b45b6e8731b669998&t2=6588c502-dfed-11ee-8436-4fc605160203&t3=194.74.212.110&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=1 P3p CP="NOI CUR OUR NOR INT" Pragma no-cache Server nginx Tracking_id 102fe28690994b45b6e8731b669998 X-Request-Id 7a48a0878958f188b93f100718e9f98e X-Robots-Tag noindex, nofollow
GET		index.php uk.12xlwin12.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: uk.12xlwin12.com
URL: https://uk.12xlwin12.com/index.php?v=5001

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			zincatetumpil.com/	1970-01-20 19:46:24	Name: uid31 Value: 1154358212-20240311172158-51cd74691425c8c2de45052cead6d772-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6ecq0.firstnowload.com
6ecq0.linkstoknow.com
dianalop.ddnsking.com
uk.12xlwin12.com
x.trc85.com
zincatetumpil.com
uk.12xlwin12.com
2606:4700:3032::ac43:a471
45.139.123.58
52.210.26.68
79.133.41.53
81.181.68.147
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa2769c8bc3345c1487f16c53ba32e09ccf7c1bb43b9d887163b0ad08118290d

zincatetumpil.com Open in urlscan Pro 45.139.123.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

40 %HTTPS

20 %IPv6

6 Domains

6 Subdomains

4 IPs

2 Countries

2 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

zincatetumpil.com Open in urlscan Pro
45.139.123.58 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

40 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

2 kB
Transfer

1 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions