urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin1.net Open in urlscan Pro
2606:4700:3033::681c:f26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wallpapersbox.eu/mail/link.php?M=63467&N=7&L=5&F=H
Effective URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&...
Submission: On February 11 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 9 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3033::681c:f26, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin1.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 16th 2019. Valid for: a year.
This is the only time se.12xlwin1.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.196.22.14 197890 (MEGASERVERS-)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
1 1 35.241.7.124 15169 (GOOGLE)
1 1 34.245.243.239 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
12 5
1    185.196.22.14 (United States)

ASN197890 (MEGASERVERS-, DE)
wallpapersbox.eu
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
1    35.241.7.124 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 124.7.241.35.bc.googleusercontent.com
trk.antrk10.tech
1    34.245.243.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-243-239.eu-west-1.compute.amazonaws.com
x.trc90.com
2    2606:4700:3033::681c:f26 (United States)

ASN13335 (CLOUDFLARENET, US)
se.12xlwin1.net
2    2606:4700:20::681a:205 (United States)

ASN13335 (CLOUDFLARENET, US)
img117.com
2    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
ajax.googleapis.com
5    2606:4700:20::681a:b50 (United States)

ASN13335 (CLOUDFLARENET, US)
img17.com
Apex Domain
Subdomains		 Transfer
5 img17.com
img17.com
222 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
33 KB
2 img117.com
img117.com
6 KB
2 12xlwin1.net
se.12xlwin1.net
4 KB
1 trc90.com
x.trc90.com
2 KB
1 antrk10.tech
trk.antrk10.tech
264 B
1 bit.ly
bit.ly
353 B
1 wallpapersbox.eu
wallpapersbox.eu
267 B
0 uzone.id Failed
cfs1.uzone.id Failed
12 9
Domain Requested by
5 img17.com se.12xlwin1.net
2 img117.com se.12xlwin1.net
2 se.12xlwin1.net
1 ajax.googleapis.com se.12xlwin1.net
1 fonts.googleapis.com se.12xlwin1.net
1 x.trc90.com 1 redirects
1 trk.antrk10.tech 1 redirects
1 bit.ly 1 redirects
1 wallpapersbox.eu 1 redirects
0 cfs1.uzone.id Failed se.12xlwin1.net
12 10

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-16 -
2020-09-15		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: C8F29C7966C0E696A766168E95C6E1C6
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

5
IPs

4
Countries

265 kB
Transfer

373 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wallpapersbox.eu/mail/link.php?M=63467&N=7&L=5&F=H HTTP 302
  • http://bit.ly/389l4fa HTTP 301
  • https://trk.antrk10.tech/t/MTYyOV8yNTY/ HTTP 302
  • http://x.trc90.com/aff_c?offer_id=1852&aff_id=1548&url_id=8067&pl=49&source=1629&aff_sub=5e41f92b68c4890457248d70 HTTP 302
  • https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=49

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
se.12xlwin1.net/
Redirect Chain
  • http://wallpapersbox.eu/mail/link.php?M=63467&N=7&L=5&F=H
  • http://bit.ly/389l4fa
  • https://trk.antrk10.tech/t/MTYyOV8yNTY/
  • http://x.trc90.com/aff_c?offer_id=1852&aff_id=1548&url_id=8067&pl=49&source=1629&aff_sub=5e41f92b68c4890457248d70
  • https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome...
0
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=49
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin1.net
:scheme
https
:path
/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=49
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 11 Feb 2020 00:45:31 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dbc690c473d77fee1df536a64513fd9c11581381931; expires=Thu, 12-Mar-20 00:45:31 GMT; path=/; domain=.12xlwin1.net; HttpOnly; SameSite=Lax PHPSESSID=920dce644063565348309a2be61d2764; path=/
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56324cf15decc2db-FRA
content-encoding
br

Redirect headers

Date
Tue, 11 Feb 2020 00:45:31 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
516
Connection
keep-alive
Server
nginx/1.13.12
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
1021e7944e353447852be2940c236d
Location
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=49
Set-Cookie
aff_ran_url_1852=8067; expires=Wed, 12 Feb 2020 00:45:31 GMT; path=/; SameSite=None; Secure enc_aff_session_1852=ENC031f92979b22447499209db57f074054ad9481a60dd38de3bc37eb7333abc5513aeacd3e1b532cac3e8fd823f02d5f88cea2892991286bc13cd801532f07d3c40d565c3494377b7f8c5f6969f6311fe76a3787fe952509eb106dbe4d3faaa1c1fe92b15209daa42cce931ffdb8a90f8cd7afdd0d87a8bfb84533712af2ba06e6eabef35aad1566e96bbc4407518c6ea14c728f8d7881cd1340b42b98da547d050d3b5550e1; expires=Wed, 11 Mar 2020 00:45:31 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3NC4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83NC4wLjM3MjkuMTY5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1VUyIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Thu, 05 Jan 2023 11:25:31 GMT; path=/; SameSite=None; Secure
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
7748807ec57819a5cdc9c86579aa2f64
Primary Request w0.php
se.12xlwin1.net/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
eac03b508958bf737fcbe8c77d52f83f821021f85d9246d8e0d50101cb515fc9

Request headers

:method
GET
:authority
se.12xlwin1.net
:scheme
https
:path
/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=49
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=dbc690c473d77fee1df536a64513fd9c11581381931; PHPSESSID=920dce644063565348309a2be61d2764
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
https://se.12xlwin1.net/gtrax.php?aff_id=1548&ct=2&v=2657&offer_id=1852&sub_source=1629&t1=1021e7944e353447852be2940c236d&t2=5e41f92b68c4890457248d70&t3=82.102.19.132-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=49

Response headers

status
200
date
Tue, 11 Feb 2020 00:45:32 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56324cf3181bc2db-FRA
content-encoding
br
gen.css
img117.com/SE/sverige/css/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img117.com/SE/sverige/css/gen.css
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78445f4581b94bab97d46df6204a95cc461c48c25fe60b10516c3b9c9243beef

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 27 Sep 2019 23:55:39 GMT
server
cloudflare
etag
W/"4ad5-593919f846d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-polished
origSize=19157
cf-ray
56324cf3bee30ebb-FRA
cf-bgj
minify
template26.css
img117.com/SE/sverige/css/ 		32 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img117.com/SE/sverige/css/template26.css
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6cc235db40f22b53882fea6fbfd16620cab9fffe651fe06c05ab876448cd2c

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 04 Aug 2019 05:36:16 GMT
server
cloudflare
etag
W/"8fbd-58f43f85ed886"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-polished
origSize=36797
cf-ray
56324cf3bee50ebb-FRA
cf-bgj
minify
css
fonts.googleapis.com/ 		2 KB
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5c9af7ba728ed18a351bc388654fbab98bdb8dcb93ce0ab911801c44a38e750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 11 Feb 2020 00:45:32 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 11 Feb 2020 00:45:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Tue, 11 Feb 2020 00:45:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 01 Feb 2020 03:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
852508
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 31 Jan 2021 03:57:04 GMT
2657_p1_2_se.png
img17.com/pl/1/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_p1_2_se.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5842de40ef9c8cac1020f5e3a61a36388de74ba024591ce384db11e3a765f4f6

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=54613
status
200
content-disposition
inline; filename="2657_p1_2_se.webp"
content-length
30774
last-modified
Thu, 17 May 2018 15:28:39 GMT
server
cloudflare
etag
"d555-56c687d6531b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56324cf3bfb097b4-FRA
cf-bgj
imgq:85
2657_p1_1_se.png
img17.com/pl/1/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_p1_1_se.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27ed1c0ee7fb93418e2d185843ac4df4956315b553e720086e88880a61257cf

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=44845
status
200
content-disposition
inline; filename="2657_p1_1_se.webp"
content-length
24440
last-modified
Thu, 17 May 2018 15:28:39 GMT
server
cloudflare
etag
"af2d-56c687d5c86f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56324cf3bfb297b4-FRA
cf-bgj
imgq:85
loader.gif
img17.com/pl/1/ 		764 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9555393dedd60498fb82368e50d7645eb5006562e10e016f01ec663e5f59e0cf

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
cf-cache-status
HIT
age
7191
cf-polished
origFmt=gif, origSize=1633
status
200
content-disposition
inline; filename="loader.webp"
content-length
764
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810f4ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56324cf40fde97b4-FRA
cf-bgj
imgq:85
2657_p1_3_se.png
img17.com/pl/1/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_p1_3_se.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f25f206665a2274be0d3facff15127062e0422e9b6096147175a7ddbc457c6bd

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=20607
status
200
content-disposition
inline; filename="2657_p1_3_se.webp"
content-length
11538
last-modified
Thu, 17 May 2018 15:28:40 GMT
server
cloudflare
etag
"507f-56c687d6d5b93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56324cf40fe297b4-FRA
cf-bgj
imgq:85
2657_bg.jpg
img17.com/pl/1/ 		155 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/2657_bg.jpg
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b9e2e22288dfa6712ee57f90991b86b9c7ee332307b8d3cc527c54aa4de23a

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2657&aff_id=1548&aff_sub=&aff_sub2=&tid=18101589&pl=49&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 11 Feb 2020 00:45:32 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=243333
status
200
content-disposition
inline; filename="2657_bg.webp"
content-length
158468
last-modified
Thu, 17 May 2018 15:28:38 GMT
server
cloudflare
etag
"3b685-56c687d583d4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56324cf4482b97b4-FRA
cf-bgj
imgq:85
request
cfs1.uzone.id/2fn7a2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cfs1.uzone.id
URL
https://cfs1.uzone.id/2fn7a2/request?id=1&enc=9UwkxLgY9%C2%B6ms=4TtHaUQnUEiP6K%2fc5C582CL4NjpNgssKwWWZcaKWbO%2fdUZ3uFm0YCcVlQiJsvimzxF235YnAaxIaU0bBIfdMxy%2fihfMaP9mcwwEYbNUmubG%2fwc03KXfANEel8qRg7kuIl761OyHJGEMyT9w82PpO2ZXV%2fod7rfpPy4egw3Llzn%2biYFDA1QVQrl0BZPAQo%2fPU0b0ZQ%2f1Er41Jkc0O4nbvMWr5rqq1YTbYfC2Ofsye3cmPS6fyfC20vptp5i9xg0EvPwLgjevQ6W%2fumDiuRI3srYI3pulYy5t9wymtFDTCPZ5VTjJRGLogzuj%2frHwSK1SWEs5Bose1w9MAN1dUFZGVn72OUDEE8CLuLrx32BynX1PhZpqRg2cUCKRr5NKRVrHEZHyoNzZmkFVCP2jGyWCXlJHyuBhW0FgNmQaoqbFlSl63KcLa8r6dwGOuIpq%2bExjSvZKkRJBPlcgqwZwDarXTp9Cc7NyJzmPngWDRzCF8O1V8cm5798ei0Xb4%2b0MctPtWP2YJeFAnS4wzA%2f6LhU44F88HzX2SwqCnPHO48I3W21L11rsDeYVplA%3d%3d&idc_r=88594130308&domain=se.12xlwin1.net&sw=1600&sh=1200

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| unhide function| hide function| toggle_display function| $ function| jQuery function| start_checker function| netbro_cache_analytics function| sync function| requestCfs

2 Cookies

Domain/Path Name / Value
se.12xlwin1.net/ Name: PHPSESSID
Value: 920dce644063565348309a2be61d2764
.12xlwin1.net/ Name: __cfduid
Value: dbc690c473d77fee1df536a64513fd9c11581381931