urlscan.io logo urlscan.io
SecurityTrails logo

ca.12xlwin8.net Open in urlscan Pro
172.67.135.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trckfollowme.com/click.php?key=i089bmk9trbffdqxa9hx&clickid=GFk4w4MBaJ2pG3C_tj7oAcr-L4AC3IqhwrDYku0B&cost=0.0000&...
Effective URL: https://ca.12xlwin8.net/index.php?v=5034
Submission: On July 31 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 10 domains to perform 14 HTTP transactions. The main IP is 172.67.135.23, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca.12xlwin8.net.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time ca.12xlwin8.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 116.202.12.61 24940 (HETZNER-AS)
1 1 46.4.172.148 24940 (HETZNER-AS)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 172.67.179.203 13335 (CLOUDFLAR...)
1 1 172.67.177.35 13335 (CLOUDFLAR...)
1 1 34.239.206.72 14618 (AMAZON-AES)
10 172.67.135.23 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 152.199.4.33 15133 (EDGECAST)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
14 5
1    116.202.12.61 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: binom.cloud
trckfollowme.com
1    46.4.172.148 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.148.172.4.46.clients.your-server.de
nastobad.com
1    2606:4700:3033::6815:1c56 (United States)

ASN13335 (CLOUDFLARENET, US)
sctrk.zsylo.com
1    172.67.179.203 (United States)

ASN13335 (CLOUDFLARENET, US)
sctrk2.bytefixgq.com
1    172.67.177.35 (United States)

ASN13335 (CLOUDFLARENET, US)
trk.bhjkf.com
1    34.239.206.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-206-72.compute-1.amazonaws.com
x.trc85.com
10    172.67.135.23 (United States)

ASN13335 (CLOUDFLARENET, US)
ca.12xlwin8.net
inc-ca.12xlwin8.net
1    2607:f8b0:400d:c0d::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    152.199.4.33 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
1    2607:f8b0:400d:c0f::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 12xlwin8.net
ca.12xlwin8.net
inc-ca.12xlwin8.net
536 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
34 KB
1 gstatic.com
fonts.gstatic.com
29 KB
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 5661
8 KB
1 trc85.com
x.trc85.com
2 KB
1 bhjkf.com
trk.bhjkf.com
1013 B
1 bytefixgq.com
sctrk2.bytefixgq.com
766 B
1 zsylo.com
sctrk.zsylo.com
756 B
1 nastobad.com
nastobad.com
489 B
1 trckfollowme.com
trckfollowme.com — Cisco Umbrella Rank: 941546
380 B
14 10
Domain Requested by
5 inc-ca.12xlwin8.net ca.12xlwin8.net
5 ca.12xlwin8.net ca.12xlwin8.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ca.12xlwin8.net
1 ajax.aspnetcdn.com ca.12xlwin8.net
1 ajax.googleapis.com ca.12xlwin8.net
1 x.trc85.com 1 redirects
1 trk.bhjkf.com 1 redirects
1 sctrk2.bytefixgq.com 1 redirects
1 sctrk.zsylo.com 1 redirects
1 nastobad.com 1 redirects
1 trckfollowme.com 1 redirects
14 12

This site contains no links.

Subject Issuer Validity Valid
12xlwin8.net
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ca.12xlwin8.net/index.php?v=5034
Frame ID: 643332877C816F61012293923F424B8C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Costco

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

5
IPs

2
Countries

608 kB
Transfer

737 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://trckfollowme.com/click.php?key=i089bmk9trbffdqxa9hx&clickid=GFk4w4MBaJ2pG3C_tj7oAcr-L4AC3IqhwrDYku0B&cost=0.0000&zoneid=786250&device=desktop&useragent=Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML HTTP 302
  • https://nastobad.com/s?k=cdcfc65765dfac27&click_id=4d5c3e2ghlpe2dzc55&source_id=786250 HTTP 302
  • https://sctrk.zsylo.com/451dc331-ed80-0a43-875a-5e4eb5f0f358/?transaction_id=9040b0f0b3b556eab30e0809&offer_id=7941&aff_id=717&aff_sub=&msisdn={mobile}&email={email} HTTP 301
  • https://sctrk2.bytefixgq.com/7a9883d6-ccce-38a2-408e-9e906955313a?fb=yes&src=amz_km_ca_a1_sh367_pp_adr2&transaction_id=9040b0f0b3b556eab30e0809&offer_id=7941&aff_id=717&aff_sub=&sl1=ed9f0c4e-36f8-c041-e43f-ca1b2ab950f1&sl2=D4CN3ztX&sl3=B3L5lqJd&sl4=t5Ys2AiG&stp= HTTP 301
  • https://trk.bhjkf.com/282d8e40-51e8-44da-aa74-872711413aa4?fb=yes&src=amz_km_ca_a1_sh367_pp_adr2&transaction_id=9040b0f0b3b556eab30e0809&offer_id=7941&aff_id=717&aff_sub=&sl1=dd296428-8c2c-34b7-cc6d-482a7c5816ff&sl2=xyyyysJY&sl3=KaBxINFO&sl4=t5Ys2AiG&stp= HTTP 302
  • http://x.trc85.com/aff_c?offer_id=3498&aff_id=3172&url_id=12754&source=&aff_sub=w4ab26noluls834334vsjcbe HTTP 307
  • https://x.trc85.com/aff_c?offer_id=3498&aff_id=3172&url_id=12754&source=&aff_sub=w4ab26noluls834334vsjcbe HTTP 302
  • https://ca.12xlwin8.net/gtrax.php?ct=1&v=5034&aff_id=3172&offer_id=3498&sub_source=&t1=102fc7f2150cdd3b4b792f7d8ab9d9&t2=w4ab26noluls834334vsjcbe&t3=167.114.209.103&t4=&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl={pl}

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
gtrax.php
ca.12xlwin8.net/
Redirect Chain
  • https://trckfollowme.com/click.php?key=i089bmk9trbffdqxa9hx&clickid=GFk4w4MBaJ2pG3C_tj7oAcr-L4AC3IqhwrDYku0B&cost=0.0000&zoneid=786250&device=desktop&useragent=Mozilla/5.0+(Macintosh;+Intel+Mac+OS+...
  • https://nastobad.com/s?k=cdcfc65765dfac27&click_id=4d5c3e2ghlpe2dzc55&source_id=786250
  • https://sctrk.zsylo.com/451dc331-ed80-0a43-875a-5e4eb5f0f358/?transaction_id=9040b0f0b3b556eab30e0809&offer_id=7941&aff_id=717&aff_sub=&msisdn={mobile}&email={email}
  • https://sctrk2.bytefixgq.com/7a9883d6-ccce-38a2-408e-9e906955313a?fb=yes&src=amz_km_ca_a1_sh367_pp_adr2&transaction_id=9040b0f0b3b556eab30e0809&offer_id=7941&aff_id=717&aff_sub=&sl1=ed9f0c4e-36f8-c...
  • https://trk.bhjkf.com/282d8e40-51e8-44da-aa74-872711413aa4?fb=yes&src=amz_km_ca_a1_sh367_pp_adr2&transaction_id=9040b0f0b3b556eab30e0809&offer_id=7941&aff_id=717&aff_sub=&sl1=dd296428-8c2c-34b7-cc6...
  • http://x.trc85.com/aff_c?offer_id=3498&aff_id=3172&url_id=12754&source=&aff_sub=w4ab26noluls834334vsjcbe
  • https://x.trc85.com/aff_c?offer_id=3498&aff_id=3172&url_id=12754&source=&aff_sub=w4ab26noluls834334vsjcbe
  • https://ca.12xlwin8.net/gtrax.php?ct=1&v=5034&aff_id=3172&offer_id=3498&sub_source=&t1=102fc7f2150cdd3b4b792f7d8ab9d9&t2=w4ab26noluls834334vsjcbe&t3=167.114.209.103&t4=&udc=Desktop--Google--Chrome-...
0
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ca.12xlwin8.net/gtrax.php?ct=1&v=5034&aff_id=3172&offer_id=3498&sub_source=&t1=102fc7f2150cdd3b4b792f7d8ab9d9&t2=w4ab26noluls834334vsjcbe&t3=167.114.209.103&t4=&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl={pl}
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8abd4c30ebed38e1-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 31 Jul 2024 11:37:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
refresh
0.2;url=index.php?v=5034
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q9nUf13MU%2BfLewL1ziC8fN%2Fdo9BbBM329ytcqG2hIFJTs%2FqhMXewzWSQN8CFAV90ldRq4Lb5udABxch2LbXo1%2FI0zmMKcvZdu0Z9hYrRScXJr3nwHK4wsZJq72uXcc5DpuQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cache-status
MISS

Redirect headers

Accept-CH
Sec-CH-UA-Model, Sec-CH-DPR, DPR
Access-Control-Allow-Headers
Tune-SDK-Version
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
521
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 31 Jul 2024 11:37:38 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://ca.12xlwin8.net/gtrax.php?ct=1&v=5034&aff_id=3172&offer_id=3498&sub_source=&t1=102fc7f2150cdd3b4b792f7d8ab9d9&t2=w4ab26noluls834334vsjcbe&t3=167.114.209.103&t4=&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl={pl}
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Server
nginx
Tracking_id
102fc7f2150cdd3b4b792f7d8ab9d9
X-Request-Id
1bb40335300cfd4714250001aac7f502
Primary Request index.php
ca.12xlwin8.net/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c416c07633987fe910c91ff632c45e0e2366afde556b74713c236b2f51cd130

Request headers

Referer
https://ca.12xlwin8.net/gtrax.php?ct=1&v=5034&aff_id=3172&offer_id=3498&sub_source=&t1=102fc7f2150cdd3b4b792f7d8ab9d9&t2=w4ab26noluls834334vsjcbe&t3=167.114.209.103&t4=&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl={pl}
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8abd4c34de6938e1-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 31 Jul 2024 11:37:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZF3gJLyar8s4Yn3EVDHlKvwltr2i%2BxdJ2lbC5A70PnTGu7tW3E0MDjX2PQxjlg%2FE29v5%2F9KX2lNZ5bUlNb0o0tC2WFCvrdVujSlRwj5xPCo5qePhIJ3UisEUZNw9Qs5bWGk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
MISS
favicon.ico
ca.12xlwin8.net/ 		196 B
600 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ca.12xlwin8.net/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ca.12xlwin8.net/gtrax.php?ct=1&v=5034&aff_id=3172&offer_id=3498&sub_source=&t1=102fc7f2150cdd3b4b792f7d8ab9d9&t2=w4ab26noluls834334vsjcbe&t3=167.114.209.103&t4=&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl={pl}
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
95
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4eIbKdwm6jr23d%2B9CTWfZQ67S0BpRbkLn%2F1%2FNAf7JIFu8HIvykL%2BNPGLaAQOo0Hp%2BryJzSqHOJPFjUVGF47Z3ImPnperWVIgKBXXv9Q3JJoadlNbI%2BMI596Fexii77mbmg4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8abd4c34de6838e1-YYZ
alt-svc
h3=":443"; ma=86400
gen.css
ca.12xlwin8.net/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.12xlwin8.net/css/gen.css?5
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e096459890ee866f93a796e37e4137330fb79680c2cb4366eccf347387284f2

Request headers

Referer
https://ca.12xlwin8.net/index.php?v=5034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 26 Jul 2023 15:09:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6019
etag
W/"4b4a-601653c6e00d7"
x-cache-status
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=joZKmTSvcK17yMY%2BnN3jRe6yFuMZWaF32hG8OqRE8Bo5mIPGXnmDETlFKPNOWZBsaKxGH7PT2sy5aYlTFJvwmuwdqZuX6wMREzl7OKacL78ZAghyqO19ysSTt9BqYNleZ3M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8abd4c35ff2438e1-YYZ
alt-svc
h3=":443"; ma=86400
template50.css
ca.12xlwin8.net/css/ 		36 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.12xlwin8.net/css/template50.css
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5b698dcfec204c9d774b76e517b25edf465b982830e50508481cd1e4594dac4

Request headers

Referer
https://ca.12xlwin8.net/index.php?v=5034
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 18 Jul 2021 18:55:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6019
etag
W/"9122-5c76a5c5f0d76"
x-cache-status
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FpWblOLQKDgTwkqyR073bh3pQqsFckNzEmbEv3pM79AlRahy1rvKzSPYTC5%2FVeMlpOUHatp2TAtIfrGfmIqu5AU7F1YNpQld%2BoHySlidZbqp%2B%2B9EiyFOkY%2ByJt7G%2FEDhX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8abd4c35ff2638e1-YYZ
alt-svc
h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Jul 2025 02:08:14 GMT
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.10.0/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.10.0/jquery.validate.min.js
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.4.33 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyd/D14C) /
Resource Hash
cde0578486717bb6f75c3a33376116b77677619475c38b5904258e5b118e8436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2568879
x-cache
HIT
content-length
8058
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:27 GMT
server
ECAcc (nyd/D14C)
etag
"75f84c70d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		2 KB
955 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25461c9daecd2982601519df8b20983f941da8fb33e63b489f8b468369cfd870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 31 Jul 2024 11:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 31 Jul 2024 11:11:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 31 Jul 2024 11:37:39 GMT
CA_5034_IMG_P1_4_COSTCO_CA.png
inc-ca.12xlwin8.net/images2/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-ca.12xlwin8.net/images2/CA_5034_IMG_P1_4_COSTCO_CA.png
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9d642e84bc12e2e23178951712e4e96be430987542fe251add4b6ca81951bf3

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4707
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
95969
last-modified
Fri, 02 Jun 2023 03:05:54 GMT
server
cloudflare
etag
"176e1-5fd1cd4d0357f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUrbATC5CsPaYPn0X9gbrAfxqqDHWADU5WPNVi4unE5Qt3%2F6OAWNBoVjWylbLJqO4eqk4gbb9FjfMbAY72elsHXzW0%2BzpNjGmXNvr%2FYJ%2F1OMj5YBu6jN2O0MayZ4czOAmZEBAFLr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8abd4c36af9c38e1-YYZ
CA_5034_IMG_P1_5_COSTCO_CA.png
inc-ca.12xlwin8.net/images2/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-ca.12xlwin8.net/images2/CA_5034_IMG_P1_5_COSTCO_CA.png
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98989421be69558bdad8096c25f508eec9b745fb9f9c23e633054e713aefe8e

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4707
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
28970
last-modified
Fri, 02 Jun 2023 03:05:54 GMT
server
cloudflare
etag
"712a-5fd1cd4d0357f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXvMT%2FpZ1yzMxV%2BkSDJ3RPwFn5hKONZIWB9InIKrKTElZ7b4lN4QS9TJcq1CH00z3phL5iFkZ1Am0zsIC2gEQgn4DJW7FCaqfUnoEck0FNY8aXFlxvHifA7YJtDeH4aI6Sa8gDoR"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8abd4c36af9d38e1-YYZ
CA_5034_IMG_P1_6_COSTCO_CA.png
inc-ca.12xlwin8.net/images2/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-ca.12xlwin8.net/images2/CA_5034_IMG_P1_6_COSTCO_CA.png
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb365de257406c58ce3112f04f21f3d1bb0ee6f038c0d7ba66f3e24445e7f9ca

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4706
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
223810
last-modified
Fri, 02 Jun 2023 03:05:54 GMT
server
cloudflare
etag
"36a42-5fd1cd4d03967"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4xvBXZjLgcz1VceqrN1gx6RYNjC511JcnkVavBCWJIspYJdygJfBOLN4xI%2Bc%2B9DwVLPA7s%2BAeawiEw718Qkz2ZO8yAphmzo7JekYnsqPfWzj4WMlIYxhoaGUJNJAZ4VVnEl0ICIQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8abd4c370ff038e1-YYZ
CA_5034_BODY_BACKGROUND_IMAGE_COSTCO_CA.jpg
inc-ca.12xlwin8.net/images2/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inc-ca.12xlwin8.net/images2/CA_5034_BODY_BACKGROUND_IMAGE_COSTCO_CA.jpg
Requested by
Host: ca.12xlwin8.net
URL: https://ca.12xlwin8.net/index.php?v=5034
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37134e467c044d66650008860134ed1ffe56ccff1ba11dc385d798b7c9ed6e0d

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4706
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
183319
last-modified
Fri, 02 Jun 2023 03:05:54 GMT
server
cloudflare
etag
"2cc17-5fd1cd4d0357f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3N1CakG2hRILRzB449k3WM5WBPSmjjLayM63da2zRpKIcvpi6TXshT896U7x4cx4nCf0Qnq6b9nFcEZg8pZ2%2FBHIKcc7FkrPC820RqL8q%2BTcFFISekxFYDo0xceCRzAjUSgTNWjF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8abd4c370ff738e1-YYZ
u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
fonts.gstatic.com/s/ubuntucondensed/v16/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntucondensed/v16/u-4k0rCzjgs5J7oXnJcM_0kACGMtT-Dfqw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b1adc37a16294b5127dc6e84c9fc36e1f50bac718dcfe35f60f466fdf692bbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ca.12xlwin8.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 02:05:41 GMT
x-content-type-options
nosniff
age
552718
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29252
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:46:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 25 Jul 2025 02:05:41 GMT
favicon.ico
inc-ca.12xlwin8.net/images/ 		198 B
541 B 		Other
General
Check archive.org
Download Go to
Full URL
https://inc-ca.12xlwin8.net/images/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

Request headers

Referer
https://ca.12xlwin8.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 31 Jul 2024 11:37:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Jul 2021 18:44:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2111
etag
W/"c6-5c76a37747a5a"
x-cache-status
MISS
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B54pdHdmEeTmzojuO3x%2BoFsnM3ykzZ0cSdIhM60nwdAqRzhCJdCd7OJTSpXhv9E%2FFi%2FqY248wQRBLVBqtk%2Bj7VCyU2gGp4XU3L%2Bd0Hng2rI1cXKwT3k%2FFTipDhyVEPzKCN5PEOEw"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8abd4c38b92b38e1-YYZ
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| unhide function| hide function| toggle_display function| $ function| jQuery function| open_affiliate_div function| close_affiliate_div

11 Cookies

Domain/Path Name / Value
trckfollowme.com/ Name: uclick
Value: e2ghlpe2dz
trckfollowme.com/ Name: uclickhash
Value: e2ghlpe2dz-e2ghlpe2dz-16a0-0-lpj2-ciu33y-ikqe-72352f
nastobad.com/ Name: aff_tds_id
Value: 6000c2a9d40899fd2b065bf8a4f2a1b8f44c47f69aa24ae56bb8fe0c61a0977aa%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22aff_tds_id%22%3Bi%3A1%3Bs%3A16%3A%228c518edfc689fcdb%22%3B%7D
sctrk.zsylo.com/ Name: PHPSESSID
Value: t699d09lsu01o1qf6ub434c271
sctrk2.bytefixgq.com/ Name: PHPSESSID
Value: hhdbtg4ndb5rumo0e5r9be6n83
.trk.bhjkf.com/ Name: 282d8e40-51e8-44da-aa74-872711413aa4-v4
Value: nQrXtarbKU-HyM6H4ShRekLoBI0QEC92WWqkqCRfENM
.trk.bhjkf.com/ Name: voluum-cid-v4
Value: %7B%22cid%22%3A%22w4ab26noluls834334vsjcbe%22%2C%22caid%22%3A%22282d8e40-51e8-44da-aa74-872711413aa4%22%7D
x.trc85.com/ Name: aff_ran_url_3498
Value: 12754
x.trc85.com/ Name: enc_aff_session_3498
Value: ENC034952971e67e3b181acbbf46076413e49bd7f339eddbc2b21317dc5604f3eefd33bb1b797ebe1a8bc2f936739443eb403e4ca7ca8e55ab1bf46801689a7665ab10287fa2a544303a824806a52c4e2044eccc599a5acbd86be6bfe2eb949143818d4e2ca972ebe7f8eaf9f3ceb342ca04016f4cc4bd534c91d52517a0893a0f5c1e0feccf431b34af47c70b026053dce182fcbe9b0da7a7f32ca7d69890e64ebc909193109
x.trc85.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjciLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFgxMTsgTGludXggWDg2XzY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBMaWtlIEdlY2tvKSBDaHJvbWUvMTI3LjAuMC4wIFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJlbi1DQSxlbjtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
ca.12xlwin8.net/ Name: PHPSESSID
Value: 6rbfpj2lp1ic0je3m4jv34tncc

1 Console Messages

Source Level URL
Text
network error URL: https://ca.12xlwin8.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()