urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin1.net Open in urlscan Pro
2606:4700:3033::681c:f26  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNjb2RlZGUuY29tPg==&ref...
Effective URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=...
Submission: On January 27 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3033::681c:f26, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin1.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 16th 2019. Valid for: a year.
This is the only time se.12xlwin1.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.237.146.183 63949 (LINODE-AP...)
1 1 52.51.177.32 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 5
1    2606:4700:3031::681f:4fe0 (United States)

ASN13335 (CLOUDFLARENET, US)
dede.bonuscodede.com
1    104.237.146.183 (Newark, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li834-183.members.linode.com
www.junkani.com
1    52.51.177.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-177-32.eu-west-1.compute.amazonaws.com
x.trc81.com
2    2606:4700:3033::681c:f26 (United States)

ASN13335 (CLOUDFLARENET, US)
se.12xlwin1.net
1    2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700:20::681a:a50 (United States)

ASN13335 (CLOUDFLARENET, US)
img17.com
1    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Domain Requested by
6 img17.com se.12xlwin1.net
2 se.12xlwin1.net www.junkani.com
1 ajax.googleapis.com se.12xlwin1.net
1 fonts.googleapis.com se.12xlwin1.net
1 x.trc81.com 1 redirects
1 www.junkani.com
1 dede.bonuscodede.com 1 redirects
11 7

This site contains no links.

Subject Issuer Validity Valid
www.junkani.com
Let's Encrypt Authority X3		 2020-01-06 -
2020-04-05		 3 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-09-16 -
2020-09-15		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 772809970B24F99C3E8E3FE7A56C8897
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNj... HTTP 302
    https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311 Page URL
  2. https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

11
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

220 kB
Transfer

289 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNjb2RlZGUuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTg4JnB1Yj0zRDY3MDAxMCZjaWQ9M0QxMzEx&e=1 HTTP 302
    https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311 Page URL
  2. https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNjb2RlZGUuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTg4JnB1Yj0zRDY3MDAxMCZjaWQ9M0QxMzEx&e=1 HTTP 302
  • https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311
Request Chain 1
  • http://x.trc81.com/aff_c?offer_id=564&aff_id=2821&url_id=6594&pl=185&source=670010&aff_sub=732740766&aff_sub2= HTTP 302
  • https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set r.php
www.junkani.com/rd/
Redirect Chain
  • http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNjb2RlZGUuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTg4JnB1Yj0zRDY3MDAx...
  • https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311
173 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.237.146.183 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li834-183.members.linode.com
Software
Apache /
Resource Hash
b16df98265b45569a05b7e50aba48e3bdc9abddcac46071305d8c5554bd982c6

Request headers

Host
www.junkani.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 27 Jan 2020 22:48:02 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
173
Server
Apache
Set-Cookie
uid588=732740766-20200127224802-32e50e854725430dd181930ad09e6756-; expires=Wed, 26-Feb-2020 22:48:02 GMT; Max-Age=2592000; path=/; domain=junkani.com

Redirect headers

Date
Mon, 27 Jan 2020 22:48:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d3ffbcd4daebf73a141855c20bab295341580165281; expires=Wed, 26-Feb-20 22:48:01 GMT; path=/; domain=.bonuscodede.com; HttpOnly; SameSite=Lax PHPSESSID=htn09dllhi3cv5mg4suc4mvnt7; path=/
X-Powered-By
PHP/5.6.40
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Location
https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
55be45927f6e6497-FRA
gtrax.php
se.12xlwin1.net/
Redirect Chain
  • http://x.trc81.com/aff_c?offer_id=564&aff_id=2821&url_id=6594&pl=185&source=670010&aff_sub=732740766&aff_sub2=
  • https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={...
0
547 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
Requested by
Host: www.junkani.com
URL: https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin1.net
:scheme
https
:path
/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Mon, 27 Jan 2020 22:48:02 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d22cf1cf2b4babd3c3b863790c49d1ef61580165282; expires=Wed, 26-Feb-20 22:48:02 GMT; path=/; domain=.12xlwin1.net; HttpOnly; SameSite=Lax PHPSESSID=b84a13603c46f9ce5ff2db06ca8d5eb4; path=/
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55be45987d4cc2f9-FRA
content-encoding
br

Redirect headers

Date
Mon, 27 Jan 2020 22:48:02 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
503
Connection
keep-alive
Server
nginx/1.13.12
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
tracking_id
1028c5776d2907f7dcc5a575adb86a
Location
https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
Set-Cookie
aff_ran_url_564=6594; expires=Tue, 28 Jan 2020 22:48:02 GMT; path=/; enc_aff_session_564=ENC03ef3f5ea4a5f091d1d251da4d4babcd53036bac96dd6aed75f56381118c36ca8b88cb62608730ec77daa8445e6ee0db29ee00bcd3c70ff06c710eca49493a6f091540a37b959ede63c28f6bd35b083402f7a51cdad267b8113afd85c20e5d52981ae574be432c8404c89049b37ecf870abb61ab1e9f8a673b616642c203e7cb152b01e1f0; expires=Thu, 27 Feb 2020 22:48:02 GMT; path=/; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83OS4wLjM5NDUuODggU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Thu, 22 Dec 2022 09:28:02 GMT; path=/;
P3P
CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin
*
X-Request-Id
778ce95b2d1badb6b2fab441f2c00a7e
Primary Request w0.php
se.12xlwin1.net/ 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.10
Resource Hash
580176c19fe37b3bb0534d56ee0fb02d21754217e6313683079ab1094f768fa1

Request headers

:method
GET
:authority
se.12xlwin1.net
:scheme
https
:path
/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
sec-fetch-mode
navigate
referer
https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
accept-encoding
gzip, deflate, br
cookie
__cfduid=d22cf1cf2b4babd3c3b863790c49d1ef61580165282; PHPSESSID=b84a13603c46f9ce5ff2db06ca8d5eb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185

Response headers

status
200
date
Mon, 27 Jan 2020 22:48:02 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.3.10
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55be459a5963c2f9-FRA
content-encoding
br
css
fonts.googleapis.com/ 		2 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5c9af7ba728ed18a351bc388654fbab98bdb8dcb93ce0ab911801c44a38e750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 27 Jan 2020 22:48:03 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 27 Jan 2020 22:48:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 27 Jan 2020 22:48:03 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
825 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 22:48:03 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688710aa7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-polished
origSize=3413
cf-ray
55be459b5f4ad6e9-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 06:30:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404238
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
33593
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jan 2021 06:30:45 GMT
p1_2_lindex.png
img17.com/pl/1/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_2_lindex.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09d928ab6b14120e07918e7bb3c3b7c41b1794ca15bf001f17d05e2c913ef3b6

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 22:48:03 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=27363
status
200
content-disposition
inline; filename="p1_2_lindex.webp"
content-length
9684
last-modified
Wed, 06 Mar 2019 10:26:37 GMT
server
cloudflare
etag
"6ae3-5836a6cb596d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55be459b5f4dd6e9-FRA
cf-bgj
imgq:85
p1_1_lindex.png
img17.com/pl/1/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_1_lindex.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17c8ab345ee766678a91b16ee410e11cb5b2d46d445abbe39c5e20cb9681cfd

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 22:48:03 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=42404
status
200
content-disposition
inline; filename="p1_1_lindex.webp"
content-length
23154
last-modified
Wed, 06 Mar 2019 10:26:39 GMT
server
cloudflare
etag
"a5a4-5836a6cdaf92f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55be459b5f4ed6e9-FRA
cf-bgj
imgq:85
loader.gif
img17.com/pl/1/ 		764 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9555393dedd60498fb82368e50d7645eb5006562e10e016f01ec663e5f59e0cf

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 22:48:03 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=gif, origSize=1633
status
200
content-disposition
inline; filename="loader.webp"
content-length
764
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810f4ebc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55be459baff8d6e9-FRA
cf-bgj
imgq:85
p1_3_lindex.png
img17.com/pl/1/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_3_lindex.png
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b63f53b23474d84cfedab76cf50cbb568caa664a0a66b835ed8a321f0b1948c

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 22:48:03 GMT
cf-cache-status
MISS
last-modified
Wed, 06 Mar 2019 10:26:36 GMT
server
cloudflare
etag
"572c-5836a6cad5975"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55be459bb817d6e9-FRA
content-length
22316
background-pl-lindex.jpg
img17.com/pl/1/ 		126 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/background-pl-lindex.jpg
Requested by
Host: se.12xlwin1.net
URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd0974ada0b255541a352293b536601659b5ac067b4f05591b150a200ab1df4

Request headers

Referer
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 27 Jan 2020 22:48:03 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=210409
status
200
content-disposition
inline; filename="background-pl-lindex.webp"
content-length
129200
last-modified
Wed, 06 Mar 2019 10:26:39 GMT
server
cloudflare
etag
"335e9-5836a6cd812fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
55be459bb81ad6e9-FRA
cf-bgj
imgq:85

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

2 Cookies

Domain/Path Name / Value
se.12xlwin1.net/ Name: PHPSESSID
Value: b84a13603c46f9ce5ff2db06ca8d5eb4
.12xlwin1.net/ Name: __cfduid
Value: d22cf1cf2b4babd3c3b863790c49d1ef61580165282