se.12xlwin1.net
Open in
urlscan Pro
2606:4700:3033::681c:f26
Public Scan
Effective URL: https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=...
Submission: On January 27 via api from BE
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 16th 2019. Valid for: a year.
This is the only time se.12xlwin1.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3031::681f:4fe0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.237.146.183 104.237.146.183 | 63949 (LINODE-AP...) (LINODE-AP Linode) | |
1 1 | 52.51.177.32 52.51.177.32 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2606:4700:303... 2606:4700:3033::681c:f26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:818::200a | 15169 (GOOGLE) (GOOGLE) | |
6 | 2606:4700:20:... 2606:4700:20::681a:a50 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE) | |
11 | 5 |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li834-183.members.linode.com
www.junkani.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-177-32.eu-west-1.compute.amazonaws.com
x.trc81.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
img17.com
img17.com |
183 KB |
2 |
googleapis.com
fonts.googleapis.com ajax.googleapis.com |
34 KB |
2 |
12xlwin1.net
se.12xlwin1.net |
3 KB |
1 |
trc81.com
1 redirects
x.trc81.com |
2 KB |
1 |
junkani.com
www.junkani.com |
469 B |
1 |
bonuscodede.com
1 redirects
dede.bonuscodede.com |
680 B |
11 | 6 |
Domain | Requested by | |
---|---|---|
6 | img17.com |
se.12xlwin1.net
|
2 | se.12xlwin1.net |
www.junkani.com
|
1 | ajax.googleapis.com |
se.12xlwin1.net
|
1 | fonts.googleapis.com |
se.12xlwin1.net
|
1 | x.trc81.com | 1 redirects |
1 | www.junkani.com | |
1 | dede.bonuscodede.com | 1 redirects |
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.junkani.com Let's Encrypt Authority X3 |
2020-01-06 - 2020-04-05 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-09-16 - 2020-09-15 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2020-01-07 - 2020-03-31 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 772809970B24F99C3E8E3FE7A56C8897
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNj...
HTTP 302
https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311 Page URL
- https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&p... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNjb2RlZGUuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTg4JnB1Yj0zRDY3MDAxMCZjaWQ9M0QxMzEx&e=1
HTTP 302
https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311 Page URL
- https://se.12xlwin1.net/w0.php?v=2656&aff_id=2821&aff_sub=&aff_sub2=&tid=18037024&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://dede.bonuscodede.com/redirect.php?id=PDEyZTE1YzIwOTU5NTIzNDVhZGE0YzZmZTE1NDljMjQzQGRlZGUuYm9udXNjb2RlZGUuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTg4JnB1Yj0zRDY3MDAxMCZjaWQ9M0QxMzEx&e=1 HTTP 302
- https://www.junkani.com/rd/r.php?sid=588&pub=670010&cid=1311
- http://x.trc81.com/aff_c?offer_id=564&aff_id=2821&url_id=6594&pl=185&source=670010&aff_sub=732740766&aff_sub2= HTTP 302
- https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2656&offer_id=564&sub_source=670010&t1=1028c5776d2907f7dcc5a575adb86a&t2=732740766&t3=82.102.19.134-BE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
r.php
www.junkani.com/rd/ Redirect Chain
|
173 B 469 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtrax.php
se.12xlwin1.net/ Redirect Chain
|
0 547 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
w0.php
se.12xlwin1.net/ |
12 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 572 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pl1_2.css
img17.com/pl/css/ |
3 KB 825 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ |
91 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p1_2_lindex.png
img17.com/pl/1/ |
9 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p1_1_lindex.png
img17.com/pl/1/ |
23 KB 23 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loader.gif
img17.com/pl/1/ |
764 B 913 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p1_3_lindex.png
img17.com/pl/1/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background-pl-lindex.jpg
img17.com/pl/1/ |
126 KB 126 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
se.12xlwin1.net/ | Name: PHPSESSID Value: b84a13603c46f9ce5ff2db06ca8d5eb4 |
|
.12xlwin1.net/ | Name: __cfduid Value: d22cf1cf2b4babd3c3b863790c49d1ef61580165282 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
dede.bonuscodede.com
fonts.googleapis.com
img17.com
se.12xlwin1.net
www.junkani.com
x.trc81.com
104.237.146.183
2606:4700:20::681a:a50
2606:4700:3031::681f:4fe0
2606:4700:3033::681c:f26
2a00:1450:4001:816::200a
2a00:1450:4001:818::200a
52.51.177.32
09d928ab6b14120e07918e7bb3c3b7c41b1794ca15bf001f17d05e2c913ef3b6
0b63f53b23474d84cfedab76cf50cbb568caa664a0a66b835ed8a321f0b1948c
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e
580176c19fe37b3bb0534d56ee0fb02d21754217e6313683079ab1094f768fa1
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
9555393dedd60498fb82368e50d7645eb5006562e10e016f01ec663e5f59e0cf
b16df98265b45569a05b7e50aba48e3bdc9abddcac46071305d8c5554bd982c6
b5c9af7ba728ed18a351bc388654fbab98bdb8dcb93ce0ab911801c44a38e750
d17c8ab345ee766678a91b16ee410e11cb5b2d46d445abbe39c5e20cb9681cfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebd0974ada0b255541a352293b536601659b5ac067b4f05591b150a200ab1df4