urlscan.io logo urlscan.io
SecurityTrails logo

se.12xlwin1m.net Open in urlscan Pro
2606:4700:3030::6815:48c3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://extrabenefits.club/rd/c27071xqSfy29108063kBwp2dKa17745ygge4214
Effective URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=...
Submission: On July 15 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3030::6815:48c3, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin1m.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 17th 2021. Valid for: a year.
This is the only time se.12xlwin1m.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 176.123.5.91 200019 (ALEXHOST)
1 1 34.120.144.64 15169 (GOOGLE)
1 1 52.210.163.112 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 5
2    176.123.5.91 (Chisinau, Moldova)

ASN200019 (ALEXHOST, MD)
PTR: 176-123-5-91.hayloop.xyz
extrabenefits.club
1    34.120.144.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.144.120.34.bc.googleusercontent.com
www.srt8trk.com
1    52.210.163.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-163-112.eu-west-1.compute.amazonaws.com
x.trc85.com
2    2606:4700:3030::6815:48c3 (United States)

ASN13335 (CLOUDFLARENET, US)
se.12xlwin1m.net
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2606:4700:20::681a:26f (United States)

ASN13335 (CLOUDFLARENET, US)
img17.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
6 img17.com
img17.com
123 KB
2 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
34 KB
2 12xlwin1m.net
se.12xlwin1m.net
4 KB
2 extrabenefits.club
extrabenefits.club
569 B
1 trc85.com
x.trc85.com
2 KB
1 srt8trk.com
www.srt8trk.com
433 B
11 6
Domain Requested by
6 img17.com se.12xlwin1m.net
2 se.12xlwin1m.net extrabenefits.club
2 extrabenefits.club 1 redirects
1 ajax.googleapis.com se.12xlwin1m.net
1 fonts.googleapis.com se.12xlwin1m.net
1 x.trc85.com 1 redirects
1 www.srt8trk.com 1 redirects
11 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-17 -
2022-05-16		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.img17.com
R3		 2021-06-27 -
2021-09-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 278E98AE8533075DC02B6CFF9FB06198
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://extrabenefits.club/rd/c27071xqSfy29108063kBwp2dKa17745ygge4214 Page URL
  2. https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

11
Requests

91 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

5
IPs

4
Countries

161 kB
Transfer

228 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://extrabenefits.club/rd/c27071xqSfy29108063kBwp2dKa17745ygge4214 Page URL
  2. https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://extrabenefits.club/track/c27071xqSfy29108063kBwp2dKa17745ygge4214 HTTP 302
  • https://www.srt8trk.com/2J75T3/29KSZ53/?sub1=10&sub2=4214-27071&sub3=29108063-2-17745 HTTP 302
  • http://x.trc85.com/aff_c?offer_id=558&aff_id=3121&url_id=6326&pl=149&source=34&aff_sub=de51d3c42717436a9d201bab8b07a906&aff_sub3=10 HTTP 302
  • https://se.12xlwin1m.net/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=149

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c27071xqSfy29108063kBwp2dKa17745ygge4214
extrabenefits.club/rd/ 		235 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
http://extrabenefits.club/rd/c27071xqSfy29108063kBwp2dKa17745ygge4214
Protocol
HTTP/1.1
Server
176.123.5.91 Chisinau, Moldova, ASN200019 (ALEXHOST, MD),
Reverse DNS
176-123-5-91.hayloop.xyz
Software
/
Resource Hash
e46f3127e1d2d73084efc503b86c3c5ab7091677b493e10d59f0cf4375b9a1e7

Request headers

Host
extrabenefits.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Date
Thu, 15 Jul 2021 06:32:34 GMT
Content-Length
235
gtrax.php
se.12xlwin1m.net/
Redirect Chain
  • http://extrabenefits.club/track/c27071xqSfy29108063kBwp2dKa17745ygge4214
  • https://www.srt8trk.com/2J75T3/29KSZ53/?sub1=10&sub2=4214-27071&sub3=29108063-2-17745
  • http://x.trc85.com/aff_c?offer_id=558&aff_id=3121&url_id=6326&pl=149&source=34&aff_sub=de51d3c42717436a9d201bab8b07a906&aff_sub3=10
  • https://se.12xlwin1m.net/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--...
0
790 B 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1m.net/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=149
Requested by
Host: extrabenefits.club
URL: http://extrabenefits.club/rd/c27071xqSfy29108063kBwp2dKa17745ygge4214
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:48c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.23
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
se.12xlwin1m.net
:scheme
https
:path
/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=149
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://extrabenefits.club/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://extrabenefits.club/rd/c27071xqSfy29108063kBwp2dKa17745ygge4214

Response headers

date
Thu, 15 Jul 2021 06:32:35 GMT
content-type
text/html; charset=utf-8
x-powered-by
PHP/7.2.23
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0.2;url=w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
set-cookie
PHPSESSID=d6311c04fcca0bbd245bc20440e31409; path=/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sqlLs1xhBRNsnmkrTm6K0aOhZGhlZZpts%2FrIz3JHh9uNfAa38rJ10R8%2BA7gBWdCJi%2BKl55YU23nVGTtJCz3Z77V%2Bj1njeQgM9EMb1LgR35NoJhQ5Lnxo77If8irGACHnVw5TukSFnFxDgOHxfGyB"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66f0f4549c18d6f1-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Server
nginx
Date
Thu, 15 Jul 2021 06:32:35 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
523
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://se.12xlwin1m.net/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=149
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
aff_ran_url_558=6326; expires=Fri, 16 Jul 2021 06:32:35 GMT; path=/; SameSite=None; Secure enc_aff_session_558=ENC03cf73537261bf7def4436a7eaf631be9e21befe70fe73ab22b9771ba76a5e1efd8106af9e4b309a33a43d49e6b0054bfcd1249a7fea76902d73f350068c430a5339a588b40e6bb7b4c4bc67c2af3e1671a3d1bb43cfc36fd0c49ecc4f5282886415fb4ce07e050cae2464ce6e289c50068284b141f60e27852568a648ffef3d778b109351d3767832732cda84f6c7c22a850cb1d9b701fb37da9d3ecc414dddf9ea3acfb7e0b1172e5eafaa84274af290bca9715e34e6edf51e667428ce6bfca5024519e5; expires=Sun, 15 Aug 2021 06:32:35 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI4OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTIiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Sat, 08 Jun 2024 17:12:35 GMT; path=/; SameSite=None; Secure
Tracking_id
102121b7aa7c79d54b544b18cd47e7
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
a4790feb8d50716c1871798a7b8f0338
Access-Control-Allow-Headers
Tune-SDK-Version
Primary Request w0.php
se.12xlwin1m.net/ 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:48c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.23
Resource Hash
d63cef66e671d24b9e0fb38b551b3fa13c8639086f3c432a0641d3f21e3ad341

Request headers

:method
GET
:authority
se.12xlwin1m.net
:scheme
https
:path
/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://se.12xlwin1m.net/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=149
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
PHPSESSID=d6311c04fcca0bbd245bc20440e31409
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://se.12xlwin1m.net/gtrax.php?aff_id=3121&ct=1&v=5079&offer_id=558&sub_source=34&t1=102121b7aa7c79d54b544b18cd47e7&t2=de51d3c42717436a9d201bab8b07a906&t3=185.236.42.19-SE&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=149

Response headers

date
Thu, 15 Jul 2021 06:32:35 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.2.23
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=EbWSmDnqCapnTeirWbKT9KNpvymF24SlyzvgXM9xnCuEEni%2B9J05ftzK7YncBPN%2FDnw0P0Gohq1FPC5p%2BqM7wZ8n2Oipp0LPNKoqgjZHr4vPZfTMXe63XOd82iVXzJm4KVl5or4okTCBuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66f0f4566d972b95-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
css
fonts.googleapis.com/ 		2 KB
600 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
288f01b9601681ec39f2cf7242e0d23780310021fe2fee8e6272f8ed37ab67d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 04:56:14 GMT
server
ESF
date
Thu, 15 Jul 2021 06:32:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 15 Jul 2021 06:32:35 GMT
pl1_2.css
img17.com/pl/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img17.com/pl/css/pl1_2.css
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2a559eba978cba7c235aebcf43f8acbaea18b177874aa940bc50dbd773866e

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 06:32:35 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
444
cf-polished
origSize=3413
last-modified
Thu, 17 May 2018 15:31:21 GMT
server
cloudflare
etag
W/"d55-56c688701e440"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nHTezlo9ZqtIzh3XYUawCEWOLduXQ1nKgxdhbiWzYt44SGqEpQfMUjH2wnvvcJkU2FQ4nL3bUDkHScghd%2Fc6nxv%2F8ZaUUmOUJtUHe7A1q%2B0XRRnX%2Bdq4y2Jmi%2FFRjnGwco7qM73FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
66f0f4570f534e32-FRA
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 05:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Jul 2022 05:07:23 GMT
p1_2_spotify.png
img17.com/pl/1/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_2_spotify.png
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d240e2be09233134f3ea4c5536d89a6d68b12c1bf9f80dece5022914cd527e3b

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 06:32:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=61568
content-disposition
inline; filename="p1_2_spotify.webp"
content-length
38704
last-modified
Wed, 06 Mar 2019 10:19:03 GMT
server
cloudflare
etag
"f080-5836a51a393c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3si5z8N3M0IsPayuDHaXjIvNhU3F6QFaOnQdo6yPD4KcseHf9ZmrBqDHXiOZbKpI3OQu8ohDrFv5sxWlkSd2bTIWaVj25CgoQJkssHtOPhPv2PmmjishIh%2FkZsl0npNtnoJksoZvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66f0f4570f544e32-FRA
cf-bgj
imgq:100,h2pri
p1_1_spotify.png
img17.com/pl/1/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_1_spotify.png
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c2ff3ddbcd411d1e62d5daf1c01189db9248ff117f6419ed300d3794d7d16ce

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 06:32:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=75426
content-disposition
inline; filename="p1_1_spotify.webp"
content-length
45132
last-modified
Wed, 06 Mar 2019 10:19:06 GMT
server
cloudflare
etag
"126a2-5836a51d15a80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZ3PH0lxnsSCtXZgeXpJu7IyZTkI0kHXupvQa%2FGKkd6%2Bf%2Bdar8FkLLnRLJfrXjfPYU4FrrDP0cHwPw7ARsT5fRKVPNiXHOs%2FeH5Pzq4T95rlDKA%2BuWg7ZFnmi54jiHrc1BpbG74efA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66f0f4572f834e32-FRA
cf-bgj
imgq:100,h2pri
loader.gif
img17.com/pl/1/ 		174 B
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/loader.gif
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e9b99506b5583e80c853b3614f6c3176e864a30e335eb01153aa6e8819d034

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 06:32:35 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5698
cf-polished
origFmt=gif, origSize=1633
content-disposition
inline; filename="loader.webp"
content-length
174
last-modified
Thu, 17 May 2018 15:29:41 GMT
server
cloudflare
etag
"661-56c68810c0340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZbHIVW1iygEaSivlpiiK0jX3eWtFxyxtDpEVhVbSY04G1K1gJiW74XNfCyBJ8bAG3rvoWX1BJG7rTTOGYxqEIQ%2Faui7vZs8A2nNzI0ZwI%2Fjm65yOxSTjBBbSjC14FrX%2BhY2mF%2BemQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66f0f4572f954e32-FRA
cf-bgj
imgq:100,h2pri
p1_3_spotify.png
img17.com/pl/1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/p1_3_spotify.png
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8653c00cd4307872d3c068f47fb4f27759b02b75372c7d1bdb33f79227f26b9

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 06:32:39 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=12469
content-disposition
inline; filename="p1_3_spotify.webp"
content-length
7070
last-modified
Wed, 06 Mar 2019 10:19:03 GMT
server
cloudflare
etag
"30b5-5836a51a393c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYefIDIu%2FikGXCir2oqx1%2FhPHdgRCxx3gnLFs2y4AG%2BZr%2BgsgCkkAsGrxRFD3mRTPl0P9Uny9ikXNDUPHq6K3jy10rUpzf0RqE3Nb%2FgfuS2THMKNQgAq1McRimuFNDs5UnQK2Khw2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66f0f4572f974e32-FRA
cf-bgj
imgq:100,h2pri
background_prelander.jpg
img17.com/pl/1/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img17.com/pl/1/background_prelander.jpg
Requested by
Host: se.12xlwin1m.net
URL: https://se.12xlwin1m.net/w0.php?v=5079&aff_id=3121&aff_sub=&aff_sub2=&tid=20958227&pl=149&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:26f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa25d5818480090a4d9550e604b3e1b81daaf3c0d14310c03343456262235af

Request headers

Referer
https://se.12xlwin1m.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 06:32:38 GMT
cf-cache-status
REVALIDATED
nel
{"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=36691, status=webp_bigger
content-length
31802
last-modified
Wed, 06 Mar 2019 10:19:06 GMT
server
cloudflare
etag
"8f53-5836a51d15a80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GAAycpusOE%2BFE3pRtr2vtBi5hmoTACGWnL6YM%2BNBfGAu%2FyAOCJS1SO6gnnmP4lHapL%2BY3o6CcamkiFeNi%2Byyt2V8MhB5DagG9rhJ26VjQq5T265OhgmeLdPbNNRVwx5k7b9yT05pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
66f0f4573f9a4e32-FRA
cf-bgj
imgq:100,h2pri

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| unhide function| hide function| toggle_display function| start_checker

0 Cookies