au1.xlwin.net
Open in
urlscan Pro
2a00:1158:1000:500::1d
Public Scan
Effective URL: https://au1.xlwin.net/w0.php?v=2673&aff_id=1126&aff_sub=&aff_sub2=&tid=41621765&pl=45&ppgender=&ppemail=&ppfirstname=&...
Submission: On July 27 via manual from AU
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on June 21st 2018. Valid for: a year.
This is the only time au1.xlwin.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 93.113.37.27 93.113.37.27 | 41011 (CH-NET-AS) (CH-NET-AS) | |
3 3 | 50.97.244.203 50.97.244.203 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
1 1 | 52.205.129.47 52.205.129.47 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 52.49.0.112 52.49.0.112 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 2a00:1158:100... 2a00:1158:1000:500::1d | 8972 (GD-EMEA-D...) (GD-EMEA-DC-SXB1) | |
6 | 2400:cb00:204... 2400:cb00:2048:1::6818:1902 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
9 | 2 |
ASN41011 (CH-NET-AS, RO)
PTR: 93.113.37.27.ch-center.com
upt.com-sporttickets.com |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: clkmg.com
top.european-promos.online | |
www.clkmg.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-129-47.compute-1.amazonaws.com
lg.aivilors.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-0-112.eu-west-1.compute.amazonaws.com
cli.ckluna.net |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
img17.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
img17.com
img17.com |
412 KB |
3 |
xlwin.net
au1.xlwin.net |
19 KB |
2 |
european-promos.online
2 redirects
top.european-promos.online |
1 KB |
1 |
ckluna.net
1 redirects
cli.ckluna.net |
2 KB |
1 |
aivilors.com
1 redirects
lg.aivilors.com |
952 B |
1 |
clkmg.com
1 redirects
www.clkmg.com |
464 B |
1 |
com-sporttickets.com
1 redirects
upt.com-sporttickets.com |
509 B |
9 | 7 |
Domain | Requested by | |
---|---|---|
6 | img17.com |
au1.xlwin.net
|
3 | au1.xlwin.net |
au1.xlwin.net
|
2 | top.european-promos.online | 2 redirects |
1 | cli.ckluna.net | 1 redirects |
1 | lg.aivilors.com | 1 redirects |
1 | www.clkmg.com | 1 redirects |
1 | upt.com-sporttickets.com | 1 redirects |
9 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.xlwin.net AlphaSSL CA - SHA256 - G2 |
2018-06-21 - 2019-06-22 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://au1.xlwin.net/w0.php?v=2673&aff_id=1126&aff_sub=&aff_sub2=&tid=41621765&pl=45&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 8072B9099D87D992C3458C99925A48D5
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://upt.com-sporttickets.com/index.php/campaigns/hs949ea87f97e/track-url/ga6046pz60493/c668c2af580ba4942daed13ef8551d66acf0fb19 HTTP 301
- http://top.european-promos.online/10vvopAlldiAU HTTP 302
- http://www.clkmg.com/mtc/?url=http%3a%2f%2ftop.european-promos.online%2f10vvopAlldiAU&vid=306055653 HTTP 302
- http://top.european-promos.online/10vvopAlldiAU?clkmtc=1 HTTP 302
- http://lg.aivilors.com/t/clk?id=gZRulpXT3lP1soQ4xcR HTTP 302
- https://cli.ckluna.net/aff_c?offer_id=140&aff_id=1126&url_id=4588&pl=45&&aff_sub2=71c93d31-4431-49eb-b176-6ce92fb1be24&source=4660_ HTTP 302
- https://au1.xlwin.net/gtrax.php?ct=1&v=2673&aff_id=1126&offer_id=140&sub_source=4660_&t1=10272a96e3a1d26e2b758dd86eaacc&t2=&t3=148.251.45.254&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=45
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
gtrax.php
au1.xlwin.net/ Redirect Chain
|
0 592 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
w0.php
au1.xlwin.net/ |
18 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
au1.xlwin.net/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
475x450-woolworth.png
img17.com/img/1/ |
265 KB 266 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
clock.png
img17.com/pl/1/ |
506 B 632 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
loader.gif
img17.com/pl/1/ |
764 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1600px-countdown-bg.jpg
img17.com/pl/1/ |
117 KB 117 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
corner.png
img17.com/pl/1/ |
814 B 965 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1600px-woolworths-top.jpg
img17.com/pl/1/ |
26 KB 27 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
24 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| timeleft number| downloadTimer number| mins number| secs function| countdown function| Decrement function| getminutes function| getseconds string| first_title string| seconde_title string| link number| question_idx function| next_question function| show_block function| hide_block function| results object| disclaimer object| today number| dd number| mm number| yyyy object| monthNames object| minutes object| seconds1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
au1.xlwin.net/ | Name: PHPSESSID Value: b8af9426c3c79095b1eece64a4212938 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
au1.xlwin.net
cli.ckluna.net
img17.com
lg.aivilors.com
top.european-promos.online
upt.com-sporttickets.com
www.clkmg.com
2400:cb00:2048:1::6818:1902
2a00:1158:1000:500::1d
50.97.244.203
52.205.129.47
52.49.0.112
93.113.37.27
1d3b2dba194eb1207159c8656e8f42c7102f77e946a283486bd93b78159c0f08
29b1c8b89bd8d45881b7120000d214eaa0d517e6ab971d2946517144ad89a3dc
7cc9eeb3d3e73b45a9abb1504818822100a13a0029cf3af2274ea1db7d95d857
9555393dedd60498fb82368e50d7645eb5006562e10e016f01ec663e5f59e0cf
a6441f0f3a2dc65b57138e8f27117352b410cfc0d6d974f109f451cfa30013b8
d3def6c74ef14c21a050116a56635e7794f31a54949bb97e7af4346e428b8213
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee81953048c41584cd8135bc4c8a97272215e1d3135cefd94cc4800516362e03