au.12xlwin5n.com
Open in
urlscan Pro
151.101.66.132
Public Scan
Effective URL: https://au.12xlwin5n.com/w0.php?v=5077&aff_id=1040&aff_sub=&aff_sub2=&tid=55970164&pl=185&ppgender=&ppemail=&ppfirstname=...
Submission: On August 31 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by R3 on July 14th 2022. Valid for: 3 months.
This is the only time au.12xlwin5n.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.234.43.111 54.234.43.111 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 1 | 34.76.75.249 34.76.75.249 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 1 | 52.210.26.68 52.210.26.68 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 151.101.66.132 151.101.66.132 | 54113 (FASTLY) (FASTLY) | |
3 | 104.26.3.111 104.26.3.111 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-43-111.compute-1.amazonaws.com
cca.li |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.75.76.34.bc.googleusercontent.com
goodwolder.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-26-68.eu-west-1.compute.amazonaws.com
x.trc85.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
img17.com
img17.com |
277 KB |
2 |
12xlwin5n.com
au.12xlwin5n.com |
7 KB |
1 |
trc85.com
1 redirects
x.trc85.com |
2 KB |
1 |
goodwolder.com
1 redirects
goodwolder.com |
783 B |
1 |
cca.li
1 redirects
cca.li |
284 B |
5 | 5 |
Domain | Requested by | |
---|---|---|
3 | img17.com |
au.12xlwin5n.com
|
2 | au.12xlwin5n.com | |
1 | x.trc85.com | 1 redirects |
1 | goodwolder.com | 1 redirects |
1 | cca.li | 1 redirects |
5 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.12xlwin5n.com R3 |
2022-07-14 - 2022-10-12 |
3 months | crt.sh |
*.img17.com E1 |
2022-08-14 - 2022-11-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://au.12xlwin5n.com/w0.php?v=5077&aff_id=1040&aff_sub=&aff_sub2=&tid=55970164&pl=185&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 64FA539ACF8075E3AA57402D2DC8210F
Requests: 5 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://cca.li/1Bd HTTP 301
- https://goodwolder.com/?a=1223&oc=9574&c=27821&m=3&s1= HTTP 302
- http://x.trc85.com/aff_c?offer_id=3193&aff_id=1040&url_id=10057&pl=185&source=1223123_Aldi&aff_sub2=263599586&aff_sub3=1223 HTTP 302
- https://au.12xlwin5n.com/gtrax.php?aff_id=1040&ct=1&v=5077&offer_id=3193&sub_source=1223123_Aldi&t1=102e86f32c1c91837ff79b3721b3fc&t2=&t3=173.245.209.63-AU&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=185
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
gtrax.php
au.12xlwin5n.com/ Redirect Chain
|
0 412 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
w0.php
au.12xlwin5n.com/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sign.png
img17.com/pl/1/ |
11 KB 11 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aldigiftcard.png
img17.com/pl/1/ |
113 KB 114 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1440x633_veg_bg.jpg
img17.com/pl/1/ |
152 KB 152 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| elems function| fn4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.goodwolder.com/ | Name: sfd Value: vPlIBfnMcy26vwUowVjAMJpqiC28g8zC2lG9a+fo36twy1wEmuOX4w== |
|
.goodwolder.com/ | Name: tib Value: nJRG2JNydNWTto9OgDd2eppqiC28g8zC2lG9a+fo36twy1wEmuOX4w== |
|
.goodwolder.com/ | Name: c9554 Value: vPlIBfnMcy0N7ML+qdsqoPtmp/9+pJjkHmQ1Cyjel1vEJqwiiX0zeQ== |
|
au.12xlwin5n.com/ | Name: PHPSESSID Value: 99202227e2fb5c7ff1e410044034b5e7 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
au.12xlwin5n.com
cca.li
goodwolder.com
img17.com
x.trc85.com
104.26.3.111
151.101.66.132
34.76.75.249
52.210.26.68
54.234.43.111
20b789c5ac47cf389497b3ac7eaa649abcf685a74b62db40f80e64e6b46c002f
80dad7458a6e42a547fb2fa851373a736e0bb442dc10fe1793c33758657ad1d3
bcab7aacb65b677b34743e6d79da9509a41a220f569fa624bf9821aea7c94a43
ce48017ffd9b0420ebc64fc8360f1c097dc320e8ca5a7c2a757cb3192be51b7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855