se.12xlwin1.net Open in urlscan Pro
2606:4700:3033::681c:f26 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ator.crossfitgladiator.com/redirect.php?id=PDM0MmJmN2IzN2NiODk5MmE5OTQ5YmRjMGU3M2E4OWQzQGF0b3IuY3Jvc3NmaXRnbGFkaWF0b3IuY29t...
Effective URL:
https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&...
Submission: On February 05 via api (February 5th 2020, 2:29:49 pm UTC) from BE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3033::681c:f26, located in United States and belongs to CLOUDFLARENET, US. The main domain is se.12xlwin1.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on September 16th 2019. Valid for: a year.

This is the only time se.12xlwin1.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::681b:bea5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.237.146.183 104.237.146.183	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	52.31.8.69 52.31.8.69	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:303... 2606:4700:3033::681c:f26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:a50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	180.250.66.131 180.250.66.131	17974 (TELKOMNET...) (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia)
9	4

1 2606:4700:3037::681b:bea5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ator.crossfitgladiator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.146.183 (Newark, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li834-183.members.linode.com

www.junkani.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.8.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-8-69.eu-west-1.compute.amazonaws.com

x.trc81.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::681c:f26 (United States)

ASN13335 (CLOUDFLARENET, US)

se.12xlwin1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:a50 (United States)

ASN13335 (CLOUDFLARENET, US)

img17.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 180.250.66.131 (Jakarta, Indonesia)

ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID)
PTR: 131.subnet180-250-66.speedy.telkom.net.id

p02.notifa.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	img17.com img17.com	191 KB
3	12xlwin1.net se.12xlwin1.net	5 KB
2	notifa.info p02.notifa.info
1	trc81.com 1 redirects x.trc81.com	2 KB
1	junkani.com www.junkani.com	485 B
1	crossfitgladiator.com 1 redirects ator.crossfitgladiator.com	677 B
9	6

	Domain	Requested by
3	img17.com	se.12xlwin1.net
3	se.12xlwin1.net	www.junkani.com se.12xlwin1.net
2	p02.notifa.info	se.12xlwin1.net
1	x.trc81.com	1 redirects
1	www.junkani.com
1	ator.crossfitgladiator.com	1 redirects
9	6

This site contains no links.

Subject Issuer	Validity	Valid
www.junkani.com Let's Encrypt Authority X3	`2020-01-06` - `2020-04-05`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-09-16` - `2020-09-15`	a year	crt.sh
*.uzone.id COMODO RSA Domain Validation Secure Server CA	`2016-01-27` - `2019-01-26`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: D672734A7A805435D0D8C1506B9DE769
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ator.crossfitgladiator.com/redirect.php?id=PDM0MmJmN2IzN2NiODk5MmE5OTQ5YmRjMGU3M2E4OWQzQGF0b3IuY3Jvc3Nm... HTTP 302
https://www.junkani.com/rd/r.php?sid=590&pub=670010 Page URL
https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&pp... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

9
Requests

78 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

196 kB
Transfer

207 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ator.crossfitgladiator.com/redirect.php?id=PDM0MmJmN2IzN2NiODk5MmE5OTQ5YmRjMGU3M2E4OWQzQGF0b3IuY3Jvc3NmaXRnbGFkaWF0b3IuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTkwJnB1Yj0zRDY3MDAxMA==&e=1 HTTP 302
https://www.junkani.com/rd/r.php?sid=590&pub=670010 Page URL
https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ator.crossfitgladiator.com/redirect.php?id=PDM0MmJmN2IzN2NiODk5MmE5OTQ5YmRjMGU3M2E4OWQzQGF0b3IuY3Jvc3NmaXRnbGFkaWF0b3IuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTkwJnB1Yj0zRDY3MDAxMA==&e=1 HTTP 302
https://www.junkani.com/rd/r.php?sid=590&pub=670010

Request Chain 1

http://x.trc81.com/aff_c?offer_id=564&aff_id=2821&url_id=3756&pl=46&source=670010_KitchenAid&aff_sub=732928182&aff_sub2= HTTP 302
https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=46

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set r.php Show response www.junkani.com/rd/ Redirect Chain http://ator.crossfitgladiator.com/redirect.php?id=PDM0MmJmN2IzN2NiODk5MmE5OTQ5YmRjMGU3M2E4OWQzQGF0b3IuY3Jvc3NmaXRnbGFkaWF0b3IuY29tPg==&ref=aHR0cHM6Ly93d3cuanVua2FuaS5jb20vcmQvci5waHA/c2lkPTNENTkwJn... https://www.junkani.com/rd/r.php?sid=590&pub=670010	183 B 485 B	547ms 199ms	Document text/html	104.237.146.183 LINODE-AP Linode
General Check archive.org Show headers Download Go to Full URL https://www.junkani.com/rd/r.php?sid=590&pub=670010 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.237.146.183 Newark, United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS li834-183.members.linode.com Software Apache / Resource Hash `6eaa0fdc4731836f5dbf392ada5f13c4f6be776bacc161c6226d5a1de3576b90` Request headers Host www.junkani.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Sec-Fetch-Mode navigate Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Wed, 05 Feb 2020 14:29:32 GMT Content-Type text/html; charset=UTF-8 Content-Length 183 Server Apache Set-Cookie uid590=732928182-20200205142932-32e50e854725430dd181930ad09e6756-; domain=junkani.com; expires=Fri, 06-Mar-2020 14:29:32 GMT; path=/; SameSite=None; Secure Redirect headers Date Wed, 05 Feb 2020 14:29:32 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d1f341221923bb6b0a52433af9f36b5c61580912972; expires=Fri, 06-Mar-20 14:29:32 GMT; path=/; domain=.crossfitgladiator.com; HttpOnly; SameSite=Lax PHPSESSID=nlcq9p3jebb2o12hm0u7jkvl72; path=/ X-Powered-By PHP/5.6.40 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Location https://www.junkani.com/rd/r.php?sid=590&pub=670010 CF-Cache-Status DYNAMIC Server cloudflare CF-RAY 560593bb0b2cd6b1-FRA
GET H2	200	gtrax.php Show response se.12xlwin1.net/ Redirect Chain http://x.trc81.com/aff_c?offer_id=564&aff_id=2821&url_id=3756&pl=46&source=670010_KitchenAid&aff_sub=732928182&aff_sub2= https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%...	0 548 B	145ms 69ms	Document text/html	2606:4700:3033::681c:f26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=46 Requested by Host: www.junkani.com URL: https://www.junkani.com/rd/r.php?sid=590&pub=670010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.10 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers :method GET :authority se.12xlwin1.net :scheme https :path /gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=46 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site cross-site sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Wed, 05 Feb 2020 14:29:33 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d3d16ff9835cf1d9809b110d42957ebcb1580912973; expires=Fri, 06-Mar-20 14:29:33 GMT; path=/; domain=.12xlwin1.net; HttpOnly; SameSite=Lax PHPSESSID=7f97f3e5879fd0e3dddfee7d0fd12163; path=/ x-powered-by PHP/7.3.10 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache refresh 0.2;url=w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 560593c2a84396f8-FRA content-encoding br Redirect headers Date Wed, 05 Feb 2020 14:29:33 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 513 Connection keep-alive Server nginx/1.13.12 Expires Sat, 26 Jul 1997 05:00:00 GMT Pragma no-cache Cache-Control no-cache, no-store, must-revalidate X-Robots-Tag noindex, nofollow tracking_id 1028fdaae276d26901e42490110684 Location https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=46 Set-Cookie aff_ran_url_564=3756; expires=Thu, 06 Feb 2020 14:29:33 GMT; path=/; SameSite=None; Secure enc_aff_session_564=ENC0369eaf4a8815abc9cf057b20323fd6a8d6a6f079802749b4f67cc5770c9d05d18657edfff2c227c1b66fe1521e9d6d8d936e1edd6a9cb2766b13c974b0f1acba3da1bb9e1ccfbec2e88f2faeb0b447e23d65691ae34bb75c11fe3e885e6e5d25772938970870ad6ff23f7469d97a9c26b1732ffc8f67ee2e5a6ae3f30ed7df070860171f23f3cc1041bb7eb24b2c7915fb5954baf19cb16bed496086c5782343c2ab5b2e2; expires=Thu, 05 Mar 2020 14:29:33 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI3OS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzYpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS83OS4wLjM5NDUuODggU2FmYXJpLzUzNy4zNiIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Sat, 31 Dec 2022 01:09:33 GMT; path=/; SameSite=None; Secure P3P CP="NOI CUR OUR NOR INT" Access-Control-Allow-Origin * X-Request-Id 8f9fdd2cb317d97cc7ec83db919b55aa
GET H2	200	Primary Request w0.php Show response se.12xlwin1.net/	17 KB 5 KB	37ms 36ms	Document text/html	2606:4700:3033::681c:f26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.10 Resource Hash `d8c952cf554e124a4c033c193e6e4ae7c6cb5a64e33539b20081d402ebea8fa5` Request headers :method GET :authority se.12xlwin1.net :scheme https :path /w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site same-origin sec-fetch-mode navigate referer https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=46 accept-encoding gzip, deflate, br cookie __cfduid=d3d16ff9835cf1d9809b110d42957ebcb1580912973; PHPSESSID=7f97f3e5879fd0e3dddfee7d0fd12163 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://se.12xlwin1.net/gtrax.php?aff_id=2821&ct=1&v=2623&offer_id=564&sub_source=670010_KitchenAid&t1=1028fdaae276d26901e42490110684&t2=732928182&t3=193.9.113.117-UK&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=46 Response headers status 200 date Wed, 05 Feb 2020 14:29:33 GMT content-type text/html; charset=UTF-8 x-powered-by PHP/7.3.10 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 560593c46a4d96f8-FRA content-encoding br
GET H2	404	style.css se.12xlwin1.net/css/	0 0	55ms 54ms	Stylesheet text/html	2606:4700:3033::681c:f26 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://se.12xlwin1.net/css/style.css Requested by Host: se.12xlwin1.net URL: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::681c:f26 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 14:29:33 GMT content-encoding br cf-cache-status MISS last-modified Sun, 31 Jul 2016 01:29:19 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 404 cache-control max-age=14400 cf-ray 560593c4baba96f8-FRA
GET H2	200	2623_p1_2_se.gif img17.com/pl/1/	170 KB 170 KB	144ms 85ms	Image image/gif	2606:4700:20::681a:a50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img17.com/pl/1/2623_p1_2_se.gif Requested by Host: se.12xlwin1.net URL: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7197765ded01f51e0048b7c1f9aa73bb79e11e38c58dd02bc1d31bdee1b2f64e` Request headers Referer https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 14:29:33 GMT cf-cache-status MISS last-modified Thu, 17 May 2018 15:28:27 GMT server cloudflare etag "2a72c-56c687ca3e919" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 560593c5082464b5-FRA content-length 173868
GET H2	200	loader.gif img17.com/pl/1/	2 KB 2 KB	113ms 55ms	Image image/gif	2606:4700:20::681a:a50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img17.com/pl/1/loader.gif Requested by Host: se.12xlwin1.net URL: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `92d619282a3d1a329605067fb43a6987b74e454aed2ffbd15974152c07ae7c0a` Request headers Referer https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 14:29:33 GMT cf-cache-status MISS last-modified Thu, 17 May 2018 15:29:41 GMT server cloudflare etag "661-56c68810f4ebc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 560593c5082664b5-FRA content-length 1633
GET H2	200	white-bg.jpg img17.com/pl/1/	19 KB 19 KB	59ms 57ms	Image image/jpeg	2606:4700:20::681a:a50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img17.com/pl/1/white-bg.jpg Requested by Host: se.12xlwin1.net URL: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a57f61d6615060e3baef285da29f384fca38dcb709103a2a57edf72c3566088c` Request headers Referer https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Wed, 05 Feb 2020 14:29:33 GMT cf-cache-status MISS last-modified Thu, 17 May 2018 15:30:02 GMT server cloudflare etag "4a01-56c68825217cf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 560593c5082764b5-FRA content-length 18945
GET H/1.1	503 Service Temporarily Unavailable	request p02.notifa.info/3fsmd3/	0 0	1143ms 279ms	Script text/html	180.250.66.131 TELKOMNET-AS2-AP ...
General Check archive.org Show headers Download Go to Full URL https://p02.notifa.info/3fsmd3/request?id=1&enc=9UwkxLgY9%C2%B6ms=4TtHaUQnUEiP6K%2fc5C582NzYpoUazw5mIM2nOSQkfnH8dym%2baRmVOYOuMpnC8TY229waI18XI3isRmM%2f8no4lpq%2bGWlogoyGVzMOe672LntKVA2uSciJmKerHG%2fV6o1kjSTHASYJXsO9LnKG1iI3ihV0gv5vgOTLzy7Z3g%2bbmvf46bB9E5BhccV7q9GL0C0Ar8a%2fdhs4X225x62WgBskOopX6%2bgsxzs8SOmG2pbDUhAOo1vggV4jAxDtMrivQExGw%2bN8G8BcoxlNSvFqLZQTfQF1ZK1SO4qCPGLsXxV%2bZPVvYRi3GwM%2bDTXpZcbV4StMTSnh52XAeAs4lnGt%2fE2rBAK%2fmWsPb%2fLPDkT2TxssX6Qs%2f9C7V3lv3wvCtgsMFnuQjGiYULPzLur8UCnRgDx2rKgN%2bnMISDcKlbsr%2bQrri62lM%2bfh96L714Ab1%2fTQ7T1DdpcvNmEMMu14FbH1wu9OBStjbUztUn4gboDp4kbkOIPxSexT76Ylkv34LlabybSMD04v7fAkANCDNPOeoocrxQsT%2bT1KUwY6bnzQCXnnqCJ8tlm88tYgF4w8JJQF9c0Kv7AeQC8ntHxyREpCQ%2fsZKtGa9wfvwGpMZOtcuorZk0Vo%2bvdM0%2fg8IkuKzzXNE3OBqB6Bwcac4IFO9t1AG%2fgHig%3d%3d&idc_r=40684282023&domain=se.12xlwin1.net&sw=1600&sh=1200 Requested by Host: se.12xlwin1.net URL: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 180.250.66.131 Jakarta, Indonesia, ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID), Reverse DNS 131.subnet180-250-66.speedy.telkom.net.id Software / Resource Hash Request headers Referer https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers
GET H/1.1	503 Service Temporarily Unavailable	request p02.notifa.info/3fsmd3/	0 0	1145ms 281ms	Script text/html	180.250.66.131 TELKOMNET-AS2-AP ...
General Check archive.org Show headers Download Go to Full URL https://p02.notifa.info/3fsmd3/request?id=1&enc=9UwkxLgY9%C2%B6ms=4TtHaUQnUEiP6K%2fc5C582NzYpoUazw5mIM2nOSQkfnH%2bWHIHfX9E69kjEVtHdOrhpF9Gh7rWI0Z%2btnZ3Ca7tnIgva%2bYhyjxHlStBNbPeO%2fZGBNt1kuSHz7Iga4LaI6JqoDKGA1OPDh%2fNsoCZdKaH2z%2bGRFSNhjZYIIystJmAwywc%2f0hp7qwDCW252jZOgOPhkz5hLDtnmsQdg90eydaj%2fmznp%2fGHBeG3d26CtN3oGW4ixo8NfnB6%2b0JJ1xjbTn5oCeVfWwgdbQxBQxkgi0zg1u7O0oRTDJSVPEIXQUt8BAuUj0ycVMkGgv8tzIdy%2fGbmVp%2bdzTZDBkZZ0uQ3uKs2kR1snHx%2bJDU5tjQEICuE6N84WO%2fIVq9rh5wSZZTcxOJ8AwJ7Ya8twSuR8JB7J2uwRoDyVoR6TLnyNL6J2nl%2bDQeU9iWfwnbyifp0QH5FDldWR6BXdiBH6igbveRf99Y7HMEiX4bH03bwS1PlDdW%2fFoQGTYtPnVR%2fgCLX27818bKnFXkJLNrpdRwCJHRKNMp%2fZVo5FLv65cNmMvPkpGURc6xNhWEHnJkK2l0MFWM7REpIaJ2AcIrmNc09wYDwF8zx9aFRa0G%2fLVvoEMDjo9GAomHT%2fLv57iHpZrl30RNUTEDKbDOK9jcAof%2ffTixudAbBjQ%3d%3d&idc_r=86957996323&domain=se.12xlwin1.net&sw=1600&sh=1200 Requested by Host: se.12xlwin1.net URL: https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 180.250.66.131 Jakarta, Indonesia, ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID), Reverse DNS 131.subnet180-250-66.speedy.telkom.net.id Software / Resource Hash Request headers Referer https://se.12xlwin1.net/w0.php?v=2623&aff_id=2821&aff_sub=&aff_sub2=&tid=18080143&pl=46&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ator.crossfitgladiator.com
img17.com
p02.notifa.info
se.12xlwin1.net
www.junkani.com
x.trc81.com
104.237.146.183
180.250.66.131
2606:4700:20::681a:a50
2606:4700:3033::681c:f26
2606:4700:3037::681b:bea5
52.31.8.69
6eaa0fdc4731836f5dbf392ada5f13c4f6be776bacc161c6226d5a1de3576b90
7197765ded01f51e0048b7c1f9aa73bb79e11e38c58dd02bc1d31bdee1b2f64e
92d619282a3d1a329605067fb43a6987b74e454aed2ffbd15974152c07ae7c0a
a57f61d6615060e3baef285da29f384fca38dcb709103a2a57edf72c3566088c
d8c952cf554e124a4c033c193e6e4ae7c6cb5a64e33539b20081d402ebea8fa5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

se.12xlwin1.net Open in urlscan Pro 2606:4700:3033::681c:f26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

78 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

4 IPs

3 Countries

196 kBTransfer

207 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Indicators

se.12xlwin1.net Open in urlscan Pro
2606:4700:3033::681c:f26 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

78 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

4
IPs

3
Countries

196 kB
Transfer

207 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions