nz.12xlwin6e.net - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 172.67.222.248, located in United States and belongs to CLOUDFLARENET, US. The main domain is nz.12xlwin6e.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 11th 2022. Valid for: a year.

This is the only time nz.12xlwin6e.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.210.163.112 52.210.163.112	16509 (AMAZON-02) (AMAZON-02)
3	172.67.222.248 172.67.222.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.70.173 172.67.70.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.3.111 104.26.3.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

1 52.210.163.112 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-163-112.eu-west-1.compute.amazonaws.com

x.trc85.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.222.248 (United States)

ASN13335 (CLOUDFLARENET, US)

nz.12xlwin6e.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.70.173 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.img117.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.3.111 (United States)

ASN13335 (CLOUDFLARENET, US)

img17.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	12xlwin6e.net nz.12xlwin6e.net	4 KB
2	img17.com img17.com	16 KB
1	img117.com cdn.img117.com	92 KB
1	trc85.com 1 redirects x.trc85.com	2 KB
6	4

	Domain	Requested by
3	nz.12xlwin6e.net	nz.12xlwin6e.net
2	img17.com	nz.12xlwin6e.net
1	cdn.img117.com	nz.12xlwin6e.net
1	x.trc85.com	1 redirects
6	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-11` - `2023-09-11`	a year	crt.sh
*.img17.com E1	`2022-12-10` - `2023-03-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--?
Frame ID: 7BDCCFEDCF25EF79756A3D8E01C26EBB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Consumer Survey

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

112 kB
Transfer

120 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://x.trc85.com/aff_c?offer_id=934&aff_id=2969&url_id=11445&pl=312&source=NewWorld$500_cpc&aff_sub=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGAvdy39Sk&aff_sub3=777067 HTTP 302
https://nz.12xlwin6e.net/gtrax.php?aff_id=2969&ct=110&v=5062&offer_id=934&sub_source=NewWorld$500_cpc&t1=102b564571918dec4530d62c7c8a17&t2=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGAvdy39Sk&t3=116.90.74.215-NZ&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=312

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	gtrax.php Show response nz.12xlwin6e.net/ Redirect Chain http://x.trc85.com/aff_c?offer_id=934&aff_id=2969&url_id=11445&pl=312&source=NewWorld$500_cpc&aff_sub=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGAvdy39Sk&aff_sub3=777067 https://nz.12xlwin6e.net/gtrax.php?aff_id=2969&ct=110&v=5062&offer_id=934&sub_source=NewWorld$500_cpc&t1=102b564571918dec4530d62c7c8a17&t2=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGA...	0 681 B	1487ms 1190ms	Document text/html	172.67.222.248 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nz.12xlwin6e.net/gtrax.php?aff_id=2969&ct=110&v=5062&offer_id=934&sub_source=NewWorld$500_cpc&t1=102b564571918dec4530d62c7c8a17&t2=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGAvdy39Sk&t3=116.90.74.215-NZ&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=312 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.248 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.10 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 77cd1f72faeaa95b-SYD content-encoding br content-type text/html; charset=utf-8 date Wed, 21 Dec 2022 02:17:42 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache refresh 0.2;url=w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoFpSMIkqcslvkQh5jQ13NRxicge9sLJ%2BxllaLgwtX%2BoqH6dTe0PreRftqbACwBpvWY7ItkAcalk9YVqBtVNnCM%2BlVTQNuXMdN4qyEpYlaSvs8nO7KqVM43P0iQTECkk3hzz"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.10 Redirect headers Access-Control-Allow-Headers Tune-SDK-Version Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 572 Content-Type text/html; charset=iso-8859-1 Date Wed, 21 Dec 2022 02:17:41 GMT Expires Sat, 26 Jul 1997 05:00:00 GMT Location https://nz.12xlwin6e.net/gtrax.php?aff_id=2969&ct=110&v=5062&offer_id=934&sub_source=NewWorld$500_cpc&t1=102b564571918dec4530d62c7c8a17&t2=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGAvdy39Sk&t3=116.90.74.215-NZ&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=312 P3p CP="NOI CUR OUR NOR INT" Pragma no-cache Server nginx Tracking_id 102b564571918dec4530d62c7c8a17 X-Request-Id 628425dd1a813eaceffffd37d3dc794b X-Robots-Tag noindex, nofollow
GET H2	200	Primary Request w0.php Show response nz.12xlwin6e.net/	14 KB 3 KB	421ms 420ms	Document text/html	172.67.222.248 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.222.248 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.10 Resource Hash `25ac5c516271501a99b3909d989f99ebac5974a564e28282d26d17907cdead9e` Request headers Referer https://nz.12xlwin6e.net/gtrax.php?aff_id=2969&ct=110&v=5062&offer_id=934&sub_source=NewWorld$500_cpc&t1=102b564571918dec4530d62c7c8a17&t2=qBHqHF3fRBiaFt_RxnAZQA0%2FGIMBOPkKaJ3hE3D0uyjoAeu2L4ACjMGAvdy39Sk&t3=116.90.74.215-NZ&udc=Desktop--Google--Chrome--%3F&gender={gender}&email={email}&firstname={firstname}&lastname={lastname}&pl=312 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 77cd1f7bddbba95b-SYD content-encoding br content-type text/html; charset=UTF-8 date Wed, 21 Dec 2022 02:17:43 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n69QKsWXpDmBFSgS%2FiuGQhHvR8lVlvQ83Ldtcchien3y8NA1u2uSSSu8g%2BtkbcQA3uFw5xNuFVVlsmAe9PbtclW9Ouk6d6IytfIwiBxi2rBlYSFRP0lFHGk5J5Xgkel6t%2BJr"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.3.10
GET H3	404	style.css nz.12xlwin6e.net/css/	0 0	1212ms 1212ms	Stylesheet text/html	172.67.222.248 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nz.12xlwin6e.net/css/style.css Requested by Host: nz.12xlwin6e.net URL: https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.248 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language en-NZ,en;q=0.9 Referer https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 02:17:44 GMT content-encoding br cf-cache-status EXPIRED last-modified Sun, 31 Jul 2016 01:29:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXmArCfLwbCRu3FHsPnSo7Ipqb5InSGMXoDqpMs0uPI%2BVdAgEXO6tBwwyt16jLn8giFmg8DvdF3Q0I6pK2TkLlh0tCo0b6K3jvJ0VfjXzb19wd9ltm1ZI1ovHh0VBoLF15tD"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 77cd1f7e7891a82b-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	img_3936.png cdn.img117.com/	91 KB 92 KB	1480ms 1186ms	Image image/png	172.67.70.173 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.img117.com/img_3936.png Requested by Host: nz.12xlwin6e.net URL: https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.70.173 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d71e33a204fed3a0f8a4766a3ee562386fd6a3d9d849718c66a3e714c70b9634` Request headers accept-language en-NZ,en;q=0.9 Referer https://nz.12xlwin6e.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 02:17:45 GMT cf-cache-status REVALIDATED last-modified Wed, 11 May 2022 08:25:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "16bfd-5deb8302acba7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Y%2BQWGk3Td7K6%2FjTNxzjzJSDKbAbkFG0WC7liOSq4piuSf1YGRxPW3%2BMhHINSVfn3oP35gAoxUaVqOEmIY321260jInDKPeyVA4QfknjgeKvMBaRsZmiJe9qpO9H8HkZ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 77cd1f81ddeda96b-SYD content-length 93181
GET H2	200	loader.gif img17.com/pl/1/	748 B 1 KB	444ms 149ms	Image image/webp	104.26.3.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img17.com/pl/1/loader.gif Requested by Host: nz.12xlwin6e.net URL: https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `97c380a030da24f18f9ac8f890c39928ed5deab64213ffe750231006a44168b6` Request headers accept-language en-NZ,en;q=0.9 Referer https://nz.12xlwin6e.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 02:17:43 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 6206 cf-polished origFmt=gif, origSize=1633 content-disposition inline; filename="loader.webp" content-length 748 cf-bgj imgq:100,h2pri last-modified Thu, 17 May 2018 15:29:41 GMT server cloudflare etag "661-56c68810c0340" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6lwn0GzitIX0TdmRBVsUq0vSOMoNx8YYPRvpNltq0SBP%2B0mVivQO4zu456s6SppzJjyCV9izbZD0dOxKYvnBpLujOokm98FoJl6ZHkzag2YJ7LtgUGkidv9H%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 77cd1f81e86aa961-SYD
GET H2	200	header-new-world-b.jpg img17.com/pl/2/	14 KB 15 KB	1170ms 1169ms	Image image/jpeg	104.26.3.111 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://img17.com/pl/2/header-new-world-b.jpg Requested by Host: nz.12xlwin6e.net URL: https://nz.12xlwin6e.net/w0.php?v=5062&aff_id=2969&aff_sub=&aff_sub2=&tid=22350417&pl=312&ppgender=&ppemail=&ppfirstname=&pplastname=&udc=Desktop--Google--Chrome--? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.3.111 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9e8b00b3ab0cffaff1d8ee7952758e0bc13827afc8a48621f81a1a77106c1c10` Request headers accept-language en-NZ,en;q=0.9 Referer https://nz.12xlwin6e.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 02:17:45 GMT cf-cache-status REVALIDATED cf-bgj imgq:100,h2pri last-modified Tue, 15 Jan 2019 04:57:36 GMT server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=15769, status=webp_bigger etag "3d99-57f77fffa9000" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkNrIq%2BS3cYsEcd0D1CVOKsVwSsjjiTIlBYjucVkIFEZcQlN0NhRIAUvLB6ZPuVKQ1iOYFRuWNLuwDxgN7hhhqzBtDwkmz4ZNsbpGb2xH4y5U%2BXn4qtKuSmBHw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 77cd1f861d91a961-SYD content-length 14771

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nz.12xlwin6e.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9ac7380db64737a72e2e316f9bed2e1f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nz.12xlwin6e.net/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.img117.com
img17.com
nz.12xlwin6e.net
x.trc85.com
104.26.3.111
172.67.222.248
172.67.70.173
52.210.163.112
25ac5c516271501a99b3909d989f99ebac5974a564e28282d26d17907cdead9e
97c380a030da24f18f9ac8f890c39928ed5deab64213ffe750231006a44168b6
9e8b00b3ab0cffaff1d8ee7952758e0bc13827afc8a48621f81a1a77106c1c10
d71e33a204fed3a0f8a4766a3ee562386fd6a3d9d849718c66a3e714c70b9634
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

nz.12xlwin6e.net Open in urlscan Pro 172.67.222.248 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

112 kBTransfer

120 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

nz.12xlwin6e.net Open in urlscan Pro
172.67.222.248 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

112 kB
Transfer

120 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions