urlscan.io logo urlscan.io
SecurityTrails logo

af5.club Open in urlscan Pro
37.1.202.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://7wuvias.website/mmd/?token=bbefd6b5acf8e413e211f36925e104246de346c5&q=Wondershare%20SafeEraser%204.9.9.0%20Crack
Effective URL: https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep...
Submission: On June 24 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 37.1.202.16, located in Netherlands and belongs to SERVERIUS-AS, NL. The main domain is af5.club.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 20th 2019. Valid for: 3 months.
This is the only time af5.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 78.140.165.14 35415 (WEBZILLA)
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
2 37.1.202.16 50673 (SERVERIUS-AS)
3 2
Apex Domain
Subdomains		 Transfer
2 af5.club
af5.club
1 KB
1 webtools.media
cdn.webtools.media
496 B
1 7wuvias.website
7wuvias.website
7 KB
3 3
Domain Requested by
2 af5.club 7wuvias.website
af5.club
1 cdn.webtools.media 1 redirects
1 7wuvias.website
3 3

This site contains no links.

Subject Issuer Validity Valid
af5.club
Let's Encrypt Authority X3		 2019-05-20 -
2019-08-18		 3 months crt.sh

This page contains 1 frames:

Frame: https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack&vdsvdi=RUo9Yp7D%2BzFv8dVznMy92SudAHiE8%2BGHiZChBbQp2%2F2b7yR6QZWy%2FHcm1uM8TA6E&vdu78=http%3A%2F%2F7wuvias.website%2F
Frame ID: 9DBB2C264D7EBBAC288A761B5CB8893A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://7wuvias.website/mmd/?token=bbefd6b5acf8e413e211f36925e104246de346c5&q=Wondershare%20SafeEras... Page URL
  2. https://cdn.webtools.media/r/X2lFaw/?s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&s1=21670&q=Wondershare+SafeEra... HTTP 302
    https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVA... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

67 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

8 kB
Transfer

8 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://7wuvias.website/mmd/?token=bbefd6b5acf8e413e211f36925e104246de346c5&q=Wondershare%20SafeEraser%204.9.9.0%20Crack Page URL
  2. https://cdn.webtools.media/r/X2lFaw/?s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&s1=21670&q=Wondershare+SafeEraser+4.9.9.0+Crack&utm_source=7738e6446515b2ff HTTP 302
    https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
7wuvias.website/mmd/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://7wuvias.website/mmd/?token=bbefd6b5acf8e413e211f36925e104246de346c5&q=Wondershare%20SafeEraser%204.9.9.0%20Crack
Protocol
HTTP/1.1
Server
78.140.165.14 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash

Request headers

Host
7wuvias.website
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0
Date
Mon, 24 Jun 2019 20:51:36 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
bd_context=DWv48ZpfRQalAasjsOyYd4CjxfArhur5H8MQuaBDlMOiukJrv/kvOPFo4s7rnKnGY0LXxeJ+CmFnS0DP+h6r+429s3Erezg4uSUvWQMIyOOqdXz7Y6+Weaov03Kk0vIrpoSBn+Op4CIwhZQSA/INBwOPzJDE5leCkCp31TTWtwvjkgiDUoeqSH0b0Qho0tZSy0t7K8nSqvfpp7qPDE4pXjYuP6KTFP++qw3dIyWRw2OKP0F2SiIC6hRRlWVroMQmrX56/1wPJ0s/jtN+hNFd3rgODnXrC0mErbO39MxqVVlq4RBdw4aURxqsfSNSC8qiFbJcdoSGT+VQcC1FxbHRWGhh; Expires=Wed, 24 Jun 2020 20:51:36 GMT
Primary Request tuname.php
af5.club/
Redirect Chain
  • https://cdn.webtools.media/r/X2lFaw/?s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&s1=21670&q=Wondershare+SafeEraser+4.9.9.0+Crack&utm_source=7738e6446515b2ff
  • https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack
1 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack
Requested by
Host: 7wuvias.website
URL: http://7wuvias.website/mmd/?token=bbefd6b5acf8e413e211f36925e104246de346c5&q=Wondershare%20SafeEraser%204.9.9.0%20Crack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.1.202.16 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
d81c01176ce6b16cb64cee650a62195a8f4dc12901b1b542dccdeb4845b43932

Request headers

:method
GET
:authority
af5.club
:scheme
https
:path
/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://7wuvias.website/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://7wuvias.website/

Response headers

status
200
server
openresty
date
Mon, 24 Jun 2019 20:51:37 GMT
content-type
text/html
vary
Accept-Encoding
content-encoding
gzip
set-cookie
DS=TFUvISn0Oe5|XRE33|XRE33; path=/

Redirect headers

status
302
date
Mon, 24 Jun 2019 20:51:37 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d08db2f39cbd6e17d4b3f5f5863d076801561409497; expires=Tue, 23-Jun-20 20:51:37 GMT; path=/; domain=.webtools.media; HttpOnly; Secure
cache-control
must-revalidate, no-cache, no-store, private
location
https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4ec194af49d8bece-FRA
tuname.php
af5.club/ 		0
506 B 		Document
General
Check archive.org
Download Go to
Full URL
https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack&vdsvdi=RUo9Yp7D%2BzFv8dVznMy92SudAHiE8%2BGHiZChBbQp2%2F2b7yR6QZWy%2FHcm1uM8TA6E&vdu78=http%3A%2F%2F7wuvias.website%2F
Requested by
Host: af5.club
URL: https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.1.202.16 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
af5.club
:scheme
https
:path
/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack&vdsvdi=RUo9Yp7D%2BzFv8dVznMy92SudAHiE8%2BGHiZChBbQp2%2F2b7yR6QZWy%2FHcm1uM8TA6E&vdu78=http%3A%2F%2F7wuvias.website%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack
accept-encoding
gzip, deflate, br
cookie
DS=TFUvISn0Oe5|XRE33|XRE33
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://af5.club/tuname.php?z=31363&d=1&lpage=f-blitz-dark&s1=21670&s2=&s3=&s4=&s5=ANg3EV2mVAAA6wACAERFNAASAMvvep0A&q=Wondershare+SafeEraser+4.9.9.0+Crack

Response headers

status
200
server
openresty
date
Mon, 24 Jun 2019 20:51:38 GMT
content-type
text/html
vary
Accept-Encoding
pragma
no-cache
cache-control
private, max-age=0, no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
set-cookie
OAGEO=DE%7C%7C%7C%7C51.2993%7C9.491%7C%7C%7CHost1Plus%7CHost1Plus%7C; path=/; domain=.af5.club OAID=e2549176c2f82c2e510cf321fe708539; expires=Tue, 23-Jun-2020 20:51:37 GMT; Max-Age=31535999; path=/; domain=.af5.club
content-encoding
gzip

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

3 Cookies

Domain/Path Name / Value
.af5.club/ Name: OAID
Value: e2549176c2f82c2e510cf321fe708539
.af5.club/ Name: OAGEO
Value: DE%7C%7C%7C%7C51.2993%7C9.491%7C%7C%7CHost1Plus%7CHost1Plus%7C
af5.club/ Name: DS
Value: TFUvISn0Oe5|XRE33|XRE33

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7wuvias.website
af5.club
cdn.webtools.media
2606:4700:30::681c:176d
37.1.202.16
78.140.165.14
d81c01176ce6b16cb64cee650a62195a8f4dc12901b1b542dccdeb4845b43932
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855