urlscan.io logo urlscan.io
SecurityTrails logo

ww2.affinity.net Open in urlscan Pro
34.160.232.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://huly.com/
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg=
Submission: On February 28 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 34.160.232.116, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is ww2.affinity.net. The Cisco Umbrella rank of the primary domain is 220126.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on July 28th 2023. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 134.119.176.25 29066 (VELIANET-...)
1 2 192.99.158.241 16276 (OVH)
1 2 34.160.232.116 396982 (GOOGLE-CL...)
1 34.107.240.3 396982 (GOOGLE-CL...)
3 3
Apex Domain
Subdomains		 Transfer
2 affinity.net
ww2.affinity.net — Cisco Umbrella Rank: 220126
6 KB
2 rtbtrail.com
rtbtrail.com
6 KB
1 kmtrak.com
www.kmtrak.com — Cisco Umbrella Rank: 112589
1 huly.com
huly.com
402 B
3 4
Domain Requested by
2 ww2.affinity.net 1 redirects
2 rtbtrail.com 1 redirects
1 www.kmtrak.com
1 huly.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
*.affinity.net
GlobalSign GCC R3 DV TLS CA 2020		 2023-07-28 -
2024-08-28		 a year crt.sh
kmtrak.com
Starfield Secure Certificate Authority - G2		 2023-06-02 -
2024-07-03		 a year crt.sh

This page contains 1 frames:

Frame: https://www.kmtrak.com/28KL61/2Z12P6B/?uid=21&sub1=ff61db4b6199d97fa4ce87986624d3c8
Frame ID: A49FAE0F4A26C2D0472310776EDE23E7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

http://

Page URL History Show full URLs

  1. https://huly.com/ HTTP 302
    http://rtbtrail.com/click?data=VmRMOVVGMXlkMVBYakVJRjdfU3hUY0NBbEdPSVFianJhQVMwQVl6WDd1NWFNdWlaN... Page URL
  2. http://rtbtrail.com/Redirect/ HTTP 302
    https://ww2.affinity.net/fly?no_capp=2&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg= Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

12 kB
Transfer

11 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://huly.com/ HTTP 302
    http://rtbtrail.com/click?data=VmRMOVVGMXlkMVBYakVJRjdfU3hUY0NBbEdPSVFianJhQVMwQVl6WDd1NWFNdWlaNnN4VnBTMWl2dEE0cmdWTnVkZG9zVnFQT25VUFItRjdJcXpkMDJMV2Q1VlRGNjdhM3RyRmoyRnpRWWtnOW5na3VuM1FtWVBMWTZaRmNlalJadExhUzJnSHNRbmwwdlVLa1hEQm53Mg2&id=114d80b0-40f4-42e3-9c89-19a6368385eb Page URL
  2. http://rtbtrail.com/Redirect/ HTTP 302
    https://ww2.affinity.net/fly?no_capp=2&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://huly.com/ HTTP 302
  • http://rtbtrail.com/click?data=VmRMOVVGMXlkMVBYakVJRjdfU3hUY0NBbEdPSVFianJhQVMwQVl6WDd1NWFNdWlaNnN4VnBTMWl2dEE0cmdWTnVkZG9zVnFQT25VUFItRjdJcXpkMDJMV2Q1VlRGNjdhM3RyRmoyRnpRWWtnOW5na3VuM1FtWVBMWTZaRmNlalJadExhUzJnSHNRbmwwdlVLa1hEQm53Mg2&id=114d80b0-40f4-42e3-9c89-19a6368385eb
Request Chain 1
  • https://ww2.affinity.net/fly1?sid=254979&sa=123&p=1&s=84453&qt=1709151274&q=&rf=http%3A%2F%2Frtbtrail.com%2F&enc=&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=09e37a9e975ffa16&qxsi=ed46a770e6a7e72d&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=43660988f52527699442ff3fce748f7a&tm=1709151276.435&etm=1709151276.4421&ls=0&lbc=0&lac=0&cskey=mok28&ipspm=&no_capp=2 HTTP 302
  • https://www.kmtrak.com/28KL61/2Z12P6B/?uid=21&sub1=ff61db4b6199d97fa4ce87986624d3c8

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
click
rtbtrail.com/
Redirect Chain
  • https://huly.com/
  • http://rtbtrail.com/click?data=VmRMOVVGMXlkMVBYakVJRjdfU3hUY0NBbEdPSVFianJhQVMwQVl6WDd1NWFNdWlaNnN4VnBTMWl2dEE0cmdWTnVkZG9zVnFQT25VUFItRjdJcXpkMDJMV2Q1VlRGNjdhM3RyRmoyRnpRWWtnOW5na3VuM1FtWVBMWTZaRm...
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rtbtrail.com/click?data=VmRMOVVGMXlkMVBYakVJRjdfU3hUY0NBbEdPSVFianJhQVMwQVl6WDd1NWFNdWlaNnN4VnBTMWl2dEE0cmdWTnVkZG9zVnFQT25VUFItRjdJcXpkMDJMV2Q1VlRGNjdhM3RyRmoyRnpRWWtnOW5na3VuM1FtWVBMWTZaRmNlalJadExhUzJnSHNRbmwwdlVLa1hEQm53Mg2&id=114d80b0-40f4-42e3-9c89-19a6368385eb
Protocol
HTTP/1.1
Server
192.99.158.241 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip241.ip-192-99-158.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2c8f4bf4e4c1163bd0aa8e6caa645743625a0cb7f89f776187cd19f10cdea73a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
5412
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Feb 2024 20:11:26 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET

Redirect headers

cache-control
max-age=0, private, must-revalidate
content-length
11
date
Wed, 28 Feb 2024 20:14:34 GMT
location
http://rtbtrail.com/click?data=VmRMOVVGMXlkMVBYakVJRjdfU3hUY0NBbEdPSVFianJhQVMwQVl6WDd1NWFNdWlaNnN4VnBTMWl2dEE0cmdWTnVkZG9zVnFQT25VUFItRjdJcXpkMDJMV2Q1VlRGNjdhM3RyRmoyRnpRWWtnOW5na3VuM1FtWVBMWTZaRmNlalJadExhUzJnSHNRbmwwdlVLa1hEQm53Mg2&id=114d80b0-40f4-42e3-9c89-19a6368385eb
server
Cowboy
Primary Request fly
ww2.affinity.net/
Redirect Chain
  • http://rtbtrail.com/Redirect/
  • https://ww2.affinity.net/fly?no_capp=2&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg=
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww2.affinity.net/fly?no_capp=2&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.232.116 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
116.232.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c7598da408ab0c1a2b8f5fe6549e853b9f2f9f6a284fa13ba068c4391a1cda

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://rtbtrail.com
Referer
http://rtbtrail.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 20:14:36 GMT
server
nginx
via
1.1 google

Redirect headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Feb 2024 20:11:26 GMT
Location
https://ww2.affinity.net/fly?no_capp=2&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg=
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
/
www.kmtrak.com/28KL61/2Z12P6B/
Redirect Chain
  • https://ww2.affinity.net/fly1?sid=254979&sa=123&p=1&s=84453&qt=1709151274&q=&rf=http%3A%2F%2Frtbtrail.com%2F&enc=&enk=MjU0OTc5fDEyM3wxfDg0NDUzfDE3MDkxNTEyNzR8MXwxfDIwMjg%3D&xsc=&xsp=&xsm=&xuc=&xcf=...
  • https://www.kmtrak.com/28KL61/2Z12P6B/?uid=21&sub1=ff61db4b6199d97fa4ce87986624d3c8
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kmtrak.com/28KL61/2Z12P6B/?uid=21&sub1=ff61db4b6199d97fa4ce87986624d3c8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.240.3 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
3.240.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://ww2.affinity.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 Feb 2024 20:14:37 GMT
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
d01bb468-4473-4f59-8f2e-1b85af735d58

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 20:14:36 GMT
location
https://www.kmtrak.com/28KL61/2Z12P6B/?uid=21&sub1=ff61db4b6199d97fa4ce87986624d3c8
server
nginx
via
1.1 google
x-p8
8

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| hexcase string| b64pad number| chrsz function| safe_add function| bit_rol function| add_ch function| enc_data function| G function| gsc function| getCookie function| setCookie function| press function| get_screen_dimension function| get_browser_dimension function| fnch

2 Cookies

Domain/Path Name / Value
.huly.com/ Name: sid
Value: fd5eea92-d675-11ee-9c16-319a49b2d360
rtbtrail.com/ Name: TVXerTnLnQAoqnW
Value: TVXerTnLnQAoqnW

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

huly.com
rtbtrail.com
ww2.affinity.net
www.kmtrak.com
134.119.176.25
192.99.158.241
34.107.240.3
34.160.232.116
22c7598da408ab0c1a2b8f5fe6549e853b9f2f9f6a284fa13ba068c4391a1cda
2c8f4bf4e4c1163bd0aa8e6caa645743625a0cb7f89f776187cd19f10cdea73a