ww2.affinity.net
Open in
urlscan Pro
34.160.232.116
Public Scan
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 07 via api from AU — Scanned from AU
Summary
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on July 28th 2023. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.172.228.26 167.172.228.26 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 2 | 52.117.247.211 52.117.247.211 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 192.254.234.214 192.254.234.214 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 2 | 50.97.244.203 50.97.244.203 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 4 | 103.224.182.241 103.224.182.241 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 | 34.160.232.116 34.160.232.116 | () () | |
7 | 5 |
ASN14061 (DIGITALOCEAN-ASN, US)
wwwangelarobinsonentertainment.com |
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com | |
p374591.myckdom.com |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-234-214.unifiedlayer.com
qvikar.com |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com
nortkon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
nortkon.com
1 redirects
nortkon.com |
8 KB |
2 |
clkmg.com
1 redirects
www.clkmg.com — Cisco Umbrella Rank: 247538 |
2 KB |
2 |
myckdom.com
1 redirects
myckdom.com — Cisco Umbrella Rank: 196792 p374591.myckdom.com |
1 KB |
1 |
affinity.net
ww2.affinity.net |
6 KB |
1 |
qvikar.com
1 redirects
qvikar.com |
127 B |
1 |
wwwangelarobinsonentertainment.com
1 redirects
wwwangelarobinsonentertainment.com |
2 KB |
7 | 6 |
Domain | Requested by | |
---|---|---|
4 | nortkon.com |
1 redirects
nortkon.com
|
2 | www.clkmg.com |
1 redirects
p374591.myckdom.com
|
1 | ww2.affinity.net |
nortkon.com
|
1 | qvikar.com | 1 redirects |
1 | p374591.myckdom.com | |
1 | myckdom.com | 1 redirects |
1 | wwwangelarobinsonentertainment.com | 1 redirects |
7 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
*.clkmg.com AlphaSSL CA - SHA256 - G4 |
2023-02-23 - 2024-03-26 |
a year | crt.sh |
imgrsu.com R3 |
2023-07-20 - 2023-10-18 |
3 months | crt.sh |
*.affinity.net GlobalSign GCC R3 DV TLS CA 2020 |
2023-07-28 - 2024-08-28 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://ww2.affinity.net/fly1?sid=219617&sa=121&p=1&s=62169&qt=1694073527&q=&rf=https%3A%2F%2Fnortkon.com%2F&enc=&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=838cbec223cc13d2&qxsi=25b4ce2d796e9e7b&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=2fff611994f51ba7&tm=1694073531.245&etm=1694073531.257&ls=0&lbc=0&lac=0&cskey=lwz39&ipspm=&no_capp=2
Frame ID: F041C8039321BBDCA616C3C4D0DDA58D
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://wwwangelarobinsonentertainment.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR_... HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZz... Page URL
-
https://qvikar.com/1j0a2y/organising/447767390
HTTP 302
https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/ HTTP 302
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803 Page URL
-
http://nortkon.com/
HTTP 302
https://nortkon.com/ Page URL
- https://nortkon.com/jr.php?gz=s06mn8i9FEJ6LLoAAe6Ge349fnAvaEZCQnAxY29wdnc4SEpFM1M4N3NLR21wSk91K2... Page URL
- https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
SWFObject (Miscellaneous) Expand
Detected patterns
- swfobject.*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wwwangelarobinsonentertainment.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwx6S8ey2BP3JbjkdfjhwODlnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkog5XvEte-mPz7BKwqnWqSSSO0bKfxTwegNQxlMAhN3NjXavx56rOPPfUl-ojM_NUKjm5Az-0M7FF9IpzwzYsgOyOogZh5UgdDGqoMJ9YwVZAjRz7l2eaRgmGyLXH9IYepeGE28uloK9AfFXDC1wgpYt2sXp_EITmb9C0bTi4_ElpXXE1GAAA49_PdSvOZnYEE517tmFSYqviiMBrmkeYMg2-Dc06KKsT_uYFmuPSeWV6pHdFZ5a8-DyQzWnj45zx-yfuVx_maOCeVEOj9_11oC7lg_WM__4Ymt_Z67Z5Osa1IHTVWfj4adsiHP06JFLbBxBCh6c_WJCbpXoJerYlBQnmJVkG5MOTOEH8CMNhaXTs5qkzmEC3FZDrj5RSPXSzKHFV85Gbbh8ZV7WGRJI7eVDAXNzF4LU4dV-7km4gPfecmsevx50TsatQjHqIcTmTOE9hxo3jZ6IjUBO1Hc1D9dOge8QpbBR8-xHmuMN-NdGBQCsztKeUyiZFcNJgEHx6oC6VilczCWvk45UZh-Ibpx556onykXwiGqtw4oWbynxmqE2zJn57j_JBNdbIlZjPx9MsxKtpf18ndwcvNHsvuycPea6rMChmh2koCMxvsG7kQgOkU3kNoiH6vLiWP6-9DhXC-TrAiWBWheqw9pbCSFIg40rpWgZyS-wc78YKPo-j7wGayQ7PI4boh1eTfx-Ja_dP1dDsvjFVjaOndNi1jSakDwvXbBCYdtRKw8R8dsWZ1xa9UOg4zh6B8ZkiO6mUHUkN9Eq35rYQRDjY4gK2bAqxXFZdZqj3MfKSHEiCEzf6X_NifkSI9rafZWd6HQi5eNvy-9VMysj1iAzJVaxjnDcb3fAfESiP5RN5EzyvvnLZYktjs6C-kTTcPz253qB-fN9otHjPDfJ2bRBx8S7TmJac0OZIfpARw68Z_3m_2_rOn6YibN0lFSvubak7-i9hcxO075bbQZ1hfuGfWZIKi6ZpWLAvo0_94Ek0xnVdeAhYONmT0DtDXrLTkHwXI78oxL3HTLl4gBT06KzrX_0AoXLt8k9-mum5-SrMsOVSOrFIOOZyio5fuo8KYaZ6QF2tZZcmEQk_JQRSClWuvYggwsjdzBQv4KuZqXB2A9TR0kDeBupsVIo-1tNkvSdWWO4ODf5tpfskyrOtHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9G8Jwrt73HDElHaauiSvts47WwBM7LF7_a0TnhrZ4exqYJDZ-20DWCKkySsVYhBWc35I0LCMUC8eGlv-9QrW5wtgDtnRTRxZ8sVMwzpmvXbrkH3AH_7T7L3mA7sTnX8xN9LyB8BuKjOemAV4YjtGAJ7pM7AF9TMV78Yz1ta8f55foO6NkuSlqVSIEWnLUKYCuFPFKU5oZXrtUu62b-peDworJPwdsJ5eppniH6swZXN5IixFEjyyYZtFKF5YCrspLjGab4vZVG5S2B1zExML_vtXqRBoVyhkrRBQovLlKpfki6YHXsrG5S6BjGGTTYbpz1lkOwc8ZGab-AksBY8PbGItk0516W5w4lGPp9s-ddkcshl3DI9c5Br7c2pigj6HeAY2GQZfRbVYTmMMKiT1gysCU9o8RAmtRuCQ2fttA1gipMkrFWIQVnN-SNCwjFAvHgZ4NgUOjw7fNYDgeAHHCIBVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYnmh6y2RNxf5w HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
-
https://qvikar.com/1j0a2y/organising/447767390
HTTP 302
https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/ HTTP 302
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803 Page URL
-
http://nortkon.com/
HTTP 302
https://nortkon.com/ Page URL
- https://nortkon.com/jr.php?gz=s06mn8i9FEJ6LLoAAe6Ge349fnAvaEZCQnAxY29wdnc4SEpFM1M4N3NLR21wSk91K2hHU2g3Q2srM3UxWFVDa0d3dzRHbU10MzBVWitZQVREU0ZQUnhkY0pVcXoxVW1heThRTGsvMWdKdWswV0ViMWRXZEpGYnhXMTkwU3Q2Nzk5SWJtZXk0WU9pemdVckhsMmxWVTNxRnhVOGhBNkcwTk1TWmdlc21oZTlGNE5ibEcvbk5haHY1YWw2eHVCSDVObmZpaEJ0aHNkUkFHZTIrMGxkeVFKSi95V1hQSEV0eDBSNmhETFFuWW9Xc0k3bkFEMm0vdGJwRkg1NkhRV2MzMnVUOFNGci9kMnovRDBBM2JpaFpKKzV3NjhvNXVIeXp2MUZCTU5TSWR6TUhIRU5zL0k2R3VGdWR3dHNJcmZJd0NOS0F2VzNTam9YL0xLa2ppZVhQY1MrMTVxd3dUK0hzZEpCbGhVNFFHV01qVHVOa3c5RUNpV0dBUGZRNzA0OTNMeHM4QjRzcTdtUFBkbFZ4WC9ET1JqZklDUkZFTk5wT1VUQ3g4b0gzRzdkYTd0RDJlejdTbzZROEcwNTdkSUFRQVRhNDcvZGdpQ243cTJkOHZ1TmxIMHh4cVVTTDJPamZneStoUmsyc2JvcENORzNvbkt5RXRSdzVZaWNBRTdCcU50TDV0ayt4MVp6Z1ZNZUtnclpqNmlqTmR1Q2hBVGtBd2k4ckorNmZhNTlUMHc1cHFxcC9maEw1RU5jME9pUm05M0RGcFY2NVJCaUpWZlZQU2RUV2QyWE9tTW9vZTM0eXc2Vy8zbnJORDc5dmlpUS9qL0pIdGJTTnRxY1pyMlIrZEtnQ0R5U0graERWU3VneXhYcUZ6VWpWSThYRW8weC9DRERSZWJaeURnU0gzUWFYV2hRbkJJbFl3UmtnZWMwSXdITkJ2b0pqM2JkZzdPcjdMakdac3hndXp6QkNzT3BVeDVhZmNDckJrZHZzcUpyV2s1eVlBSWk1M1A2ZnhKYUlmWXN5ZjIrd1dOa25JUW9KZVJDaFBhYkJ0ZEk2YzlCcVpwOVQwQ1RMcUxLOUI5U01PMFR1U0VyMGVlZ2hVS2U4S0ZvVTFpZSszVVk2dUJYOFM4UTdrK1NXQzhac1FmaHZTUFNNWWNxZjJySmpncjdDSVVvdlkzUTBKcDI5elRjPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= Page URL
- https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://wwwangelarobinsonentertainment.com/ HTTP 302
- https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwx6S8ey2BP3JbjkdfjhwODlnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkog5XvEte-mPz7BKwqnWqSSSO0bKfxTwegNQxlMAhN3NjXavx56rOPPfUl-ojM_NUKjm5Az-0M7FF9IpzwzYsgOyOogZh5UgdDGqoMJ9YwVZAjRz7l2eaRgmGyLXH9IYepeGE28uloK9AfFXDC1wgpYt2sXp_EITmb9C0bTi4_ElpXXE1GAAA49_PdSvOZnYEE517tmFSYqviiMBrmkeYMg2-Dc06KKsT_uYFmuPSeWV6pHdFZ5a8-DyQzWnj45zx-yfuVx_maOCeVEOj9_11oC7lg_WM__4Ymt_Z67Z5Osa1IHTVWfj4adsiHP06JFLbBxBCh6c_WJCbpXoJerYlBQnmJVkG5MOTOEH8CMNhaXTs5qkzmEC3FZDrj5RSPXSzKHFV85Gbbh8ZV7WGRJI7eVDAXNzF4LU4dV-7km4gPfecmsevx50TsatQjHqIcTmTOE9hxo3jZ6IjUBO1Hc1D9dOge8QpbBR8-xHmuMN-NdGBQCsztKeUyiZFcNJgEHx6oC6VilczCWvk45UZh-Ibpx556onykXwiGqtw4oWbynxmqE2zJn57j_JBNdbIlZjPx9MsxKtpf18ndwcvNHsvuycPea6rMChmh2koCMxvsG7kQgOkU3kNoiH6vLiWP6-9DhXC-TrAiWBWheqw9pbCSFIg40rpWgZyS-wc78YKPo-j7wGayQ7PI4boh1eTfx-Ja_dP1dDsvjFVjaOndNi1jSakDwvXbBCYdtRKw8R8dsWZ1xa9UOg4zh6B8ZkiO6mUHUkN9Eq35rYQRDjY4gK2bAqxXFZdZqj3MfKSHEiCEzf6X_NifkSI9rafZWd6HQi5eNvy-9VMysj1iAzJVaxjnDcb3fAfESiP5RN5EzyvvnLZYktjs6C-kTTcPz253qB-fN9otHjPDfJ2bRBx8S7TmJac0OZIfpARw68Z_3m_2_rOn6YibN0lFSvubak7-i9hcxO075bbQZ1hfuGfWZIKi6ZpWLAvo0_94Ek0xnVdeAhYONmT0DtDXrLTkHwXI78oxL3HTLl4gBT06KzrX_0AoXLt8k9-mum5-SrMsOVSOrFIOOZyio5fuo8KYaZ6QF2tZZcmEQk_JQRSClWuvYggwsjdzBQv4KuZqXB2A9TR0kDeBupsVIo-1tNkvSdWWO4ODf5tpfskyrOtHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9G8Jwrt73HDElHaauiSvts47WwBM7LF7_a0TnhrZ4exqYJDZ-20DWCKkySsVYhBWc35I0LCMUC8eGlv-9QrW5wtgDtnRTRxZ8sVMwzpmvXbrkH3AH_7T7L3mA7sTnX8xN9LyB8BuKjOemAV4YjtGAJ7pM7AF9TMV78Yz1ta8f55foO6NkuSlqVSIEWnLUKYCuFPFKU5oZXrtUu62b-peDworJPwdsJ5eppniH6swZXN5IixFEjyyYZtFKF5YCrspLjGab4vZVG5S2B1zExML_vtXqRBoVyhkrRBQovLlKpfki6YHXsrG5S6BjGGTTYbpz1lkOwc8ZGab-AksBY8PbGItk0516W5w4lGPp9s-ddkcshl3DI9c5Br7c2pigj6HeAY2GQZfRbVYTmMMKiT1gysCU9o8RAmtRuCQ2fttA1gipMkrFWIQVnN-SNCwjFAvHgZ4NgUOjw7fNYDgeAHHCIBVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYnmh6y2RNxf5w HTTP 302
- https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
- https://qvikar.com/1j0a2y/organising/447767390 HTTP 302
- https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/ HTTP 302
- https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803
- http://nortkon.com/ HTTP 302
- https://nortkon.com/
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
domainClick
p374591.myckdom.com/adServe/ Redirect Chain
|
242 B 574 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redir.cgi
www.clkmg.com/ Redirect Chain
|
110 B 804 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
nortkon.com/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
swfobject.js
nortkon.com/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jr.php
nortkon.com/ |
405 B 472 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
fly
ww2.affinity.net/ |
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fly1
ww2.affinity.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- ww2.affinity.net
- URL
- https://ww2.affinity.net/fly1?sid=219617&sa=121&p=1&s=62169&qt=1694073527&q=&rf=https%3A%2F%2Fnortkon.com%2F&enc=&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=838cbec223cc13d2&qxsi=25b4ce2d796e9e7b&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=2fff611994f51ba7&tm=1694073531.245&etm=1694073531.257&ls=0&lbc=0&lac=0&cskey=lwz39&ipspm=&no_capp=2
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.myckdom.com/ | Name: rhid Value: 83612312610 |
|
.myckdom.com/ | Name: loi Value: ad_1114653_off_560384_aff_11454_cid_374591-WWWANGELAROBINSONENTERTAINMENT.COM_ts_1694073522 |
|
.clkmg.com/ | Name: lids Value: 1220924-139738+ |
|
.clkmg.com/ | Name: vid Value: 891196348 |
|
nortkon.com/ | Name: __tad Value: 1694073526.7603042 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
myckdom.com
nortkon.com
p374591.myckdom.com
qvikar.com
ww2.affinity.net
www.clkmg.com
wwwangelarobinsonentertainment.com
ww2.affinity.net
103.224.182.241
167.172.228.26
192.254.234.214
34.160.232.116
50.97.244.203
52.117.247.211
487954a50baedc966343dd9bd1c4e3722b7839bd671f5e734c2e3650384dca8a
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed