urlscan.io logo urlscan.io
SecurityTrails logo

ww2.affinity.net Open in urlscan Pro
34.160.232.116  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wwwangelarobinsonentertainment.com/
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 07 via api from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main IP is 34.160.232.116, located in and belongs to . The main domain is ww2.affinity.net.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on July 28th 2023. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.172.228.26 14061 (DIGITALOC...)
1 2 52.117.247.211 36351 (SOFTLAYER)
1 1 192.254.234.214 46606 (UNIFIEDLA...)
1 2 50.97.244.203 36351 (SOFTLAYER)
1 4 103.224.182.241 133618 (TRELLIAN-...)
1 34.160.232.116 ()
7 5
1    167.172.228.26 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
wwwangelarobinsonentertainment.com
2    52.117.247.211 (United States)

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com
p374591.myckdom.com
1    192.254.234.214 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-234-214.unifiedlayer.com
qvikar.com
2    50.97.244.203 (San Jose, United States)

ASN36351 (SOFTLAYER, US)
PTR: clkmg.com
www.clkmg.com
4    103.224.182.241 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com
nortkon.com
1    34.160.232.116 (None, )

ASN- ()
ww2.affinity.net
Apex Domain
Subdomains		 Transfer
4 nortkon.com
nortkon.com
8 KB
2 clkmg.com
www.clkmg.com — Cisco Umbrella Rank: 247538
2 KB
2 myckdom.com
myckdom.com — Cisco Umbrella Rank: 196792
p374591.myckdom.com
1 KB
1 affinity.net
ww2.affinity.net
6 KB
1 qvikar.com
qvikar.com
127 B
1 wwwangelarobinsonentertainment.com
wwwangelarobinsonentertainment.com
2 KB
7 6
Domain Requested by
4 nortkon.com 1 redirects nortkon.com
2 www.clkmg.com 1 redirects p374591.myckdom.com
1 ww2.affinity.net nortkon.com
1 qvikar.com 1 redirects
1 p374591.myckdom.com
1 myckdom.com 1 redirects
1 wwwangelarobinsonentertainment.com 1 redirects
7 7

This site contains no links.

Subject Issuer Validity Valid
*.myckdom.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-20 -
2024-03-20		 a year crt.sh
*.clkmg.com
AlphaSSL CA - SHA256 - G4		 2023-02-23 -
2024-03-26		 a year crt.sh
imgrsu.com
R3		 2023-07-20 -
2023-10-18		 3 months crt.sh
*.affinity.net
GlobalSign GCC R3 DV TLS CA 2020		 2023-07-28 -
2024-08-28		 a year crt.sh

This page contains 1 frames:

Frame: https://ww2.affinity.net/fly1?sid=219617&sa=121&p=1&s=62169&qt=1694073527&q=&rf=https%3A%2F%2Fnortkon.com%2F&enc=&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=838cbec223cc13d2&qxsi=25b4ce2d796e9e7b&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=2fff611994f51ba7&tm=1694073531.245&etm=1694073531.257&ls=0&lbc=0&lac=0&cskey=lwz39&ipspm=&no_capp=2
Frame ID: F041C8039321BBDCA616C3C4D0DDA58D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://wwwangelarobinsonentertainment.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR_... HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZz... Page URL
  2. https://qvikar.com/1j0a2y/organising/447767390 HTTP 302
    https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/ HTTP 302
    https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803 Page URL
  3. http://nortkon.com/ HTTP 302
    https://nortkon.com/ Page URL
  4. https://nortkon.com/jr.php?gz=s06mn8i9FEJ6LLoAAe6Ge349fnAvaEZCQnAxY29wdnc4SEpFM1M4N3NLR21wSk91K2... Page URL
  5. https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

15 kB
Transfer

24 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wwwangelarobinsonentertainment.com/ HTTP 302
    https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwx6S8ey2BP3JbjkdfjhwODlnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkog5XvEte-mPz7BKwqnWqSSSO0bKfxTwegNQxlMAhN3NjXavx56rOPPfUl-ojM_NUKjm5Az-0M7FF9IpzwzYsgOyOogZh5UgdDGqoMJ9YwVZAjRz7l2eaRgmGyLXH9IYepeGE28uloK9AfFXDC1wgpYt2sXp_EITmb9C0bTi4_ElpXXE1GAAA49_PdSvOZnYEE517tmFSYqviiMBrmkeYMg2-Dc06KKsT_uYFmuPSeWV6pHdFZ5a8-DyQzWnj45zx-yfuVx_maOCeVEOj9_11oC7lg_WM__4Ymt_Z67Z5Osa1IHTVWfj4adsiHP06JFLbBxBCh6c_WJCbpXoJerYlBQnmJVkG5MOTOEH8CMNhaXTs5qkzmEC3FZDrj5RSPXSzKHFV85Gbbh8ZV7WGRJI7eVDAXNzF4LU4dV-7km4gPfecmsevx50TsatQjHqIcTmTOE9hxo3jZ6IjUBO1Hc1D9dOge8QpbBR8-xHmuMN-NdGBQCsztKeUyiZFcNJgEHx6oC6VilczCWvk45UZh-Ibpx556onykXwiGqtw4oWbynxmqE2zJn57j_JBNdbIlZjPx9MsxKtpf18ndwcvNHsvuycPea6rMChmh2koCMxvsG7kQgOkU3kNoiH6vLiWP6-9DhXC-TrAiWBWheqw9pbCSFIg40rpWgZyS-wc78YKPo-j7wGayQ7PI4boh1eTfx-Ja_dP1dDsvjFVjaOndNi1jSakDwvXbBCYdtRKw8R8dsWZ1xa9UOg4zh6B8ZkiO6mUHUkN9Eq35rYQRDjY4gK2bAqxXFZdZqj3MfKSHEiCEzf6X_NifkSI9rafZWd6HQi5eNvy-9VMysj1iAzJVaxjnDcb3fAfESiP5RN5EzyvvnLZYktjs6C-kTTcPz253qB-fN9otHjPDfJ2bRBx8S7TmJac0OZIfpARw68Z_3m_2_rOn6YibN0lFSvubak7-i9hcxO075bbQZ1hfuGfWZIKi6ZpWLAvo0_94Ek0xnVdeAhYONmT0DtDXrLTkHwXI78oxL3HTLl4gBT06KzrX_0AoXLt8k9-mum5-SrMsOVSOrFIOOZyio5fuo8KYaZ6QF2tZZcmEQk_JQRSClWuvYggwsjdzBQv4KuZqXB2A9TR0kDeBupsVIo-1tNkvSdWWO4ODf5tpfskyrOtHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9G8Jwrt73HDElHaauiSvts47WwBM7LF7_a0TnhrZ4exqYJDZ-20DWCKkySsVYhBWc35I0LCMUC8eGlv-9QrW5wtgDtnRTRxZ8sVMwzpmvXbrkH3AH_7T7L3mA7sTnX8xN9LyB8BuKjOemAV4YjtGAJ7pM7AF9TMV78Yz1ta8f55foO6NkuSlqVSIEWnLUKYCuFPFKU5oZXrtUu62b-peDworJPwdsJ5eppniH6swZXN5IixFEjyyYZtFKF5YCrspLjGab4vZVG5S2B1zExML_vtXqRBoVyhkrRBQovLlKpfki6YHXsrG5S6BjGGTTYbpz1lkOwc8ZGab-AksBY8PbGItk0516W5w4lGPp9s-ddkcshl3DI9c5Br7c2pigj6HeAY2GQZfRbVYTmMMKiT1gysCU9o8RAmtRuCQ2fttA1gipMkrFWIQVnN-SNCwjFAvHgZ4NgUOjw7fNYDgeAHHCIBVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYnmh6y2RNxf5w HTTP 302
    https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0 Page URL
  2. https://qvikar.com/1j0a2y/organising/447767390 HTTP 302
    https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/ HTTP 302
    https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803 Page URL
  3. http://nortkon.com/ HTTP 302
    https://nortkon.com/ Page URL
  4. https://nortkon.com/jr.php?gz=s06mn8i9FEJ6LLoAAe6Ge349fnAvaEZCQnAxY29wdnc4SEpFM1M4N3NLR21wSk91K2hHU2g3Q2srM3UxWFVDa0d3dzRHbU10MzBVWitZQVREU0ZQUnhkY0pVcXoxVW1heThRTGsvMWdKdWswV0ViMWRXZEpGYnhXMTkwU3Q2Nzk5SWJtZXk0WU9pemdVckhsMmxWVTNxRnhVOGhBNkcwTk1TWmdlc21oZTlGNE5ibEcvbk5haHY1YWw2eHVCSDVObmZpaEJ0aHNkUkFHZTIrMGxkeVFKSi95V1hQSEV0eDBSNmhETFFuWW9Xc0k3bkFEMm0vdGJwRkg1NkhRV2MzMnVUOFNGci9kMnovRDBBM2JpaFpKKzV3NjhvNXVIeXp2MUZCTU5TSWR6TUhIRU5zL0k2R3VGdWR3dHNJcmZJd0NOS0F2VzNTam9YL0xLa2ppZVhQY1MrMTVxd3dUK0hzZEpCbGhVNFFHV01qVHVOa3c5RUNpV0dBUGZRNzA0OTNMeHM4QjRzcTdtUFBkbFZ4WC9ET1JqZklDUkZFTk5wT1VUQ3g4b0gzRzdkYTd0RDJlejdTbzZROEcwNTdkSUFRQVRhNDcvZGdpQ243cTJkOHZ1TmxIMHh4cVVTTDJPamZneStoUmsyc2JvcENORzNvbkt5RXRSdzVZaWNBRTdCcU50TDV0ayt4MVp6Z1ZNZUtnclpqNmlqTmR1Q2hBVGtBd2k4ckorNmZhNTlUMHc1cHFxcC9maEw1RU5jME9pUm05M0RGcFY2NVJCaUpWZlZQU2RUV2QyWE9tTW9vZTM0eXc2Vy8zbnJORDc5dmlpUS9qL0pIdGJTTnRxY1pyMlIrZEtnQ0R5U0graERWU3VneXhYcUZ6VWpWSThYRW8weC9DRERSZWJaeURnU0gzUWFYV2hRbkJJbFl3UmtnZWMwSXdITkJ2b0pqM2JkZzdPcjdMakdac3hndXp6QkNzT3BVeDVhZmNDckJrZHZzcUpyV2s1eVlBSWk1M1A2ZnhKYUlmWXN5ZjIrd1dOa25JUW9KZVJDaFBhYkJ0ZEk2YzlCcVpwOVQwQ1RMcUxLOUI5U01PMFR1U0VyMGVlZ2hVS2U4S0ZvVTFpZSszVVk2dUJYOFM4UTdrK1NXQzhac1FmaHZTUFNNWWNxZjJySmpncjdDSVVvdlkzUTBKcDI5elRjPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= Page URL
  5. https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://wwwangelarobinsonentertainment.com/ HTTP 302
  • https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwx6S8ey2BP3JbjkdfjhwODlnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkog5XvEte-mPz7BKwqnWqSSSO0bKfxTwegNQxlMAhN3NjXavx56rOPPfUl-ojM_NUKjm5Az-0M7FF9IpzwzYsgOyOogZh5UgdDGqoMJ9YwVZAjRz7l2eaRgmGyLXH9IYepeGE28uloK9AfFXDC1wgpYt2sXp_EITmb9C0bTi4_ElpXXE1GAAA49_PdSvOZnYEE517tmFSYqviiMBrmkeYMg2-Dc06KKsT_uYFmuPSeWV6pHdFZ5a8-DyQzWnj45zx-yfuVx_maOCeVEOj9_11oC7lg_WM__4Ymt_Z67Z5Osa1IHTVWfj4adsiHP06JFLbBxBCh6c_WJCbpXoJerYlBQnmJVkG5MOTOEH8CMNhaXTs5qkzmEC3FZDrj5RSPXSzKHFV85Gbbh8ZV7WGRJI7eVDAXNzF4LU4dV-7km4gPfecmsevx50TsatQjHqIcTmTOE9hxo3jZ6IjUBO1Hc1D9dOge8QpbBR8-xHmuMN-NdGBQCsztKeUyiZFcNJgEHx6oC6VilczCWvk45UZh-Ibpx556onykXwiGqtw4oWbynxmqE2zJn57j_JBNdbIlZjPx9MsxKtpf18ndwcvNHsvuycPea6rMChmh2koCMxvsG7kQgOkU3kNoiH6vLiWP6-9DhXC-TrAiWBWheqw9pbCSFIg40rpWgZyS-wc78YKPo-j7wGayQ7PI4boh1eTfx-Ja_dP1dDsvjFVjaOndNi1jSakDwvXbBCYdtRKw8R8dsWZ1xa9UOg4zh6B8ZkiO6mUHUkN9Eq35rYQRDjY4gK2bAqxXFZdZqj3MfKSHEiCEzf6X_NifkSI9rafZWd6HQi5eNvy-9VMysj1iAzJVaxjnDcb3fAfESiP5RN5EzyvvnLZYktjs6C-kTTcPz253qB-fN9otHjPDfJ2bRBx8S7TmJac0OZIfpARw68Z_3m_2_rOn6YibN0lFSvubak7-i9hcxO075bbQZ1hfuGfWZIKi6ZpWLAvo0_94Ek0xnVdeAhYONmT0DtDXrLTkHwXI78oxL3HTLl4gBT06KzrX_0AoXLt8k9-mum5-SrMsOVSOrFIOOZyio5fuo8KYaZ6QF2tZZcmEQk_JQRSClWuvYggwsjdzBQv4KuZqXB2A9TR0kDeBupsVIo-1tNkvSdWWO4ODf5tpfskyrOtHQJpsyxV7m4MRXfqc9uZLa4fRBFckWAOikJqB5W6FAL90j4MI3tBeZISyGMJqezdY4GXqWgil0a5iKz9pTYVV3NUyS2OY4LGBq4r66DLXDHKpzb4RnYcMWoUrD5b5-r7l2lDkdfbcBI3p5qNoq8FWUywVSpu9I9G8Jwrt73HDElHaauiSvts47WwBM7LF7_a0TnhrZ4exqYJDZ-20DWCKkySsVYhBWc35I0LCMUC8eGlv-9QrW5wtgDtnRTRxZ8sVMwzpmvXbrkH3AH_7T7L3mA7sTnX8xN9LyB8BuKjOemAV4YjtGAJ7pM7AF9TMV78Yz1ta8f55foO6NkuSlqVSIEWnLUKYCuFPFKU5oZXrtUu62b-peDworJPwdsJ5eppniH6swZXN5IixFEjyyYZtFKF5YCrspLjGab4vZVG5S2B1zExML_vtXqRBoVyhkrRBQovLlKpfki6YHXsrG5S6BjGGTTYbpz1lkOwc8ZGab-AksBY8PbGItk0516W5w4lGPp9s-ddkcshl3DI9c5Br7c2pigj6HeAY2GQZfRbVYTmMMKiT1gysCU9o8RAmtRuCQ2fttA1gipMkrFWIQVnN-SNCwjFAvHgZ4NgUOjw7fNYDgeAHHCIBVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYnmh6y2RNxf5w HTTP 302
  • https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Request Chain 1
  • https://qvikar.com/1j0a2y/organising/447767390 HTTP 302
  • https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/ HTTP 302
  • https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803
Request Chain 2
  • http://nortkon.com/ HTTP 302
  • https://nortkon.com/

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
domainClick
p374591.myckdom.com/adServe/
Redirect Chain
  • http://wwwangelarobinsonentertainment.com/
  • https://myckdom.com/aS/feedclick?s=GNfd6TjxHvSzemX4SAwdT63dDnCBF-q598DCNMo1BwQVs6kjzSCP84LUfaDR__NeVVH-ImtJpPaG_Nh80WMmwqfTqqBykvhwx6S8ey2BP3JbjkdfjhwODlnLXpC25qhjphn_x0BlwTgwt6QWV9axOl8GNGGraCkog5...
  • https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f...
242 B
574 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.117.247.211 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
d3.f7.7534.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Sep 2023 07:58:42 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
0
date
Thu, 07 Sep 2023 07:58:41 GMT
location
https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
server
nginx
redir.cgi
www.clkmg.com/
Redirect Chain
  • https://qvikar.com/1j0a2y/organising/447767390
  • https://www.clkmg.com/qvikar/1j0a2y/organising/447767390/
  • https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803
110 B
804 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803
Requested by
Host: p374591.myckdom.com
URL: https://p374591.myckdom.com/adServe/domainClick?ai=tMxzWfm12LrB73mbsvChCwlPaPEQJrUbgkNn7bQNYIqTJKxViEFZzfkjQsIxQLx4juh9TQsbaB2ROJ7emmAVZSOIiYZshOomdnuKr7_Z-yCsHgEAuXMUeKJWkFFJwO7cMIYA21vZ0lB_RVmZ8f3ls8A-89-yr00UngTvAjl_431GFfe97CrB9hk099zmfPBL2tkBYhyYtHP7axoVtCJAS_f9NOsk8UK_Xov4tDrOBvQ3cwUL-CrmalwdgPU0dJA3gbqbFSKPtbTZL0nVljuDg3-baX7JMqzrz0sLPkTxyIdPYv00XJVcXnnHt54gvGwkvuSacM8S23tsztNH4DqjYuxOqp5eedHgqCE1VuBFfvYN89eccVcfyG6P65uuBhGPq0GqzgwerNU3ZpGUKqgW1KgRNR9qDRmMVZRzKjvJU4xOJZJAn99dQRmeTnjsEfBTYQGU5tqjsYl_qCYvh_QGQ9TNMaHBRCxkdpXYbmLx46WSw0c_BVqlIbemXBsUGDaFofB33BW-m9pDG-A6O8vm_g3tKy_heZIpllemAWTaPnh7ytE4oS_3pJL4KnOOYIJFKRuNOcPQlyhauS4SJm9wQoLrtg_raixpUqyH51yNysR_tfxqo0oMwEgJRDHxEdL9IBX08ji0YsE&ui=GNfd6TjxHvSzemX4SAwdT1Y37AsT2Aew6S7gT6OG4UNtEbyc95ips7UjUGSiEWY82rowSAi3XaGNNYFCw1UVwR9e8dhdlens8feDxnGXnQnNyPFVp6ODog&si=1&oref=360f6c9577b3c3590b3c8bcccde20d7c&optunit=TxSlOaGV67VLutm_qXg8KKyT8HbCeXqaZ4h-rMGVzeTbEItyw-irrg&rb=zzZNkeLFNVk&rr=1&isco=t&abtg=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
50.97.244.203 San Jose, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
clkmg.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://p374591.myckdom.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Sep 2023 07:58:45 GMT
P3P
CP="This is not a P3P policy! See http://www.clkmg.com for more info."
Server
nginx
Transfer-Encoding
chunked
X-CM-FE
httpfe-02.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
undefined-origin
Access-Control-Max-Age
300
Connection
keep-alive
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 07 Sep 2023 07:58:44 GMT
Location
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803
P3P
CP="This is not a P3P policy! See https://www.clkmg.com for more info."
Server
nginx
X-CM-FE
httpfe-02.clickmagick.com
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-XSS-Protection
1; mode=block
/
nortkon.com/
Redirect Chain
  • http://nortkon.com/
  • https://nortkon.com/
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nortkon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-241.above.com
Software
Apache /
Resource Hash
487954a50baedc966343dd9bd1c4e3722b7839bd671f5e734c2e3650384dca8a

Request headers

Referer
https://www.clkmg.com/redir.cgi?url=http%3a%2f%2fnortkon.com&pixel=0&lidc=1496852803
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
3357
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 07:58:47 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 07:58:46 GMT
location
https://nortkon.com/
server
Apache
swfobject.js
nortkon.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nortkon.com/js/swfobject.js
Requested by
Host: nortkon.com
URL: https://nortkon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-241.above.com
Software
Apache /
Resource Hash
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://nortkon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 07 Sep 2023 07:58:49 GMT
content-encoding
gzip
last-modified
Fri, 05 Aug 2022 04:46:37 GMT
server
Apache
etag
"27ef-5e57726b7c540-gzip"
vary
Accept-Encoding
content-type
application/javascript
connection
close
accept-ranges
bytes
content-length
3949
jr.php
nortkon.com/ 		405 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nortkon.com/jr.php?gz=s06mn8i9FEJ6LLoAAe6Ge349fnAvaEZCQnAxY29wdnc4SEpFM1M4N3NLR21wSk91K2hHU2g3Q2srM3UxWFVDa0d3dzRHbU10MzBVWitZQVREU0ZQUnhkY0pVcXoxVW1heThRTGsvMWdKdWswV0ViMWRXZEpGYnhXMTkwU3Q2Nzk5SWJtZXk0WU9pemdVckhsMmxWVTNxRnhVOGhBNkcwTk1TWmdlc21oZTlGNE5ibEcvbk5haHY1YWw2eHVCSDVObmZpaEJ0aHNkUkFHZTIrMGxkeVFKSi95V1hQSEV0eDBSNmhETFFuWW9Xc0k3bkFEMm0vdGJwRkg1NkhRV2MzMnVUOFNGci9kMnovRDBBM2JpaFpKKzV3NjhvNXVIeXp2MUZCTU5TSWR6TUhIRU5zL0k2R3VGdWR3dHNJcmZJd0NOS0F2VzNTam9YL0xLa2ppZVhQY1MrMTVxd3dUK0hzZEpCbGhVNFFHV01qVHVOa3c5RUNpV0dBUGZRNzA0OTNMeHM4QjRzcTdtUFBkbFZ4WC9ET1JqZklDUkZFTk5wT1VUQ3g4b0gzRzdkYTd0RDJlejdTbzZROEcwNTdkSUFRQVRhNDcvZGdpQ243cTJkOHZ1TmxIMHh4cVVTTDJPamZneStoUmsyc2JvcENORzNvbkt5RXRSdzVZaWNBRTdCcU50TDV0ayt4MVp6Z1ZNZUtnclpqNmlqTmR1Q2hBVGtBd2k4ckorNmZhNTlUMHc1cHFxcC9maEw1RU5jME9pUm05M0RGcFY2NVJCaUpWZlZQU2RUV2QyWE9tTW9vZTM0eXc2Vy8zbnJORDc5dmlpUS9qL0pIdGJTTnRxY1pyMlIrZEtnQ0R5U0graERWU3VneXhYcUZ6VWpWSThYRW8weC9DRERSZWJaeURnU0gzUWFYV2hRbkJJbFl3UmtnZWMwSXdITkJ2b0pqM2JkZzdPcjdMakdac3hndXp6QkNzT3BVeDVhZmNDckJrZHZzcUpyV2s1eVlBSWk1M1A2ZnhKYUlmWXN5ZjIrd1dOa25JUW9KZVJDaFBhYkJ0ZEk2YzlCcVpwOVQwQ1RMcUxLOUI5U01PMFR1U0VyMGVlZ2hVS2U4S0ZvVTFpZSszVVk2dUJYOFM4UTdrK1NXQzhac1FmaHZTUFNNWWNxZjJySmpncjdDSVVvdlkzUTBKcDI5elRjPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res=
Requested by
Host: nortkon.com
URL: https://nortkon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-182-241.above.com
Software
Apache /
Resource Hash

Request headers

Referer
https://nortkon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
259
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 07:58:50 GMT
server
Apache
vary
Accept-Encoding
x-jr-code
s
Primary Request fly
ww2.affinity.net/ 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww2.affinity.net/fly?no_capp=2&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4
Requested by
Host: nortkon.com
URL: https://nortkon.com/jr.php?gz=s06mn8i9FEJ6LLoAAe6Ge349fnAvaEZCQnAxY29wdnc4SEpFM1M4N3NLR21wSk91K2hHU2g3Q2srM3UxWFVDa0d3dzRHbU10MzBVWitZQVREU0ZQUnhkY0pVcXoxVW1heThRTGsvMWdKdWswV0ViMWRXZEpGYnhXMTkwU3Q2Nzk5SWJtZXk0WU9pemdVckhsMmxWVTNxRnhVOGhBNkcwTk1TWmdlc21oZTlGNE5ibEcvbk5haHY1YWw2eHVCSDVObmZpaEJ0aHNkUkFHZTIrMGxkeVFKSi95V1hQSEV0eDBSNmhETFFuWW9Xc0k3bkFEMm0vdGJwRkg1NkhRV2MzMnVUOFNGci9kMnovRDBBM2JpaFpKKzV3NjhvNXVIeXp2MUZCTU5TSWR6TUhIRU5zL0k2R3VGdWR3dHNJcmZJd0NOS0F2VzNTam9YL0xLa2ppZVhQY1MrMTVxd3dUK0hzZEpCbGhVNFFHV01qVHVOa3c5RUNpV0dBUGZRNzA0OTNMeHM4QjRzcTdtUFBkbFZ4WC9ET1JqZklDUkZFTk5wT1VUQ3g4b0gzRzdkYTd0RDJlejdTbzZROEcwNTdkSUFRQVRhNDcvZGdpQ243cTJkOHZ1TmxIMHh4cVVTTDJPamZneStoUmsyc2JvcENORzNvbkt5RXRSdzVZaWNBRTdCcU50TDV0ayt4MVp6Z1ZNZUtnclpqNmlqTmR1Q2hBVGtBd2k4ckorNmZhNTlUMHc1cHFxcC9maEw1RU5jME9pUm05M0RGcFY2NVJCaUpWZlZQU2RUV2QyWE9tTW9vZTM0eXc2Vy8zbnJORDc5dmlpUS9qL0pIdGJTTnRxY1pyMlIrZEtnQ0R5U0graERWU3VneXhYcUZ6VWpWSThYRW8weC9DRERSZWJaeURnU0gzUWFYV2hRbkJJbFl3UmtnZWMwSXdITkJ2b0pqM2JkZzdPcjdMakdac3hndXp6QkNzT3BVeDVhZmNDckJrZHZzcUpyV2s1eVlBSWk1M1A2ZnhKYUlmWXN5ZjIrd1dOa25JUW9KZVJDaFBhYkJ0ZEk2YzlCcVpwOVQwQ1RMcUxLOUI5U01PMFR1U0VyMGVlZ2hVS2U4S0ZvVTFpZSszVVk2dUJYOFM4UTdrK1NXQzhac1FmaHZTUFNNWWNxZjJySmpncjdDSVVvdlkzUTBKcDI5elRjPQ%3D%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.232.116 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://nortkon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
date
Thu, 07 Sep 2023 07:58:51 GMT
server
nginx
via
1.1 google
fly1
ww2.affinity.net/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ww2.affinity.net
URL
https://ww2.affinity.net/fly1?sid=219617&sa=121&p=1&s=62169&qt=1694073527&q=&rf=https%3A%2F%2Fnortkon.com%2F&enc=&enk=MjE5NjE3fDEyMXwxfDYyMTY5fDE2OTQwNzM1Mjd8MXwxfDk4&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=838cbec223cc13d2&qxsi=25b4ce2d796e9e7b&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=2fff611994f51ba7&tm=1694073531.245&etm=1694073531.257&ls=0&lbc=0&lac=0&cskey=lwz39&ipspm=&no_capp=2

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

5 Cookies

Domain/Path Name / Value
.myckdom.com/ Name: rhid
Value: 83612312610
.myckdom.com/ Name: loi
Value: ad_1114653_off_560384_aff_11454_cid_374591-WWWANGELAROBINSONENTERTAINMENT.COM_ts_1694073522
.clkmg.com/ Name: lids
Value: 1220924-139738+
.clkmg.com/ Name: vid
Value: 891196348
nortkon.com/ Name: __tad
Value: 1694073526.7603042