urlscan.io logo urlscan.io
SecurityTrails logo

affsub2.go2affise.com Open in urlscan Pro
34.90.63.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/finder/AAAAAA/Redirectline.html#2647015VP6243720JP554141284hl8594PW24Mmr180028cy
Effective URL: http://affsub2.go2affise.com/disabled.html
Submission Tags: https://phish.report @phish_report Search All
Submission: On June 16 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 7 domains to perform 2 HTTP transactions. The main IP is 34.90.63.227, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is affsub2.go2affise.com.
This is the only time affsub2.go2affise.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 51.79.146.201 16276 (OVH)
1 1 23.251.142.1 396982 (GOOGLE-CL...)
1 1 104.155.58.45 15169 (GOOGLE)
2 2 34.90.46.36 396982 (GOOGLE-CL...)
1 1 18.194.134.212 16509 (AMAZON-02)
1 34.90.63.227 396982 (GOOGLE-CL...)
2 2
1    2a00:1450:4001:803::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    51.79.146.201 (Singapore)

ASN16276 (OVH, FR)
PTR: vps-ebbcf429.vps.ovh.ca
akosaw.com
1    23.251.142.1 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.142.251.23.bc.googleusercontent.com
doamtrk.com
1    104.155.58.45 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 45.58.155.104.bc.googleusercontent.com
agawalp.com
2    34.90.46.36 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
xxx.life-partner.xyz
affsub2.go2affise.com
1    18.194.134.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-134-212.eu-central-1.compute.amazonaws.com
pansen-infichel.com
1    34.90.63.227 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 227.63.90.34.bc.googleusercontent.com
affsub2.go2affise.com
Apex Domain
Subdomains		 Transfer
2 go2affise.com
affsub2.go2affise.com
446 B
1 pansen-infichel.com
pansen-infichel.com
625 B
1 life-partner.xyz
xxx.life-partner.xyz
384 B
1 agawalp.com
agawalp.com
732 B
1 doamtrk.com
doamtrk.com
307 B
1 akosaw.com
akosaw.com
323 B
1 googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 465
841 B
2 7
Domain Requested by
2 affsub2.go2affise.com 1 redirects storage.googleapis.com
1 pansen-infichel.com 1 redirects
1 xxx.life-partner.xyz 1 redirects
1 agawalp.com 1 redirects
1 doamtrk.com 1 redirects
1 akosaw.com 1 redirects
1 storage.googleapis.com
2 7

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://affsub2.go2affise.com/disabled.html
Frame ID: 9903975F00052DBD25157B93422E8C92
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Disabled

Page URL History Show full URLs

  1. https://storage.googleapis.com/finder/AAAAAA/Redirectline.html Page URL
  2. http://akosaw.com/2647015VP6243720JP554141284hl8594PW24Mmr180028cy HTTP 302
    https://doamtrk.com/?a=901&oc=15983&c=43834&p=r&m=3&s1=2647015&s2=2b-2647015-6243720-180028-8594... HTTP 302
    https://agawalp.com/?a=901&oc=15983&c=43834&p=r&m=3&s1=2647015&s2=2b-2647015-6243720-180028-8594... HTTP 302
    https://xxx.life-partner.xyz/click?pid=4726&offer_id=5242&sub2=312370280&sub4=901 HTTP 302
    https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=901&var3=&var4=&clickid=... HTTP 302
    https://affsub2.go2affise.com/click?pid=888&offer_id=6867&sub2=wk43d7flfdj63sfp2lil4t54&sub4=4726 HTTP 302
    http://affsub2.go2affise.com/disabled.html Page URL

Page Statistics

2
Requests

50 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

2
IPs

4
Countries

1 kB
Transfer

0 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/finder/AAAAAA/Redirectline.html Page URL
  2. http://akosaw.com/2647015VP6243720JP554141284hl8594PW24Mmr180028cy HTTP 302
    https://doamtrk.com/?a=901&oc=15983&c=43834&p=r&m=3&s1=2647015&s2=2b-2647015-6243720-180028-8594-554141284 HTTP 302
    https://agawalp.com/?a=901&oc=15983&c=43834&p=r&m=3&s1=2647015&s2=2b-2647015-6243720-180028-8594-554141284&ckmguid=3143c777-cd10-4525-b5ef-4246210e57b0 HTTP 302
    https://xxx.life-partner.xyz/click?pid=4726&offer_id=5242&sub2=312370280&sub4=901 HTTP 302
    https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=901&var3=&var4=&clickid=648c57a4c100d400019e675e HTTP 302
    https://affsub2.go2affise.com/click?pid=888&offer_id=6867&sub2=wk43d7flfdj63sfp2lil4t54&sub4=4726 HTTP 302
    http://affsub2.go2affise.com/disabled.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Redirectline.html
storage.googleapis.com/finder/AAAAAA/ 		350 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/finder/AAAAAA/Redirectline.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
350
content-type
text/html
date
Fri, 16 Jun 2023 12:37:55 GMT
etag
"4afa6bba29982071e665c0b351e6d97a"
expires
Fri, 16 Jun 2023 13:37:55 GMT
last-modified
Tue, 27 Dec 2022 11:22:22 GMT
server
UploadServer
x-goog-generation
1672140142934344
x-goog-hash
crc32c=nEEkUg== md5=SvpruimYIHHmZcCzUebZeg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
350
x-guploader-uploadid
ADPycdsxH4Z80jx45iPWO6y8qczErikTX0pN3XD5hSREgvowYK5SHp1hhRWNomuK477ysLxXXmIQcY-lGxERscJC80islalZUXVG
Primary Request disabled.html
affsub2.go2affise.com/
Redirect Chain
  • http://akosaw.com/2647015VP6243720JP554141284hl8594PW24Mmr180028cy
  • https://doamtrk.com/?a=901&oc=15983&c=43834&p=r&m=3&s1=2647015&s2=2b-2647015-6243720-180028-8594-554141284
  • https://agawalp.com/?a=901&oc=15983&c=43834&p=r&m=3&s1=2647015&s2=2b-2647015-6243720-180028-8594-554141284&ckmguid=3143c777-cd10-4525-b5ef-4246210e57b0
  • https://xxx.life-partner.xyz/click?pid=4726&offer_id=5242&sub2=312370280&sub4=901
  • https://pansen-infichel.com/a757149c-fd88-4a9b-9a99-827e6ad49ebc?var1=4726&var2=901&var3=&var4=&clickid=648c57a4c100d400019e675e
  • https://affsub2.go2affise.com/click?pid=888&offer_id=6867&sub2=wk43d7flfdj63sfp2lil4t54&sub4=4726
  • http://affsub2.go2affise.com/disabled.html
111 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
http://affsub2.go2affise.com/disabled.html
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/finder/AAAAAA/Redirectline.html
Protocol
HTTP/1.1
Server
34.90.63.227 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
227.63.90.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08

Request headers

Referer
https://storage.googleapis.com/finder/AAAAAA/Redirectline.html#2647015VP6243720JP554141284hl8594PW24Mmr180028cy
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 16 Jun 2023 12:37:57 GMT
ETag
W/"628f9513-6f"
Last-Modified
Thu, 26 May 2022 14:56:19 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

access-control-allow-origin
*
content-length
0
date
Fri, 16 Jun 2023 12:37:57 GMT
location
http://affsub2.go2affise.com/disabled.html
server
nginx

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

7 Cookies

Domain/Path Name / Value
.agawalp.com/ Name: sl
Value: 2KGCmCjJ90vVMZ8KS1ro6IbbE7VpVTRKU/niov3pR7bgZJfgnnCI6A==
.agawalp.com/ Name: tfl
Value: hDrUdY/ozILoagsfzR6WDIbbE7VpVTRKU/niov3pR7bgZJfgnnCI6A==
.agawalp.com/ Name: c14175
Value: 2KGCmCjJ90t34KmVl4/Vk+AEDvCtjyDrHICgns1oNenPFq5de9pB1w==
xxx.life-partner.xyz/ Name: afclick
Value: 648c57a4c100d400019e675e
xxx.life-partner.xyz/ Name: afoffers
Value: {"5242":1686919076}
.pansen-infichel.com/ Name: a757149c-fd88-4a9b-9a99-827e6ad49ebc-v4
Value: Npo8DFF71vtgA4w64qbttxfGQEK63Dh4orcgzCCfwUY
.pansen-infichel.com/ Name: cc-v4
Value: G%2FnNYpkAJitwtLTeHJQ01Tg93e2n5fElnH7FK5C6l7Yv1zq502%2BAo69SbTXJqHUaHRX59s4wYwpukJ3t%2FQ%2FzmVbW5Z%2Fqm1h4MQQVMWrlW7Vmj8DbkIldG%2B%2FLxOBrD1q4U6uGy9qZYTDUs69Qdnd4fQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

affsub2.go2affise.com
agawalp.com
akosaw.com
doamtrk.com
pansen-infichel.com
storage.googleapis.com
xxx.life-partner.xyz
104.155.58.45
18.194.134.212
23.251.142.1
2a00:1450:4001:803::2010
34.90.46.36
34.90.63.227
51.79.146.201
b7413baf6c8d815f06ac626010aa7c4eff83b4f3ab3fa3cfd4c50cb533b5cf08