ww2.affinity.net - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 6 HTTP transactions. The main IP is 216.139.248.127, located in and belongs to . The main domain is ww2.affinity.net.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2022. Valid for: a year.

This is the only time ww2.affinity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.161.53.17 5.161.53.17	213230 (HETZNER-C...) (HETZNER-CLOUD2-AS)
2 2	52.7.173.249 52.7.173.249	14618 (AMAZON-AES) (AMAZON-AES)
1 4	103.224.182.241 103.224.182.241	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	216.139.248.127 216.139.248.127	() ()
6	4

1 5.161.53.17 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.17.53.161.5.clients.your-server.de

skype.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.7.173.249 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-173-249.compute-1.amazonaws.com

trwsr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oprtd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.224.182.241 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-241.above.com

airfrane.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.139.248.127 (None, )

ASN- ()

ww2.affinity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	airfrane.com 1 redirects airfrane.com	8 KB
1	affinity.net ww2.affinity.net	2 KB
1	oprtd.com 1 redirects oprtd.com	276 B
1	trwsr.com 1 redirects trwsr.com — Cisco Umbrella Rank: 648493	282 B
1	skype.com.ua skype.com.ua — Cisco Umbrella Rank: 632032	942 B
6	5

	Domain	Requested by
4	airfrane.com	1 redirects airfrane.com
1	ww2.affinity.net	airfrane.com
1	oprtd.com	1 redirects
1	trwsr.com	1 redirects
1	skype.com.ua
6	5

This site contains no links.

Subject Issuer	Validity	Valid
shopstreetfashion.com R3	`2022-07-26` - `2022-10-24`	3 months	crt.sh
*.affinity.net Go Daddy Secure Certificate Authority - G2	`2022-06-13` - `2023-07-15`	a year	crt.sh

This page contains 1 frames:

Frame: https://ww2.affinity.net/fly1?sid=159114&sa=113&p=1&s=62169&qt=1662778280&q=&rf=https%3A%2F%2Fairfrane.com%2F&enc=&enk=MTU5MTE0fDExM3wxfDYyMTY5fDE2NjI3NzgyODB8MXwxfDU3MA%3D%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=654f1233e103a7f8&qxsi=5c30a2b77a47e964&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=64426e116587b3c79442ff3fce748f7a&tm=1662778282.4525&etm=1662778282.4596&ls=0&lbc=0&lac=0&cskey=lwz39&ipspm=&no_capp=2
Frame ID: 7B3DB1E4FC7E82C7DF5891D9A8F9A939
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://skype.com.ua/ Page URL
http://trwsr.com/ HTTP 302
http://oprtd.com/sxhemvo8 HTTP 302
http://airfrane.com/ HTTP 302
https://airfrane.com/ Page URL
https://airfrane.com/jr.php?gz=4yhCd2BDoaJ7HhDo2BDsT349fmtmNnZwbU1xV2ltMjFqanFuRklyajQrU1o1bDJmSV... Page URL
https://ww2.affinity.net/fly?no_capp=2&enk=MTU5MTE0fDExM3wxfDYyMTY5fDE2NjI3NzgyODB8MXwxfDU3MA== Page URL

Detected technologies

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

11 kB
Transfer

23 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://skype.com.ua/ Page URL
http://trwsr.com/ HTTP 302
http://oprtd.com/sxhemvo8 HTTP 302
http://airfrane.com/ HTTP 302
https://airfrane.com/ Page URL
https://airfrane.com/jr.php?gz=4yhCd2BDoaJ7HhDo2BDsT349fmtmNnZwbU1xV2ltMjFqanFuRklyajQrU1o1bDJmSVhVMVQ3MWZTOTdmZk1iak1oNWIrUTZ1K01pOEw4NUIwTDNOeVJyYUZjWGl3ZWNFOVU4dmdQMnZ0T1g4MFN5dnZSdzlROWFjTDlBYnYrWnZFc2JWQVAxMTd6cVU5ckpLTktLNW53MGx2Z2VOYkdQbjVrM3RUamQwQTVKbDk0RDRzMGMyOWFTQ1UydlBjRFRVMTN6QzhyYWsycnZTVmRpbWxuajhOYmsyRGl6dS9BQ3Y3MmhFQ2orcnJVelphMkY2a1pScFg5cW9EaDN6YS81S1NhTys5WDdWcS9KNDFsT0FCd1lKdEFWd1JuY3kyaHpzVXNwQmtRNnFkSjdzYmpEQjl5U2c3QjhtM2ZGblM2Z1F1RkFBOE8ySDB3VVMrOU5XbkROUWUzK2ZpaHhpVXRTY1I3Nng0aXRWUlFERyt5MWtQUEljWnYxVWo1bEttaGVWcHhBYmZ5eUtMSEV6STc2d04zRzcva2NaQXppTlBYNURueENieDZnSFltekhvem9rSU9wbWxGNEtrUmE3clFWbStRNy8xdlFGTHk5bXRGUDdyMlIyeUZqRkcvOE54K3d3VkJaMmJZaTMvbHIyM1BqS2lLUkxvemZ4T0ZxMG9HamtNdm9YSUcvRGYwRk9YVTBNWmxXelR5RFZpSDFSUTJ4WlN2b2RXd2tHTXEzTVBDLytvOHFVVFluUDNKbExlSHd0eUxRdkNaenV5b01jUmNwVjRFdTd1UlNFbTFFd1ZWcWJZQnFUOVQ4UnpBTDBaZEZzU29ndG8wOG1WNzl0Tmw0dTVBWG9NTHdIS2FTMDdWM0dFS29YLzdVNUhUd09sSldoZjBHUkhJZWhzRWRJMU0rdjFLK1Q4THY3RWM0OWxNUUkvaDV3NHNwSG8rY1ZBRjNCL1E3OUhmNlg4MHlhbWtDVDQ4U3hvVWhTaktxK253RE11ZUs3NERUUTNQakZsYz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= Page URL
https://ww2.affinity.net/fly?no_capp=2&enk=MTU5MTE0fDExM3wxfDYyMTY5fDE2NjI3NzgyODB8MXwxfDU3MA== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://trwsr.com/ HTTP 302
http://oprtd.com/sxhemvo8 HTTP 302
http://airfrane.com/ HTTP 302
https://airfrane.com/

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response skype.com.ua/	182 B 942 B	373ms 139ms	Document text/html	5.161.53.17 HETZNER-CLOUD2-AS
General Check archive.org Show headers Download Go to Full URL http://skype.com.ua/ Protocol HTTP/1.1 Server 5.161.53.17 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE), Reverse DNS static.17.53.161.5.clients.your-server.de Software nginx / Resource Hash `3cd625b0275047cff4a9e8db11d8945f18513ffa6a1f96ea7f57671c01792952` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Connection keep-alive Content-Length 182 Content-Type text/html; charset=UTF-8 Date Sat, 10 Sep 2022 02:51:18 GMT Expires 0 Last-Modified Sat, 10 Sep 2022 02:51:18 GMT Pragma no-cache Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	/ Show response airfrane.com/ Redirect Chain http://trwsr.com/ http://oprtd.com/sxhemvo8 http://airfrane.com/ https://airfrane.com/	7 KB 3 KB	1040ms 473ms	Document text/html	103.224.182.241 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://airfrane.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-182-241.above.com Software Apache/2.4.38 (Debian) / Resource Hash `24ec08e7e86b46d614e1c5cb3504804bb5fc3dcf6cf2a3efcd2b757429945d92` Request headers Referer http://skype.com.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 3210 Content-Type text/html; charset=UTF-8 Date Sat, 10 Sep 2022 02:51:20 GMT Server Apache/2.4.38 (Debian) Vary Accept-Encoding Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sat, 10 Sep 2022 02:51:19 GMT Location https://airfrane.com/ Server Apache/2.4.38 (Debian)
GET H/1.1	200 OK	swfobject.js Show response airfrane.com/js/	10 KB 4 KB	585ms 225ms	Script application/javascript	103.224.182.241 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://airfrane.com/js/swfobject.js Requested by Host: airfrane.com URL: https://airfrane.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-182-241.above.com Software Apache/2.4.38 (Debian) / Resource Hash `a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed` Request headers accept-language en-GB,en;q=0.9 Referer https://airfrane.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Sat, 10 Sep 2022 02:51:21 GMT Content-Encoding gzip Last-Modified Thu, 18 Aug 2022 00:50:56 GMT Server Apache/2.4.38 (Debian) ETag "27ef-5e6795fc91c00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 3949
GET H/1.1	200 OK	jr.php airfrane.com/	414 B 495 B	556ms 193ms	Document text/html	103.224.182.241 TRELLIAN-AS-AP Tr...
General Check archive.org Show headers Download Go to Full URL https://airfrane.com/jr.php?gz=4yhCd2BDoaJ7HhDo2BDsT349fmtmNnZwbU1xV2ltMjFqanFuRklyajQrU1o1bDJmSVhVMVQ3MWZTOTdmZk1iak1oNWIrUTZ1K01pOEw4NUIwTDNOeVJyYUZjWGl3ZWNFOVU4dmdQMnZ0T1g4MFN5dnZSdzlROWFjTDlBYnYrWnZFc2JWQVAxMTd6cVU5ckpLTktLNW53MGx2Z2VOYkdQbjVrM3RUamQwQTVKbDk0RDRzMGMyOWFTQ1UydlBjRFRVMTN6QzhyYWsycnZTVmRpbWxuajhOYmsyRGl6dS9BQ3Y3MmhFQ2orcnJVelphMkY2a1pScFg5cW9EaDN6YS81S1NhTys5WDdWcS9KNDFsT0FCd1lKdEFWd1JuY3kyaHpzVXNwQmtRNnFkSjdzYmpEQjl5U2c3QjhtM2ZGblM2Z1F1RkFBOE8ySDB3VVMrOU5XbkROUWUzK2ZpaHhpVXRTY1I3Nng0aXRWUlFERyt5MWtQUEljWnYxVWo1bEttaGVWcHhBYmZ5eUtMSEV6STc2d04zRzcva2NaQXppTlBYNURueENieDZnSFltekhvem9rSU9wbWxGNEtrUmE3clFWbStRNy8xdlFGTHk5bXRGUDdyMlIyeUZqRkcvOE54K3d3VkJaMmJZaTMvbHIyM1BqS2lLUkxvemZ4T0ZxMG9HamtNdm9YSUcvRGYwRk9YVTBNWmxXelR5RFZpSDFSUTJ4WlN2b2RXd2tHTXEzTVBDLytvOHFVVFluUDNKbExlSHd0eUxRdkNaenV5b01jUmNwVjRFdTd1UlNFbTFFd1ZWcWJZQnFUOVQ4UnpBTDBaZEZzU29ndG8wOG1WNzl0Tmw0dTVBWG9NTHdIS2FTMDdWM0dFS29YLzdVNUhUd09sSldoZjBHUkhJZWhzRWRJMU0rdjFLK1Q4THY3RWM0OWxNUUkvaDV3NHNwSG8rY1ZBRjNCL1E3OUhmNlg4MHlhbWtDVDQ4U3hvVWhTaktxK253RE11ZUs3NERUUTNQakZsYz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= Requested by Host: airfrane.com URL: https://airfrane.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.224.182.241 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU), Reverse DNS lb-182-241.above.com Software Apache/2.4.38 (Debian) / Resource Hash Request headers Referer https://airfrane.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Length 266 Content-Type text/html; charset=UTF-8 Date Sat, 10 Sep 2022 02:51:21 GMT Server Apache/2.4.38 (Debian) Vary Accept-Encoding X-JR-Code s
GET H/1.1	200 OK	Primary Request fly ww2.affinity.net/	6 KB 2 KB	661ms 161ms	Document text/html	216.139.248.127
General Check archive.org Show headers Download Go to Full URL https://ww2.affinity.net/fly?no_capp=2&enk=MTU5MTE0fDExM3wxfDYyMTY5fDE2NjI3NzgyODB8MXwxfDU3MA== Requested by Host: airfrane.com URL: https://airfrane.com/jr.php?gz=4yhCd2BDoaJ7HhDo2BDsT349fmtmNnZwbU1xV2ltMjFqanFuRklyajQrU1o1bDJmSVhVMVQ3MWZTOTdmZk1iak1oNWIrUTZ1K01pOEw4NUIwTDNOeVJyYUZjWGl3ZWNFOVU4dmdQMnZ0T1g4MFN5dnZSdzlROWFjTDlBYnYrWnZFc2JWQVAxMTd6cVU5ckpLTktLNW53MGx2Z2VOYkdQbjVrM3RUamQwQTVKbDk0RDRzMGMyOWFTQ1UydlBjRFRVMTN6QzhyYWsycnZTVmRpbWxuajhOYmsyRGl6dS9BQ3Y3MmhFQ2orcnJVelphMkY2a1pScFg5cW9EaDN6YS81S1NhTys5WDdWcS9KNDFsT0FCd1lKdEFWd1JuY3kyaHpzVXNwQmtRNnFkSjdzYmpEQjl5U2c3QjhtM2ZGblM2Z1F1RkFBOE8ySDB3VVMrOU5XbkROUWUzK2ZpaHhpVXRTY1I3Nng0aXRWUlFERyt5MWtQUEljWnYxVWo1bEttaGVWcHhBYmZ5eUtMSEV6STc2d04zRzcva2NaQXppTlBYNURueENieDZnSFltekhvem9rSU9wbWxGNEtrUmE3clFWbStRNy8xdlFGTHk5bXRGUDdyMlIyeUZqRkcvOE54K3d3VkJaMmJZaTMvbHIyM1BqS2lLUkxvemZ4T0ZxMG9HamtNdm9YSUcvRGYwRk9YVTBNWmxXelR5RFZpSDFSUTJ4WlN2b2RXd2tHTXEzTVBDLytvOHFVVFluUDNKbExlSHd0eUxRdkNaenV5b01jUmNwVjRFdTd1UlNFbTFFd1ZWcWJZQnFUOVQ4UnpBTDBaZEZzU29ndG8wOG1WNzl0Tmw0dTVBWG9NTHdIS2FTMDdWM0dFS29YLzdVNUhUd09sSldoZjBHUkhJZWhzRWRJMU0rdjFLK1Q4THY3RWM0OWxNUUkvaDV3NHNwSG8rY1ZBRjNCL1E3OUhmNlg4MHlhbWtDVDQ4U3hvVWhTaktxK253RE11ZUs3NERUUTNQakZsYz0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine&anura_res= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 216.139.248.127 -, , ASN (), Reverse DNS Software nginx / Resource Hash Request headers Referer https://airfrane.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Connection close Content-Encoding gzip Content-Type text/html Date Sat, 10 Sep 2022 02:51:22 GMT Server nginx Transfer-Encoding chunked
GET		fly1 ww2.affinity.net/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ww2.affinity.net
URL: https://ww2.affinity.net/fly1?sid=159114&sa=113&p=1&s=62169&qt=1662778280&q=&rf=https%3A%2F%2Fairfrane.com%2F&enc=&enk=MTU5MTE0fDExM3wxfDYyMTY5fDE2NjI3NzgyODB8MXwxfDU3MA%3D%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=654f1233e103a7f8&qxsi=5c30a2b77a47e964&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=64426e116587b3c79442ff3fce748f7a&tm=1662778282.4525&etm=1662778282.4596&ls=0&lbc=0&lac=0&cskey=lwz39&ipspm=&no_capp=2

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
skype.com.ua/	1970-01-20 06:37:36	Name: _subid Value: 2jmlh9o4fuirc
skype.com.ua/	1970-01-20 15:28:58	Name: 139e1 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjFcIjoxNjYyNzc4Mjc4fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNjYyNzc4Mjc4fSxcInRpbWVcIjoxNjYyNzc4Mjc4fSJ9.EqiziIQNziplUy8VTnSkdhTDeTQWXpTE-Tij7w4pS2Q
airfrane.com/	1970-01-20 15:28:58	Name: __tad Value: 1662778279.7009096

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

airfrane.com
oprtd.com
skype.com.ua
trwsr.com
ww2.affinity.net
ww2.affinity.net
103.224.182.241
216.139.248.127
5.161.53.17
52.7.173.249
24ec08e7e86b46d614e1c5cb3504804bb5fc3dcf6cf2a3efcd2b757429945d92
3cd625b0275047cff4a9e8db11d8945f18513ffa6a1f96ea7f57671c01792952
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

ww2.affinity.net Open in urlscan Pro 216.139.248.127 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

67 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

11 kBTransfer

23 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Indicators

ww2.affinity.net Open in urlscan Pro
216.139.248.127 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

11 kB
Transfer

23 kB
Size

3
Cookies

6 HTTP transactions
0 data transactions