ww2.affinity.net
Open in
urlscan Pro
34.160.232.116
Public Scan
Submitted URL: https://affordablehousingresouce779.godaddysits.com/
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MTkxOTEwfDEyMXwxfDkxMDgzfDE3MzMyMzY3NTV8MXwxfDE5ODk=
Submission: On December 03 via automatic, source certstream-suspicious — Scanned from GB
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MTkxOTEwfDEyMXwxfDkxMDgzfDE3MzMyMzY3NTV8MXwxfDE5ODk=
Submission: On December 03 via automatic, source certstream-suspicious — Scanned from GB
Summary
This website contacted 4 IPs
in 3 countries
across 5 domains to perform 6 HTTP transactions.
The main IP is 34.160.232.116, located in
Kansas City, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is ww2.affinity.net.
The Cisco Umbrella rank of the primary domain is 168719.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on August 12th 2024. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on August 12th 2024. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 185.53.177.50 185.53.177.50 | 61969 (TEAMINTER...) (TEAMINTERNET-AS Team Internet AG) | |
| 1 2 | 54.82.7.206 54.82.7.206 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 34.160.232.116 34.160.232.116 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
| 6 | 4 |
2
185.53.177.50
(Germany)
ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)
ASN61969 (TEAMINTERNET-AS Team Internet AG, DE)
| affordablehousingresouce779.godaddysits.com |
2
54.82.7.206
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-7-206.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-7-206.compute-1.amazonaws.com
| ernus-dop.com |
1
34.160.232.116
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.232.160.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.232.160.34.bc.googleusercontent.com
| ww2.affinity.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
ernus-dop.com
1 redirects
ernus-dop.com |
4 KB |
| 2 |
godaddysits.com
affordablehousingresouce779.godaddysits.com |
2 KB |
| 1 |
affinity.net
ww2.affinity.net — Cisco Umbrella Rank: 168719 |
6 KB |
| 0 |
godaddy.com
Failed
click.godaddy.com Failed |
|
| 0 |
cloudfront.net
Failed
d38psrni17bvxu.cloudfront.net Failed |
|
| 6 | 5 |
| Domain | Requested by | |
|---|---|---|
| 2 | ernus-dop.com |
1 redirects
affordablehousingresouce779.godaddysits.com
|
| 2 | affordablehousingresouce779.godaddysits.com |
affordablehousingresouce779.godaddysits.com
|
| 1 | ww2.affinity.net |
ernus-dop.com
|
| 0 | click.godaddy.com Failed | |
| 0 | d38psrni17bvxu.cloudfront.net Failed |
affordablehousingresouce779.godaddysits.com
|
| 6 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| affordablehousingresouce779.godaddysits.com R10 |
2024-12-03 - 2025-03-03 |
3 months | crt.sh |
| ernus-dop.com Amazon RSA 2048 M02 |
2024-11-22 - 2025-12-22 |
a year | crt.sh |
| *.affinity.net GlobalSign GCC R3 DV TLS CA 2020 |
2024-08-12 - 2025-09-13 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://click.godaddy.com/affiliate?cjdata=MXxZfDB8WXww&isc=cjcfos3&url=https://www.godaddy.com/offers/hosting&AID=10602879&SID=cf16e24fdfe9143d035b86c42c033c0f&utm_source=cj&utm_medium=affiliate&utm_campaign=xx-xx_corp_affiliate_10602879_001&utm_content=Siteplug_4484837&tgt=7753339&cjevent=60c41f19b18411ef810b0aae0a18b8fb
Frame ID: 64E18C267F8F107D0B28DE5572DB559A
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
https://affinity.netPage URL History Show full URLs
- https://affordablehousingresouce779.godaddysits.com/ Page URL
- https://ernus-dop.com/zclkvisitor/5efaf844-b184-11ef-b825-0affe534dd3b/143cf7a0-6b6a-11ef-b9f3-0af... Page URL
-
https://ernus-dop.com/zclkredirect?visitid=5efaf844-b184-11ef-b825-0affe534dd3b&type=js&browserWid...
HTTP 302
https://ww2.affinity.net/fly?no_capp=2&enk=MTkxOTEwfDEyMXwxfDkxMDgzfDE3MzMyMzY3NTV8MXwxfDE5ODk= Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://affordablehousingresouce779.godaddysits.com/ Page URL
- https://ernus-dop.com/zclkvisitor/5efaf844-b184-11ef-b825-0affe534dd3b/143cf7a0-6b6a-11ef-b9f3-0affc7e470f1?campaignid=5f075452-b184-11ef-b825-0affe534dd3b Page URL
-
https://ernus-dop.com/zclkredirect?visitid=5efaf844-b184-11ef-b825-0affe534dd3b&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC%2B00%3A00&timezoneName=Europe%2FLondon
HTTP 302
https://ww2.affinity.net/fly?no_capp=2&enk=MTkxOTEwfDEyMXwxfDkxMDgzfDE3MzMyMzY3NTV8MXwxfDE5ODk= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://ww2.affinity.net/fly1?sid=191910&sa=121&p=1&s=91083&qt=1733236755&q=&rf=https%3A%2F%2Fernus-dop.com%2F&enc=&enk=MTkxOTEwfDEyMXwxfDkxMDgzfDE3MzMyMzY3NTV8MXwxfDE5ODk%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=e44ec9449a52c54a&qxsi=25b4ce2d796e9e7b&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=9515e6d4df2100f6a5ead2ffd8c1ea09&tm=1733236758.1519&etm=1733236758.1609&ls=0&lbc=0&lac=0&cskey=ckt55&ipspm=&no_capp=2&d= HTTP 302
- https://www.dpbolvw.net/click-7753339-10602879?sid=cf16e24fdfe9143d035b86c42c033c0f HTTP 302
- https://cj.dotomi.com/la102dlutB/lsx/A9F9BHGI/GGECCCI/9/9/9?f=kzpk%3Djm8Dl9BmkmlG8BAk7ACiFDjB9j7AAj7m%3c%3co00wz%3A%2F%2F333.kwivs23.ul0%2Fjspjr-EECAAAG-87D79FEG%3c%3cN%3co00wz%3A%2F%2F339.hmmpup05.ul0%2F%3c%3c8%3c8%3c7%3c7%3c HTTP 302
- https://www.emjcd.com/h9115ft10L/t-4/IHNHJPOQ/OOMKKKQ/H/LHHIHNHHQNKQJIOPMH:uMothmTyUMpi/NHtLIwIQsIPLIIvwPIHsHrrvHrIPsPws?r=evlg%3Dfi49h57igihC476g368eB9f75f366f3i%3cfmr!z8y1-y0wydvg%3ckwwsv%3A%2F%2Fzzz.gseroyz.qhw%2Ffolfn-AA8666C-43935BAC%3c%3cJ%3ckwwsv%3A%2F%2Fzz5.diilqlw1.qhw%2F%3c4Ai5749C-CgBC-7CeA-C78e-96A8fih95f7B%3c4%3c4%3c3%3c3%3c HTTP 302
- https://click.godaddy.com/affiliate?cjdata=MXxZfDB8WXww&isc=cjcfos3&url=https://www.godaddy.com/offers/hosting&AID=10602879&SID=cf16e24fdfe9143d035b86c42c033c0f&utm_source=cj&utm_medium=affiliate&utm_campaign=xx-xx_corp_affiliate_10602879_001&utm_content=Siteplug_4484837&tgt=7753339&cjevent=60c41f19b18411ef810b0aae0a18b8fb
6 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
affordablehousingresouce779.godaddysits.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
js3.js
d38psrni17bvxu.cloudfront.net/scripts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ls.php
affordablehousingresouce779.godaddysits.com/ |
16 B 368 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
143cf7a0-6b6a-11ef-b9f3-0affc7e470f1
ernus-dop.com/zclkvisitor/5efaf844-b184-11ef-b825-0affe534dd3b/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
fly
ww2.affinity.net/ Redirect Chain
|
6 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
affiliate
click.godaddy.com/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- d38psrni17bvxu.cloudfront.net
- URL
- https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
- Domain
- click.godaddy.com
- URL
- https://click.godaddy.com/affiliate?cjdata=MXxZfDB8WXww&isc=cjcfos3&url=https://www.godaddy.com/offers/hosting&AID=10602879&SID=cf16e24fdfe9143d035b86c42c033c0f&utm_source=cj&utm_medium=affiliate&utm_campaign=xx-xx_corp_affiliate_10602879_001&utm_content=Siteplug_4484837&tgt=7753339&cjevent=60c41f19b18411ef810b0aae0a18b8fb
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
number| chrsz function| safe_add function| bit_rol function| add_ch function| enc_data function| G function| gsc function| getCookie function| setCookie function| press function| get_screen_dimension function| get_browser_dimension function| fnch7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .dotomi.com/ | Name: CJSession Value: 17f24169-9d89-49b7-945b-6375cfe62c48 |
|
| .dotomi.com/ | Name: cjae Value: d5XcQVChD5YR |
|
| .dotomi.com/ | Name: DotomiUser Value: 400106009639217850$0$1 |
|
| .dotomi.com/ | Name: LCLK Value: cjo!w5vy-vxtvasd |
|
| .emjcd.com/ | Name: S Value: 400106009639217850:d5XcQVChD5YR |
|
| .emjcd.com/ | Name: LCLK Value: cjo!w5vy-vxtvasd |
|
| .emjcd.com/ | Name: CJSession Value: 17f24169-9d89-49b7-945b-6375cfe62c48 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
affordablehousingresouce779.godaddysits.com
click.godaddy.com
d38psrni17bvxu.cloudfront.net
ernus-dop.com
ww2.affinity.net
click.godaddy.com
d38psrni17bvxu.cloudfront.net
185.53.177.50
34.160.232.116
54.82.7.206
0595ef20b21e54403af1ad3eafe32253850749fcb0e112ffc0fb4847159677b0
587f2b3442b0bd14658bb3d410be04337f3451a7caf931fa40aed3002275b8b0
90ec94ca4b97800d2d99e7318f9e640abfc0357cbf7063bf08b8d667483678ae