ww2.affinity.net
Open in
urlscan Pro
216.139.248.127
Public Scan
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2
Submission: On September 21 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2022. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 216.245.197.45 216.245.197.45 | 46475 (LIMESTONE...) (LIMESTONENETWORKS) | |
1 2 | 209.15.13.136 209.15.13.136 | 13768 (COGECO-PEER1) (COGECO-PEER1) | |
1 2 | 216.139.248.127 216.139.248.127 | 32400 (HWSERVICE...) (HWSERVICES-32400) | |
2 2 | 35.201.76.231 35.201.76.231 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 34.95.127.121 34.95.127.121 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 | 2a04:4e42:41:... 2a04:4e42:41::444 | () () | |
4 | 4 |
ASN46475 (LIMESTONENETWORKS, US)
PTR: 45-197-245-216.static.reverse.lstn.net
slortsline.com |
ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-127.aus.us.siteprotect.com
ww2.affinity.net |
ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com
sportsline.pxf.io |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
pxf.io
2 redirects
sportsline.pxf.io — Cisco Umbrella Rank: 465645 |
907 B |
2 |
affinity.net
1 redirects
ww2.affinity.net — Cisco Umbrella Rank: 118674 |
2 KB |
2 |
rtbtrail.com
1 redirects
rtbtrail.com |
3 KB |
2 |
slortsline.com
1 redirects
slortsline.com |
1 KB |
1 |
sportsline.com
www.sportsline.com |
|
1 |
ojrq.net
1 redirects
www.ojrq.net — Cisco Umbrella Rank: 5573 |
579 B |
4 | 6 |
Domain | Requested by | |
---|---|---|
2 | sportsline.pxf.io | 2 redirects |
2 | ww2.affinity.net | 1 redirects |
2 | rtbtrail.com |
1 redirects
slortsline.com
|
2 | slortsline.com | 1 redirects |
1 | www.sportsline.com | |
1 | www.ojrq.net | 1 redirects |
4 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.affinity.net Go Daddy Secure Certificate Authority - G2 |
2022-06-13 - 2023-07-15 |
a year | crt.sh |
*.sportsline.com Sectigo RSA Organization Validation Secure Server CA |
2021-12-15 - 2022-12-15 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368
Frame ID: A98A8CEB0C2D245C18403254D530E6D7
Requests: 4 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://slortsline.com/ Page URL
-
http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc...
HTTP 302
http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjY... Page URL
-
http://rtbtrail.com/Redirect/
HTTP 302
https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://slortsline.com/ Page URL
-
http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc5MTcxNywiaWF0IjoxNjYzNzg0NTE3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2JmNmQwdmdxOW0xNjJrbGcxNW1wMGgiLCJuYmYiOjE2NjM3ODQ1MTcsInRzIjoxNjYzNzg0NTE3NTUyNzAxfQ.o0eVNwMOvewA9kabxgMfnnZaE3tZVtqHDwzZBb8PYhE&sid=47045462-39da-11ed-aa65-5314618582b9
HTTP 302
http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRnRGSWJ5SU1mUmotNTB6Rkp6RDE0MWdRWjJnMg2&id=ce67e48e-7b3f-4940-8a2a-3ae58bb1aedf Page URL
-
http://rtbtrail.com/Redirect/
HTTP 302
https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc5MTcxNywiaWF0IjoxNjYzNzg0NTE3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2JmNmQwdmdxOW0xNjJrbGcxNW1wMGgiLCJuYmYiOjE2NjM3ODQ1MTcsInRzIjoxNjYzNzg0NTE3NTUyNzAxfQ.o0eVNwMOvewA9kabxgMfnnZaE3tZVtqHDwzZBb8PYhE&sid=47045462-39da-11ed-aa65-5314618582b9 HTTP 302
- http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRnRGSWJ5SU1mUmotNTB6Rkp6RDE0MWdRWjJnMg2&id=ce67e48e-7b3f-4940-8a2a-3ae58bb1aedf
- https://ww2.affinity.net/fly1?sid=172736&sa=113&p=1&s=84453&qt=1663784517&q=&rf=http%3A%2F%2Frtbtrail.com%2F&enc=&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=3aada3bafab9449f&qxsi=5c30a2b77a47e964&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=cc15f4ba5f74ddcc9442ff3fce748f7a&tm=1663784520.1884&etm=1663784520.1947&ls=0&lbc=0&lac=0&cskey=mok28&ipspm=&no_capp=2 HTTP 302
- https://sportsline.pxf.io/gmaW9?subId1=e08fa895c489bbc135f493df399bddeb HTTP 302
- https://www.ojrq.net/p/?return=https%3A%2F%2Fsportsline.pxf.io%2Fc%2F95368%2F885242%2F12268%3FsubId1%3De08fa895c489bbc135f493df399bddeb%26u%3Dhttps%253A%252F%252Fwww.sportsline.com%252F%26svlink%3D3432918%26level%3D1%26srcref%3Dhttps%253A%252F%252Fww2.affinity.net%252F&cid=12268&tpsync=yes HTTP 302
- https://sportsline.pxf.io/c/95368/885242/12268?subId1=e08fa895c489bbc135f493df399bddeb&u=https%3A%2F%2Fwww.sportsline.com%2F&svlink=3432918&level=1&srcref=https%3A%2F%2Fww2.affinity.net%2F&brwsr=49598310-39da-11ed-8b8c-c1b43b3de870&brwsrsig=UVpW%3Akwpew4byXIXUL0NLXaXxzyzuQ HTTP 301
- https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
slortsline.com/ |
470 B 828 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
click
rtbtrail.com/ Redirect Chain
|
5 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
fly
ww2.affinity.net/ Redirect Chain
|
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.sportsline.com/ Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.slortsline.com/ | Name: sid Value: 47045462-39da-11ed-aa65-5314618582b9 |
|
rtbtrail.com/ | Name: yglcnpwwTSubzkQ Value: yglcnpwwTSubzkQ |
|
.ojrq.net/ | Name: brwsr Value: 49598310-39da-11ed-8b8c-c1b43b3de870 |
|
.pxf.io/ | Name: brwsr Value: 49598310-39da-11ed-8b8c-c1b43b3de870 |
|
sportsline.pxf.io/ | Name: irld Value: Lxy%3A3XOU0gSduycCQNK0QqUaaS890bX31kzP9TlbR7WVfj0AI |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
rtbtrail.com
slortsline.com
sportsline.pxf.io
ww2.affinity.net
www.ojrq.net
www.sportsline.com
209.15.13.136
216.139.248.127
216.245.197.45
2a04:4e42:41::444
34.95.127.121
35.201.76.231
c72fc8743e50465c3fd79f7d0b332a78f943a4916881443e0eed3ce7427b9789