urlscan.io logo urlscan.io
SecurityTrails logo

ww2.affinity.net Open in urlscan Pro
216.139.248.127  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://slortsline.com/
Effective URL: https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2
Submission: On September 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 4 HTTP transactions. The main IP is 216.139.248.127, located in United States and belongs to HWSERVICES-32400, US. The main domain is ww2.affinity.net. The Cisco Umbrella rank of the primary domain is 118674.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 13th 2022. Valid for: a year.
This is the only time ww2.affinity.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 216.245.197.45 46475 (LIMESTONE...)
1 2 209.15.13.136 13768 (COGECO-PEER1)
1 2 216.139.248.127 32400 (HWSERVICE...)
2 2 35.201.76.231 15169 (GOOGLE)
1 1 34.95.127.121 396982 (GOOGLE-CL...)
1 2a04:4e42:41:... ()
4 4
2    216.245.197.45 (United States)

ASN46475 (LIMESTONENETWORKS, US)
PTR: 45-197-245-216.static.reverse.lstn.net
slortsline.com
2    209.15.13.136 (Toronto, Canada)

ASN13768 (COGECO-PEER1, CA)
rtbtrail.com
2    216.139.248.127 (United States)

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-127.aus.us.siteprotect.com
ww2.affinity.net
2    35.201.76.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.76.201.35.bc.googleusercontent.com
sportsline.pxf.io
1    34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
1    2a04:4e42:41::444 (None, )

ASN- ()
www.sportsline.com
Apex Domain
Subdomains		 Transfer
2 pxf.io
sportsline.pxf.io — Cisco Umbrella Rank: 465645
907 B
2 affinity.net
ww2.affinity.net — Cisco Umbrella Rank: 118674
2 KB
2 rtbtrail.com
rtbtrail.com
3 KB
2 slortsline.com
slortsline.com
1 KB
1 sportsline.com
www.sportsline.com
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 5573
579 B
4 6
Domain Requested by
2 sportsline.pxf.io 2 redirects
2 ww2.affinity.net 1 redirects
2 rtbtrail.com 1 redirects slortsline.com
2 slortsline.com 1 redirects
1 www.sportsline.com
1 www.ojrq.net 1 redirects
4 6

This site contains no links.

Subject Issuer Validity Valid
*.affinity.net
Go Daddy Secure Certificate Authority - G2		 2022-06-13 -
2023-07-15		 a year crt.sh
*.sportsline.com
Sectigo RSA Organization Validation Secure Server CA		 2021-12-15 -
2022-12-15		 a year crt.sh

This page contains 1 frames:

Frame: https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368
Frame ID: A98A8CEB0C2D245C18403254D530E6D7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://slortsline.com/ Page URL
  2. http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc... HTTP 302
    http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjY... Page URL
  3. http://rtbtrail.com/Redirect/ HTTP 302
    https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2 Page URL

Page Statistics

4
Requests

50 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

4
IPs

2
Countries

5 kB
Transfer

12 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://slortsline.com/ Page URL
  2. http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc5MTcxNywiaWF0IjoxNjYzNzg0NTE3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2JmNmQwdmdxOW0xNjJrbGcxNW1wMGgiLCJuYmYiOjE2NjM3ODQ1MTcsInRzIjoxNjYzNzg0NTE3NTUyNzAxfQ.o0eVNwMOvewA9kabxgMfnnZaE3tZVtqHDwzZBb8PYhE&sid=47045462-39da-11ed-aa65-5314618582b9 HTTP 302
    http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRnRGSWJ5SU1mUmotNTB6Rkp6RDE0MWdRWjJnMg2&id=ce67e48e-7b3f-4940-8a2a-3ae58bb1aedf Page URL
  3. http://rtbtrail.com/Redirect/ HTTP 302
    https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc5MTcxNywiaWF0IjoxNjYzNzg0NTE3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2JmNmQwdmdxOW0xNjJrbGcxNW1wMGgiLCJuYmYiOjE2NjM3ODQ1MTcsInRzIjoxNjYzNzg0NTE3NTUyNzAxfQ.o0eVNwMOvewA9kabxgMfnnZaE3tZVtqHDwzZBb8PYhE&sid=47045462-39da-11ed-aa65-5314618582b9 HTTP 302
  • http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRnRGSWJ5SU1mUmotNTB6Rkp6RDE0MWdRWjJnMg2&id=ce67e48e-7b3f-4940-8a2a-3ae58bb1aedf
Request Chain 2
  • https://ww2.affinity.net/fly1?sid=172736&sa=113&p=1&s=84453&qt=1663784517&q=&rf=http%3A%2F%2Frtbtrail.com%2F&enc=&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=3aada3bafab9449f&qxsi=5c30a2b77a47e964&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=cc15f4ba5f74ddcc9442ff3fce748f7a&tm=1663784520.1884&etm=1663784520.1947&ls=0&lbc=0&lac=0&cskey=mok28&ipspm=&no_capp=2 HTTP 302
  • https://sportsline.pxf.io/gmaW9?subId1=e08fa895c489bbc135f493df399bddeb HTTP 302
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fsportsline.pxf.io%2Fc%2F95368%2F885242%2F12268%3FsubId1%3De08fa895c489bbc135f493df399bddeb%26u%3Dhttps%253A%252F%252Fwww.sportsline.com%252F%26svlink%3D3432918%26level%3D1%26srcref%3Dhttps%253A%252F%252Fww2.affinity.net%252F&cid=12268&tpsync=yes HTTP 302
  • https://sportsline.pxf.io/c/95368/885242/12268?subId1=e08fa895c489bbc135f493df399bddeb&u=https%3A%2F%2Fwww.sportsline.com%2F&svlink=3432918&level=1&srcref=https%3A%2F%2Fww2.affinity.net%2F&brwsr=49598310-39da-11ed-8b8c-c1b43b3de870&brwsrsig=UVpW%3Akwpew4byXIXUL0NLXaXxzyzuQ HTTP 301
  • https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
slortsline.com/ 		470 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
http://slortsline.com/
Protocol
HTTP/1.1
Server
216.245.197.45 , United States, ASN46475 (LIMESTONENETWORKS, US),
Reverse DNS
45-197-245-216.static.reverse.lstn.net
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
470
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 18:21:56 GMT
server
nginx
click
rtbtrail.com/
Redirect Chain
  • http://slortsline.com/?js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY2Mzc5MTcxNywiaWF0IjoxNjYzNzg0NTE3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc2JmNmQwdmdxOW0xNjJrbGcxNW1wMG...
  • http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRn...
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRnRGSWJ5SU1mUmotNTB6Rkp6RDE0MWdRWjJnMg2&id=ce67e48e-7b3f-4940-8a2a-3ae58bb1aedf
Requested by
Host: slortsline.com
URL: http://slortsline.com/
Protocol
HTTP/1.1
Server
209.15.13.136 Toronto, Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c72fc8743e50465c3fd79f7d0b332a78f943a4916881443e0eed3ce7427b9789

Request headers

Referer
http://slortsline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Encoding
gzip
Content-Length
2195
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Sep 2022 18:21:58 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Server
web02

Redirect headers

cache-control
max-age=0, private, must-revalidate
connection
close
content-length
11
date
Wed, 21 Sep 2022 18:21:57 GMT
location
http://rtbtrail.com/click?data=NEJIaUhRZVJNVExxRjJnMEMyTVdkRVUzUk5rWU9aam9WVHNyVnBYb2xNZHJFN1BjYWNmTktuNVdqWXVKeFhDVk16YmkzbTNwTmJzVXg4ZkdKXzNjZDF6Nm9yQWJIbEMyQktpbndyUlFRU0lCTmt3eXl2YmduTTFTTVJWRnRGSWJ5SU1mUmotNTB6Rkp6RDE0MWdRWjJnMg2&id=ce67e48e-7b3f-4940-8a2a-3ae58bb1aedf
server
nginx
Primary Request fly
ww2.affinity.net/
Redirect Chain
  • http://rtbtrail.com/Redirect/
  • https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.139.248.127 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS
216-139-248-127.aus.us.siteprotect.com
Software
nginx /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
http://rtbtrail.com
Referer
http://rtbtrail.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 21 Sep 2022 18:22:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Sep 2022 18:21:58 GMT
Location
https://ww2.affinity.net/fly?no_capp=2&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Server
web02
/
www.sportsline.com/
Redirect Chain
  • https://ww2.affinity.net/fly1?sid=172736&sa=113&p=1&s=84453&qt=1663784517&q=&rf=http%3A%2F%2Frtbtrail.com%2F&enc=&enk=MTcyNzM2fDExM3wxfDg0NDUzfDE2NjM3ODQ1MTd8MXwxfDExNTc2&xsc=&xsp=&xsm=&xuc=&xcf=&x...
  • https://sportsline.pxf.io/gmaW9?subId1=e08fa895c489bbc135f493df399bddeb
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fsportsline.pxf.io%2Fc%2F95368%2F885242%2F12268%3FsubId1%3De08fa895c489bbc135f493df399bddeb%26u%3Dhttps%253A%252F%252Fwww.sportsline.com%252F%26svlink%3D...
  • https://sportsline.pxf.io/c/95368/885242/12268?subId1=e08fa895c489bbc135f493df399bddeb&u=https%3A%2F%2Fwww.sportsline.com%2F&svlink=3432918&level=1&srcref=https%3A%2F%2Fww2.affinity.net%2F&brwsr=49...
  • https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:41::444 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.sportsline.com *.cbssports.com *.ampproject.org *.amp.cloudflare.com; default-src https: 'unsafe-inline' 'unsafe-eval' wss: ;img-src https: data: blob: ; font-src https: data:; form-action https:; block-all-mixed-content; report-uri https://cbscom.report-uri.com/r/d/csp/reportOnly

Request headers

Referer
https://ww2.affinity.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
backend
76WkNyD4Vy66ZG3iAGK0cN--F_origin_prod
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors 'self' *.sportsline.com *.cbssports.com *.ampproject.org *.amp.cloudflare.com; default-src https: 'unsafe-inline' 'unsafe-eval' wss: ;img-src https: data: blob: ; font-src https: data:; form-action https:; block-all-mixed-content; report-uri https://cbscom.report-uri.com/r/d/csp/reportOnly
content-type
text/html; charset=utf-8
date
Wed, 21 Sep 2022 18:22:04 GMT
etag
"2df78-Jc6QhJhXURu+OK8giYBKW+Qr7OA"
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-vie6335-VIE
x-timer
S1663784522.676051,VS0,VE2643

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
date
Wed, 21 Sep 2022 18:22:01 GMT
expires
Wed, 21 Sep 2022 18:22:01 GMT
location
https://www.sportsline.com/?irgwc=1&cbsclick=wtBUQkzqGxyNUPQQ3YzI9XpcUkDT1rwvmwBdwk0&vndid=95368&sharedid=&ftag=PPM-09-10aag1f&clickid=95368
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma
no-cache
via
1.1 google

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

5 Cookies

Domain/Path Name / Value
.slortsline.com/ Name: sid
Value: 47045462-39da-11ed-aa65-5314618582b9
rtbtrail.com/ Name: yglcnpwwTSubzkQ
Value: yglcnpwwTSubzkQ
.ojrq.net/ Name: brwsr
Value: 49598310-39da-11ed-8b8c-c1b43b3de870
.pxf.io/ Name: brwsr
Value: 49598310-39da-11ed-8b8c-c1b43b3de870
sportsline.pxf.io/ Name: irld
Value: Lxy%3A3XOU0gSduycCQNK0QqUaaS890bX31kzP9TlbR7WVfj0AI

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

rtbtrail.com
slortsline.com
sportsline.pxf.io
ww2.affinity.net
www.ojrq.net
www.sportsline.com
209.15.13.136
216.139.248.127
216.245.197.45
2a04:4e42:41::444
34.95.127.121
35.201.76.231
c72fc8743e50465c3fd79f7d0b332a78f943a4916881443e0eed3ce7427b9789