urlscan.io logo urlscan.io
SecurityTrails logo

newssmashers.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://onic77.id/
Effective URL: https://newssmashers.com/
Submission: On October 24 via api from LU — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is newssmashers.com.
TLS certificate: Issued by WE1 on September 26th 2024. Valid for: 3 months.
This is the only time newssmashers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2600:9000:20a... 16509 (AMAZON-02)
5 104.18.3.36 13335 (CLOUDFLAR...)
9 3
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
onic77.id
festivalsuara.id
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
onic77-legal.id
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
newssmashers.com
3    2600:9000:20ae:3800:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)
ik.imagekit.io
5    104.18.3.36 (None, )

ASN13335 (CLOUDFLARENET, US)
imagedelivery.net
Apex Domain
Subdomains		 Transfer
5 imagedelivery.net
imagedelivery.net — Cisco Umbrella Rank: 14543
20 KB
3 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22982
695 KB
1 newssmashers.com
newssmashers.com
4 KB
1 festivalsuara.id
festivalsuara.id
790 B
1 onic77-legal.id
onic77-legal.id
689 B
1 onic77.id
onic77.id
785 B
9 6
Domain Requested by
5 imagedelivery.net newssmashers.com
3 ik.imagekit.io newssmashers.com
1 newssmashers.com
1 festivalsuara.id 1 redirects
1 onic77-legal.id 1 redirects
1 onic77.id 1 redirects
9 6

This site contains links to these domains. Also see Links.

Domain
pub-f3141a85d88c43bdbb8bc8e33bf34a6d.r2.dev
onic77-nice.info
Subject Issuer Validity Valid
newssmashers.com
WE1		 2024-09-26 -
2024-12-25		 3 months crt.sh
*.imagekit.io
Amazon RSA 2048 M02		 2024-01-23 -
2025-02-19		 a year crt.sh
imagedelivery.net
WE1		 2024-10-21 -
2025-01-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://newssmashers.com/
Frame ID: 27F1FE9B44060FAAC15ED19B380288F8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ONIC77 > Join the Excitement: Earning Big with Online Games Made Easy!

Page URL History Show full URLs

  1. http://onic77.id/ HTTP 307
    https://onic77.id/ HTTP 301
    https://onic77-legal.id/ HTTP 301
    https://festivalsuara.id/ HTTP 301
    https://newssmashers.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Page Statistics

9
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

3
IPs

3
Countries

720 kB
Transfer

729 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://onic77.id/ HTTP 307
    https://onic77.id/ HTTP 301
    https://onic77-legal.id/ HTTP 301
    https://festivalsuara.id/ HTTP 301
    https://newssmashers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newssmashers.com/
Redirect Chain
  • http://onic77.id/
  • https://onic77.id/
  • https://onic77-legal.id/
  • https://festivalsuara.id/
  • https://newssmashers.com/
18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newssmashers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5878de17bd095d3ed53354623fe8e9a515cd27580d17c316b86ab2fa376101f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8d7dcb7d2cc16697-AMS
content-encoding
br
content-type
text/html
date
Thu, 24 Oct 2024 23:37:28 GMT
last-modified
Thu, 26 Sep 2024 05:28:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2fxXWPG0AwsLpdZydOJd3P0UjP3YuNpLuOmJ8%2BwSQVeSAIKERPsbc%2FvFfCZ1PeivqfusadEkSCbqcFUzLClrInd9tXHu5OvNLJauKkBP9EBWFhyInne7cldKSL%2BqTBJG6m5D8kFvBCqgovI00mb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=15510&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2297&delivery_rate=251665&cwnd=250&unsent_bytes=0&cid=c8e50ff9408cb079&ts=328&x=0"
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8d7dcb7cacba1c1a-AMS
content-length
167
content-type
text/html
date
Thu, 24 Oct 2024 23:37:27 GMT
expires
Fri, 25 Oct 2024 00:37:27 GMT
location
https://newssmashers.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d4LlcxeOnWger%2F2g8Av9ayX1ZAEeva6uzOoDwJoRqfHmWutQMxhj8DSGsYWlnOO5m6pIrUxKEx2%2BqPKupWDq0hKwKgscrrz9mLzRGyzpmEDkzKIYqxUcBhaLHXQTFPhrjPcbZP%2F%2FlS7qIGRrKaY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=14811&sent=7&recv=10&lost=0&retrans=0&sent_bytes=4034&recv_bytes=2330&delivery_rate=261456&cwnd=252&unsent_bytes=0&cid=13780230e0400728&ts=28&x=0"
vary
Accept-Encoding
onic%203.jpg
ik.imagekit.io/onic77/scottpattersonreports.com/ 		132 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/onic77/scottpattersonreports.com/onic%203.jpg?updatedAt=1727243619537
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:3800:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8171872efd891bdd4c5efe5acb188793d88cff769783dfb63c959bf5528997d8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

x-request-id
81584faf-d6f3-457c-b720-8bfdf64a1d0b
etag
"469a88ce7136c18dd96e36a81fc8614e"
age
75750
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Lm4aLZF5dh8XThOg1r7TP3WkfbwSkn9MsgZtOLec7m7TsvOn7t7CwQ==
date
Thu, 24 Oct 2024 02:34:58 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
last-modified
Thu, 26 Sep 2024 13:22:16 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront), 1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
135108
x-amz-cf-pop
MUC50-P5
logo.gif
ik.imagekit.io/onic77/ 		556 KB
557 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/onic77/logo.gif?updatedAt=1727238621773
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:3800:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4f4984eee9a8407a39673ad6bce47f22b96c8edd7a1187b805e42b27217747fd

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

x-request-id
a2978a1f-1303-42e4-8eef-36e4f5b07e65
etag
"44350ec80b85663562aa96f9bbb1c2e0"
age
253009
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
5ng8VTy7lky2_LyCkGcR-5_EWQtjcclwErJrE_vI1nzukkbPNhc1aw==
date
Tue, 22 Oct 2024 01:20:39 GMT
content-type
image/gif
vary
Accept
x-server
ImageKit.io
last-modified
Wed, 25 Sep 2024 04:30:54 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 122731c1a09cfba14dfeeff504946134.cloudfront.net (CloudFront), 1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
569035
x-amz-cf-pop
MUC50-P5
popup
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/eec0023d-561a-4f54-2747-44e296485500/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/eec0023d-561a-4f54-2747-44e296485500/popup?name=PGSoft+0001
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828d6d896ab09150ab8bd718b3862b632236bcb7e97763e48021cd3a1de25cea
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

cf-cache-status
HIT
etag
"cfXCBgtzKpgDMnqNNFmonVz4XNf0kJE0o1-Pa1j62lDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:37:28 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=1178+1136 c=0+0 v=2024.9.4 l=6159 f=false
cf-ray
8d7dcb7f7eafb994-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
6159
server
cloudflare
popup
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/dc308f8c-8c3e-47b1-3c11-50e594545900/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/dc308f8c-8c3e-47b1-3c11-50e594545900/popup?name=Microgaming+0001
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4173080b78f07aa90f1f71af32b80195ba4c166c897938c9f27cda05d72e9c1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

cf-cache-status
HIT
etag
"cfZrmVIJEy9CvtlptOQjwNPvR7f0kJE0o1-Pa1j62lDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:37:28 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=439+102 c=0+0 v=2024.9.3 l=2969 f=false
cf-ray
8d7dcb7f6ea7b994-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
2969
server
cloudflare
popup
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/2c839975-b55f-4331-e980-cd277a13b500/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/2c839975-b55f-4331-e980-cd277a13b500/popup?name=IDN+Slot+0001
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333d2d3d636295ae3a2a505c484871407ce4db4a2c9b7c76de81e4b024275e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

cf-cache-status
HIT
etag
"cfozRmXII7jCTcEQRMMt7Dz9W1f0kJE0o1-Pa1j62lDQ"
cf-bgj
imgq:0,h2pri
warning
cf-images 299 "original is 791B smaller"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:37:28 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=421+171 c=0+0 v=2024.9.4 l=3050 f=false
cf-ray
8d7dcb7f7eacb994-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
3050
server
cloudflare
popup
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/0118ca4d-5bad-4aa8-6d8c-8abbf8d5d800/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/0118ca4d-5bad-4aa8-6d8c-8abbf8d5d800/popup?name=Pragmatic+Play+0001
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322c7e4377844cf75a8a913fc333971a7b875ed4f110d63beb2cc077636dc3e9
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

cf-cache-status
HIT
etag
"cfYolnLM6pa4tJ1j6TI5svsItif0kJE0o1-Pa1j62lDQ"
cf-bgj
imgq:85,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:37:28 GMT
content-type
image/avif
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=644+120 c=0+0 v=2024.8.0 l=4139 f=false
cf-ray
8d7dcb7f7eaeb994-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
4139
server
cloudflare
popup
imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/e22f0807-d55e-401d-ae02-d1e49e0b6d00/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imagedelivery.net/k2DekMlVuWYM0EWSwlREiw/e22f0807-d55e-401d-ae02-d1e49e0b6d00/popup?name=Habanero+0001
Requested by
Host: newssmashers.com
URL: https://newssmashers.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.3.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1107216866ee7d7b2497023105424b3df5eb35dc6da0eef6c79234ec94c1317e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

cf-cache-status
HIT
etag
"cfQFpKnT-aauey_zm1RQ56YICQf0kJE0o1-Pa1j62lDQ"
cf-bgj
imgq:0,h2pri
warning
cf-images 299 "original is 512B smaller"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:37:28 GMT
content-type
image/webp
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
public,max-age=172800,stale-while-revalidate=7200
cf-images
internal=ok/- q=0 n=447+160 c=0+0 v=2024.9.3 l=2514 f=false
cf-ray
8d7dcb7f7eaab994-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
2514
server
cloudflare
favcon%201.jpg
ik.imagekit.io/onic77/ 		5 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ik.imagekit.io/onic77/favcon%201.jpg?updatedAt=1727238620692
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:3800:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
694341652f3a7871f1acf610bbdc7115d3c2cbee3819267fa1b678f98cb57097

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.6533.17 Safari/537.36
Referer
https://newssmashers.com/

Response headers

x-request-id
992f3f67-1ff9-4bd4-a7bd-8851739c08eb
etag
"8ea4e3cbf0d773863e69e1c20678d2df"
age
119512
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
77FSLq2DDTwSAXAvShWVD1Tub7dwzDPznyB9qwDmDHLaiGJ3VvxNtQ==
date
Wed, 23 Oct 2024 14:25:36 GMT
content-type
image/webp
vary
Accept
x-server
ImageKit.io
last-modified
Thu, 26 Sep 2024 00:59:47 GMT
access-control-allow-headers
*
cache-control
public, s-maxage=31536000, max-age=31536000, must-revalidate
timing-allow-origin
*
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront), 1.1 2be8016001d2c9c5362b82e28629d2d6.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
5422
x-amz-cf-pop
MUC50-P5

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies