w-news.biz Open in urlscan Pro
172.67.188.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q
Effective URL:
https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Submission: On October 29 via api (October 29th 2024, 12:25:03 am UTC) from US — Scanned from NL

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 9 domains to perform 14 HTTP transactions. The main IP is 172.67.188.189, located in United States and belongs to CLOUDFLARENET, US. The main domain is w-news.biz.
TLS certificate: Issued by WE1 on September 13th 2024. Valid for: 3 months.

This is the only time w-news.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	185.177.94.152 185.177.94.152	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	164.90.194.65 164.90.194.65	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	172.67.181.5 172.67.181.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.188.189 172.67.188.189	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
4	2606:4700:10:... 2606:4700:10::6816:448f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	174.138.2.60 174.138.2.60	() ()
14	8

3 185.177.94.152 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-152.ah-server.com

broforyou3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.broforyou3d.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.90.194.65 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

cr00.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.181.5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tqnqt.vegalyrae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.188.189 (United States)

ASN13335 (CLOUDFLARENET, US)

w-news.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:448f (United States)

ASN13335 (CLOUDFLARENET, US)

report1.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.138.2.60 (None, )

ASN- ()

dr6.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	report1.biz report1.biz — Cisco Umbrella Rank: 40506	80 KB
3	broforyou3d.com broforyou3d.com 0.broforyou3d.com	53 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	5 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 311	59 KB
1	dr6.biz dr6.biz	13 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 791	30 KB
1	w-news.biz w-news.biz	9 KB
1	vegalyrae.com 1 redirects tqnqt.vegalyrae.com	760 B
1	cr00.biz 1 redirects cr00.biz	448 B
14	9

	Domain	Requested by
4	report1.biz	w-news.biz
2	cdnjs.cloudflare.com	w-news.biz
2	cdn.jsdelivr.net	w-news.biz
2	broforyou3d.com
1	dr6.biz	w-news.biz
1	code.jquery.com	w-news.biz
1	w-news.biz	broforyou3d.com
1	tqnqt.vegalyrae.com	1 redirects
1	cr00.biz	1 redirects
1	0.broforyou3d.com	broforyou3d.com
14	10

This site contains no links.

Subject Issuer	Validity	Valid
broweb3s.site R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh
w-news.biz WE1	`2024-09-13` - `2024-12-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
report1.biz WE1	`2024-09-12` - `2024-12-11`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
0.mo11.biz R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Frame ID: 152BB8914C59C6AFDB1B781AEBB571BE
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NEWS

Page URL History Show full URLs

http://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q HTTP 307
https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q Page URL
https://0.broforyou3d.com/index.php?p=gq3wmzbzha5dcnrxhe4q Page URL
https://cr00.biz/?auf=gqzdkmjrme5dgojqgyxtcnrxhe4s6mzsf43tazrxmjrdqnbpgi2c6mjxgmydcnrrguyda&p... HTTP 302
https://tqnqt.vegalyrae.com/?pl=jPYNfiJs70uLjptRAgGw_A&sub_id=feed73906&click_id=70f7bb84 HTTP 302
https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

14
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

249 kB
Transfer

685 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q HTTP 307
https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q Page URL
https://0.broforyou3d.com/index.php?p=gq3wmzbzha5dcnrxhe4q Page URL
https://cr00.biz/?auf=gqzdkmjrme5dgojqgyxtcnrxhe4s6mzsf43tazrxmjrdqnbpgi2c6mjxgmydcnrrguyda&p=b&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://tqnqt.vegalyrae.com/?pl=jPYNfiJs70uLjptRAgGw_A&sub_id=feed73906&click_id=70f7bb84 HTTP 302
https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q HTTP 307
https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q

14 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

gq3wmzbzha5dcnrxhe4q Show response
broforyou3d.com/go/
Redirect Chain

http://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q
https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q

18 KB
19 KB

84ms
26ms

Document
text/html

185.177.94.152
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-152.ah-server.com

Software

nginx /

Resource Hash

002d9efe379499b0811d72893e7c56488a9d579f3af2c715ae2b136bdc0cd03e

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 29 Oct 2024 00:24:59 GMT
server: nginx
strict-transport-security: max-age=31536000

Redirect headers

Location: https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q
Non-Authoritative-Reason: HttpsUpgrades

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f93b104287817dd1f5306167f14871087b215ffa0d70edd332b189f1b841c5e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44e66aa317d293aa76fd83b899651261c655aa0ba15a4f88139bcbb8e91eb583

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 382 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 204 favicon.ico
broforyou3d.com/ 0
125 B 18ms
18ms Other
text/plain 185.177.94.152
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://broforyou3d.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-152.ah-server.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q

Response headers

strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
date: Tue, 29 Oct 2024 00:24:59 GMT
server: nginx

GET
DATA 200
OK truncated
/ 180 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 354 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 index.php Show response
0.broforyou3d.com/ 34 KB
34 KB 32ms
25ms Document
text/html 185.177.94.152
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://0.broforyou3d.com/index.php?p=gq3wmzbzha5dcnrxhe4q

Requested by

Host: broforyou3d.com
URL: https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.152 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-152.ah-server.com

Software

nginx /

Resource Hash

7e78c3212cdf3f437469e2355fe9e881f0e929df739048e9f8ab180c017f9d2f

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://broforyou3d.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-security-policy: img-src https: data:; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 29 Oct 2024 00:25:00 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H3

200

Primary Request / Show response
w-news.biz/
Redirect Chain

https://cr00.biz/?auf=gqzdkmjrme5dgojqgyxtcnrxhe4s6mzsf43tazrxmjrdqnbpgi2c6mjxgmydcnrrguyda&p=b&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
https://tqnqt.vegalyrae.com/?pl=jPYNfiJs70uLjptRAgGw_A&sub_id=feed73906&click_id=70f7bb84
https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84

57 KB
9 KB

174ms
135ms

Document
text/html

172.67.188.189
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Requested by: Host: broforyou3d.com
URL: https://broforyou3d.com/go/gq3wmzbzha5dcnrxhe4q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.188.189 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519add4dc8ff62e4ba022e7d515ce4a47c18ef73c7caddc86ea70d4d5613d487

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Wow64, Sec-CH-UA-Bitness, Sec-CH-UA-Model
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d9f06aef8c09f5e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Oct 2024 00:25:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T8iL%2BdziVpcGF%2BAph3wMGiO4RrnWUE7NTtjA8WvqRD8OgzADYj%2BO1aRGzXhm4xu2OUCR22vZHQQEVaKUGa8lrZHqWrbSiMOMbjdk%2FvmiqAewVikT3ahpKTVmanjq"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15587&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4154&recv_bytes=4508&delivery_rate=683&cwnd=12000&unsent_bytes=0&cid=da9b33ecf9c62cd8&ts=146&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8d9f06ae5e2b6662-AMS
content-length: 0
date: Tue, 29 Oct 2024 00:25:02 GMT
location: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bs6rWb9atjWfBEOxbnn%2B%2Bxbv7bDS9qkxuInRw7gnZ98zAVzFARTUx%2FcMt6HCTFTbok1rJSdnV5uhtOg6hs84SkBnHQC5qwzhqgcaUwmnnC6Fzel2otpDSEHltx6aaWUV8mrBwO4w"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=15285&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4164&recv_bytes=4485&delivery_rate=38576&cwnd=12000&unsent_bytes=0&cid=762389689ac41f26&ts=63&x=1" cfExtPri cfHdrFlush;dur=0

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/ 227 KB
34 KB 66ms
22ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/css/bootstrap.min.css

Requested by

Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://w-news.biz
Referer: https://w-news.biz/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"38cf3-SvPX4VpqOAxsurukLprfMwtJ1Y8"
age: 1167953
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 29 Oct 2024 00:25:02 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230067-FRA, cache-bru1480023-BRU
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34794
x-jsd-version: 5.3.0-alpha3

GET
H2 200 /
report1.biz/t/ 31 KB
0 91ms
44ms Image
image/png 2606:4700:10::6816:448f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.biz/t/?img=aHR0cDovL2ltZy5uZXdzLmNsaWNrc3Rhci5tZS9uZXdzX2ltYWdlcy85LzZlL2VjNy85NmVlYzcyZjEyYjU1MmM0YTQyNmI0ZTQ5NGJkOGUyNi5wbmc=
Requested by: Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:448f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

cache-control: max-age=31536000
cf-cache-status: HIT
etag: "64917924-13c62"
age: 2410361
cf-ray: 8d9f06b04c5a6569-AMS
expires: Thu, 18 Jul 2019 10:15:39 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
content-length: 80994
date: Tue, 29 Oct 2024 00:25:02 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 20 Jun 2023 10:02:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 /
report1.biz/t/ 31 KB
0 104ms
58ms Image
image/png 2606:4700:10::6816:448f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.biz/t/?img=aHR0cDovL2ltZy5uZXdzLmNsaWNrc3Rhci5tZS9uZXdzX2ltYWdlcy9kLzY5L2JhYS9kNjliYWEwY2Q0OTI3MjQxOTkxMGIzZTk2NzRkYzIwYy5wbmc=
Requested by: Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:448f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

cache-control: max-age=31536000
cf-cache-status: HIT
etag: "64917860-14819"
age: 1210864
cf-ray: 8d9f06b04c586569-AMS
expires: Thu, 01 Aug 2019 07:27:16 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 83993
date: Tue, 29 Oct 2024 00:25:02 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 20 Jun 2023 09:58:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 /
report1.biz/t/ 80 KB
80 KB 57ms
27ms Image
image/png 2606:4700:10::6816:448f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.biz/t/?img=aHR0cDovL2ltZy5uZXdzLmNsaWNrc3Rhci5tZS9uZXdzX2ltYWdlcy9kLzhjLzc5ZC9kOGM3OWRlZjk1MDgyYWZkZWI5ZWRiYTNlNGViMWQ3Ni5wbmc=
Requested by: Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:448f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43d9d313c069e742c3c5ec905c0baa9f9b902cf4e135b9908ba2d43d3ff6210e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

cache-control: max-age=31536000
cf-cache-status: HIT
etag: "649178bf-14056"
age: 565532
cf-ray: 8d9f06b04c5d6569-AMS
expires: Thu, 08 Aug 2019 18:42:49 GMT
x-proxy-cache: MISS
access-control-allow-origin: *
content-length: 82006
date: Tue, 29 Oct 2024 00:25:02 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 20 Jun 2023 10:00:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 /
report1.biz/t/ 16 KB
0 86ms
57ms Image
image/png 2606:4700:10::6816:448f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report1.biz/t/?img=aHR0cDovL2ltZy5uZXdzLmNsaWNrc3Rhci5tZS9uZXdzX2ltYWdlcy82LzMzLzJmMi82MzMyZjI2OTVjNTA0MjU4YjgyNjk4ZTMxZjRhYjZmYS5wbmc=
Requested by: Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:448f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

cache-control: max-age=31536000
cf-cache-status: HIT
etag: "64917bcc-f03e"
age: 360051
cf-ray: 8d9f06b04c5e6569-AMS
expires: Sun, 11 Aug 2019 03:47:29 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
content-length: 61502
date: Tue, 29 Oct 2024 00:25:02 GMT
accept-ranges: bytes
content-type: image/png
last-modified: Tue, 20 Jun 2023 10:13:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 jquery-3.7.0.min.js Show response
code.jquery.com/ 85 KB
30 KB 60ms
18ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.0.min.js
Requested by: Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://w-news.biz
Referer: https://w-news.biz/

Response headers

content-encoding: gzip
etag: W/"28feccc0-155a6"
age: 7670053
x-cache: HIT, HIT
date: Tue, 29 Oct 2024 00:25:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-cache-hits: 38, 57557
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
x-served-by: cache-lga13623-LGA, cache-bru1480021-BRU
cache-control: public, max-age=31536000, stale-while-revalidate=604800
x-timer: S1730161503.777299,VS0,VE0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30308
server: nginx

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/ 79 KB
25 KB 44ms
18ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0-alpha3/dist/js/bootstrap.bundle.min.js

Requested by

Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://w-news.biz
Referer: https://w-news.biz/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"13ac2-jNeXExg3GrPRY3nfbPslSlxkn8o"
age: 1124011
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Tue, 29 Oct 2024 00:25:02 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230059-FRA, cache-bru1480023-BRU
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24750
x-jsd-version: 5.3.0-alpha3

GET
H3 200 jquery.lazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 5 KB
3 KB 48ms
24ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.min.js

Requested by

Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-139e"
age: 360521
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=odK4PPr13OftkLFRmv7S1vpi38aShJPuNcoh4lUzJcxtkeLMpgf%2B0KU0dTGJUY%2FmgtXIUvrulyJrJJClMUi2Noqa0YEWfs643onHtUmoGDGbxerw0S7G2NoO12QRvFiBx7Ontp4q"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:25:02 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:25:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f06b04ce89fdc-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2090
server: cloudflare

GET
H3 200 jquery.lazy.plugins.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/ 4 KB
2 KB 48ms
25ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.9/jquery.lazy.plugins.min.js

Requested by

Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec3-113c"
age: 366535
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoP5Rs3eOAsCViGC%2FaQKX%2FU9bYLeUcNfuAyKB29FxPeXYou%2FDRJfkC7DoU5hdlVo9Hw9Q%2BB35%2Fy9Gcktrm4PclZ6DCD7hcCTs4WxHeNOzEAYrQIpt7C73jnoL6ZAi2gdyEf9sSv1"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 19 Oct 2025 00:25:02 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Oct 2024 00:25:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d9f06b04ce79fdc-AMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1296
server: cloudflare

GET
H2 200 / Show response
dr6.biz/ 13 KB
13 KB 69ms
25ms Script
application/javascript 174.138.2.60

General

Check archive.org

Show headers Download Go to

Full URL

https://dr6.biz/?te=mvtdgmtcgm5ha3ddf43tonzu

Requested by

Host: w-news.biz
URL: https://w-news.biz/?start=1&s=o&t=light&f=feed73906&h=70f7bb84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

174.138.2.60 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2bb00d9b5a571d79d090cafcf3e7e3bb81ba19c871e44f7acdac4396af443e49

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://w-news.biz/

Response headers

strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
access-control-allow-origin: *
date: Tue, 29 Oct 2024 00:25:02 GMT
content-type: application/javascript; charset=UTF-8
server: nginx

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.broforyou3d.com/	1970-01-21 01:19:13	Name: uuid Value: e9249cf0-bd62-48b1-aeeb-f9cbe641c641
.0.broforyou3d.com/	1970-01-21 01:19:13	Name: uuid Value: e9249cf0-bd62-48b1-aeeb-f9cbe641c641
cr00.biz/	1970-01-21 01:19:13	Name: uuid Value: 35270e5a-7fda-4558-bf32-b36f4a81c129
.cr00.biz/	1970-01-21 00:37:27	Name: ccid Value: %5B170878%5D
w-news.biz/	1970-01-21 01:19:13	Name: uuid Value: d6a35f89-dfce-42e5-ab0e-dabc31b4e0bd
.dr6.biz/	1970-01-21 01:19:13	Name: uuid Value: 3d89cec9-eb93-401d-9edc-86e97a2856fd

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.broforyou3d.com
broforyou3d.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
cr00.biz
dr6.biz
report1.biz
tqnqt.vegalyrae.com
w-news.biz
104.17.24.14
164.90.194.65
172.67.181.5
172.67.188.189
174.138.2.60
185.177.94.152
2606:4700:10::6816:448f
2a04:4e42:200::649
2a04:4e42:400::485
002d9efe379499b0811d72893e7c56488a9d579f3af2c715ae2b136bdc0cd03e
16ee7f3d53462650bbd32e263c48c0ea759574fcf620c681ad719008912c461a
2bb00d9b5a571d79d090cafcf3e7e3bb81ba19c871e44f7acdac4396af443e49
35ecbd48276f3dec75c9f9c8f9f638ad2aeb5b74c387a731cefade25466e9ffb
43d9d313c069e742c3c5ec905c0baa9f9b902cf4e135b9908ba2d43d3ff6210e
44e66aa317d293aa76fd83b899651261c655aa0ba15a4f88139bcbb8e91eb583
519add4dc8ff62e4ba022e7d515ce4a47c18ef73c7caddc86ea70d4d5613d487
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
7e78c3212cdf3f437469e2355fe9e881f0e929df739048e9f8ab180c017f9d2f
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8fe021a4ace4f6786fecc418f70b658fc2dc02d136e8fe5c6ab6b62a46d5d0
ecf4a6176a23634e19ed80b01b9c30bc7f9b754c55d4f3c220e46fbd3607a3b3
f93b104287817dd1f5306167f14871087b215ffa0d70edd332b189f1b841c5e3

w-news.biz Open in urlscan Pro 172.67.188.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

33 %IPv6

9 Domains

10 Subdomains

8 IPs

3 Countries

249 kBTransfer

685 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

w-news.biz Open in urlscan Pro
172.67.188.189 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

8
IPs

3
Countries

249 kB
Transfer

685 kB
Size

6
Cookies

14 HTTP transactions
5 data transactions