www.blue789news.online.lowcost-fly.shop Open in urlscan Pro
162.241.123.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.blue789news.online.lowcost-fly.shop/
Submission: On August 19 via api (August 19th 2024, 6:13:38 am UTC) from US — Scanned from DE

Summary HTTP 28 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main IP is 162.241.123.25, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.blue789news.online.lowcost-fly.shop.
TLS certificate: Issued by R11 on August 16th 2024. Valid for: 3 months.

This is the only time www.blue789news.online.lowcost-fly.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	162.241.123.25 162.241.123.25	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a04:4e42:200... 2a04:4e42:200::347	54113 (FASTLY) (FASTLY)
6	34.149.157.221 34.149.157.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a02:26f0:480... 2a02:26f0:480:15::213:7e47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	5

2 162.241.123.25 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-123-25.unifiedlayer.com

www.blue789news.online.lowcost-fly.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blue789news.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::347 (United States)

ASN54113 (FASTLY, US)

static.standard.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.149.157.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.157.149.34.bc.googleusercontent.com

smartcdn.gprod.postmedia.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:15::213:7e47 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.news18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	postmedia.digital smartcdn.gprod.postmedia.digital — Cisco Umbrella Rank: 144971	40 KB
2	news18.com images.news18.com — Cisco Umbrella Rank: 63075	1 KB
2	standard.co.uk static.standard.co.uk — Cisco Umbrella Rank: 121651	138 KB
1	blue789news.online blue789news.online	83 KB
1	lowcost-fly.shop www.blue789news.online.lowcost-fly.shop	25 KB
28	5

	Domain	Requested by
6	smartcdn.gprod.postmedia.digital	www.blue789news.online.lowcost-fly.shop
2	images.news18.com	www.blue789news.online.lowcost-fly.shop
2	static.standard.co.uk	www.blue789news.online.lowcost-fly.shop
1	blue789news.online	www.blue789news.online.lowcost-fly.shop
1	www.blue789news.online.lowcost-fly.shop
28	5

This site contains links to these domains. Also see Links.

Domain
blue789news.online
ascendoor.com
wordpress.org

Subject Issuer	Validity	Valid
lowcost-fly.shop R11	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.standard.co.uk GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-17` - `2025-07-19`	a year	crt.sh
gprod.postmedia.digital WR3	`2024-06-29` - `2024-09-27`	3 months	crt.sh
images.news18.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-12-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.blue789news.online.lowcost-fly.shop/
Frame ID: 4CAF4BFABC0E8A14E5510A87D74816DF
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blue 789 News - Latest News Updates

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

28
Requests

43 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

288 kB
Transfer

518 kB
Size

0
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://blue789news.online/
Title: Blue 789 News

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/man-city-xi-vs-chelsea-confirmed-team-news-predicted-lineup-injuries/
Title: Man City XI vs Chelsea: Confirmed team news, predicted lineup, injuries

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/prier-sutcliffe-plays-blame-game-instead-of-solving-transit-problems/
Title: Prier: Sutcliffe plays blame game instead of solving transit problems

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/surgery-wait-times-vary-wildly-between-hospitals-in-ontario-study/
Title: Surgery wait times vary wildly between hospitals in Ontario: study

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/ford-vet-quip-was-a-joke-but-shows-problem-in-health-system/
Title: Ford vet quip was a joke but shows problem in health system

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/dheeraj-dhoopar-wishes-kundali-bhagya-co-star-shraddha-arya-on-birthday-with-adorable-throwback-photos-news18/
Title: Dheeraj Dhoopar Wishes Kundali Bhagya Co-Star Shraddha Arya On Birthday With Adorable Throwback Photos – News18

Search URL Search Domain Scan URL

URL: https://blue789news.online/category/blue-789-news/
Title: Blue 789 News

Search URL Search Domain Scan URL

URL: https://blue789news.online/author/admin/
Title: admin

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/ipswich-town-v-liverpool-premier-league-live/

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/liverpool-drop-huge-transfer-hint-by-leaving-squad-number-vacant-for-possible-new-signing/

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/britain-launches-new-spy-in-the-sky-military-satellite-to-keep-an-eye-on-nations-enemies-with-the-help-of-one-of-elon-musks-rockets/

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/catherine-zeta-jones-lookalike-daughter-carys-reflects-on-peaceful-moments-as-she-shares-new-family-photos/

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/17/dear-abby-friendship-with-boss-came-with-emotional-toll/

Search URL Search Domain Scan URL

URL: https://blue789news.online/page/2/
Title: Older posts

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/08/
Title: August 2024

Search URL Search Domain Scan URL

URL: https://blue789news.online/2024/07/
Title: July 2024

Search URL Search Domain Scan URL

URL: https://blue789news.online/2023/09/
Title: September 2023

Search URL Search Domain Scan URL

URL: https://blue789news.online/2023/08/
Title: August 2023

Search URL Search Domain Scan URL

URL: https://blue789news.online/2023/07/
Title: July 2023

Search URL Search Domain Scan URL

URL: https://blue789news.online/2023/03/
Title: March 2023

Search URL Search Domain Scan URL

URL: https://blue789news.online/2020/09/
Title: September 2020

Search URL Search Domain Scan URL

URL: https://blue789news.online/2019/10/
Title: October 2019

Search URL Search Domain Scan URL

URL: https://blue789news.online/2019/06/
Title: June 2019

Search URL Search Domain Scan URL

URL: https://blue789news.online/2016/05/
Title: May 2016

Search URL Search Domain Scan URL

URL: https://blue789news.online/2014/11/
Title: November 2014

Search URL Search Domain Scan URL

URL: https://blue789news.online/2011/05/
Title: May 2011

Search URL Search Domain Scan URL

URL: https://ascendoor.com/
Title: Ascendoor

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.blue789news.online.lowcost-fly.shop/ 78 KB
25 KB 3215ms
2102ms Document
text/html 162.241.123.25
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.123.25 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-123-25.unifiedlayer.com
Software: nginx/1.21.6 /
Resource Hash: b7a53676d70a066fa963cd3f0e23724175b78a0da340a6d5823525ace7aa2355

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=7200
content-encoding: gzip
content-type: text/html
date: Mon, 19 Aug 2024 06:13:29 GMT
expires: Mon, 19 Aug 2024 08:13:29 GMT
last-modified: Sat, 17 Aug 2024 11:39:42 GMT
server: nginx/1.21.6
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-proxy-cache: MISS
x-server-cache: true

GET
H2 200 globe.gif
blue789news.online/wp-content/themes/elite-news/assets/img/ 83 KB
83 KB 882ms
287ms Image
image/gif 162.241.123.25
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blue789news.online/wp-content/themes/elite-news/assets/img/globe.gif
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.123.25 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-123-25.unifiedlayer.com
Software: Apache /
Resource Hash: 65d5dfabc1a5f9d45a39a4e47f098045e46b072e28b7ec982086b6413cdbb978

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 06:13:30 GMT
x-nginx-cache: WordPress
last-modified: Fri, 16 Aug 2024 14:29:19 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 84513
expires: Tue, 19 Aug 2025 06:13:30 GMT

GET
H2 200 ManCityPep23PredictedXIv1.jpg
static.standard.co.uk/2023/07/27/15/ 138 KB
138 KB 551ms
124ms Image
image/avif 2a04:4e42:200::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.standard.co.uk/2023/07/27/15/ManCityPep23PredictedXIv1.jpg?width=1200&auto=webp
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa50b5aa1914ebf04fac09d8f69c4038e27564502eb6200f54bab26f38c3814a

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 06:13:30 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-etou8240196
x-amz-request-id: Y8JXBAVPC5NANK6A
x-amz-server-side-encryption: AES256
age: 399319
x-cache: HIT, MISS
fastly-io-info: ifsz=602079 idim=1500x1000 ifmt=jpeg ofsz=141025 odim=1200x800 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141025
x-amz-id-2: EgsFKkcoAZI0X1cHmYyxn8fj0k8OC8BF0MjRnUMy9qWYxx7W7nKVF8EuKu6FTyOYl1+zqX7O2sU=
x-served-by: cache-lcy-eglc8600072-LCY, cache-mxp6930-MXP
server: AmazonS3
x-timer: S1724048011.626213,VS0,VE22
etag: "rr6i3GOm1cLS5PiKhuZjpa8X1Am/Qd2iqjqd4g5+YWY"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 36, 0

GET
H2 200 138647.jpg
smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/12/ 20 KB
20 KB 614ms
59ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/12/138647.jpg?quality=90&strip=all&w=288&h=216&sig=LiE6XIhOggdaNJYRUCzpsQ
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 257ad141723803cc55b91f279ad4d3b1582a9866a533d0d317233d7f3267b09e

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: ottawacitizen
date: Sat, 17 Aug 2024 16:47:00 GMT
via: 1.1 google
server: nginx/1.18.0
age: 134791
etag: "3208f2d6fdbe0052c0836d48d187b68b7ccb2520"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-mxbg9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20444

GET
H2 200 hospitals-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/08/ 14 KB
14 KB 683ms
129ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/08/hospitals-1.jpg?quality=90&strip=all&w=288&h=216&sig=EeUCPHsw6s_j_ZP0zOCdGw
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 00ca33f932087d1df0b8b15a1f3904ced936e5a0860286d5a84ad2bfa615b3aa

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nationalpost
date: Sat, 17 Aug 2024 11:19:28 GMT
via: 1.1 google
server: nginx/1.18.0
age: 154443
etag: "f3a428a4442cd918a6bc6148cafa41f8f99c3a6d"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-lqx5v
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13874

GET
H2 200 doug.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/08/ 6 KB
6 KB 612ms
58ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/08/doug.jpg?quality=90&strip=all&w=288&h=216&sig=L57zkNHaDHcZzRageB1Aqw
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 34a594af7a9cd9ceb985f430f3f57181ba4ea4b9962d00438a2adc102f1dff68

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Sun, 18 Aug 2024 14:05:13 GMT
via: 1.1 google
server: nginx/1.18.0
age: 58098
etag: "64936c7678cded521358b68a536fe10a7bfc6785"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-d5z5q
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6224

GET
H2 200 1627283897_news18_logo-1200x800.jpg
images.news18.com/ibnlive/uploads/2021/07/ 771 B
1 KB 233ms
79ms Image
image/avif 2a02:26f0:480:15::213:7e47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.news18.com/ibnlive/uploads/2021/07/1627283897_news18_logo-1200x800.jpg?impolicy=website&width=510&height=383

Requested by

Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:15::213:7e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7a59cf31ce3c8c11e2938c34789f6e96a2c8d5b64c760369bc1433fd56667978

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 06:13:31 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
cross-origin-resource-policy: cross-origin
content-length: 771
last-modified: Mon, 04 Mar 2024 11:22:06 GMT
x-serial: 454
server: Akamai Image Manager
etag: "cc0c93a8969f47b9c4732488c632d15f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: false
access-control-allow-headers: *
expires: Thu, 19 Sep 2024 06:13:31 GMT

GET style.min.css
blue789news.online/wp-includes/css/dist/block-library/ 0
0

GET slick.min.css
blue789news.online/wp-content/themes/elite-news/assets/css/ 0
0

GET fontawesome.min.css
blue789news.online/wp-content/themes/elite-news/assets/css/ 0
0

GET 7d76a5ea5351144867bda11929ae0f33.css
blue789news.online/wp-content/fonts/ 0
0

GET style.css
blue789news.online/wp-content/themes/elite-news/ 0
0

GET style.css
blue789news.online/wp-content/themes/exclusive-news/ 0
0

GET jquery.min.js
blue789news.online/wp-includes/js/jquery/ 0
0

GET jquery-migrate.min.js
blue789news.online/wp-includes/js/jquery/ 0
0

GET
H2 200 ManCityPep23PredictedXIv1.jpg
static.standard.co.uk/2023/07/27/15/ 138 KB
0 0ms
0ms Image
image/avif 2a04:4e42:200::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.standard.co.uk/2023/07/27/15/ManCityPep23PredictedXIv1.jpg?width=1200&auto=webp
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa50b5aa1914ebf04fac09d8f69c4038e27564502eb6200f54bab26f38c3814a

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 06:13:30 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-served-by: vpop-etou8240196
x-amz-request-id: Y8JXBAVPC5NANK6A
x-amz-server-side-encryption: AES256
age: 399319
x-cache: HIT, MISS
fastly-io-info: ifsz=602079 idim=1500x1000 ifmt=jpeg ofsz=141025 odim=1200x800 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 141025
x-amz-id-2: EgsFKkcoAZI0X1cHmYyxn8fj0k8OC8BF0MjRnUMy9qWYxx7W7nKVF8EuKu6FTyOYl1+zqX7O2sU=
x-served-by: cache-lcy-eglc8600072-LCY, cache-mxp6930-MXP
server: AmazonS3
x-timer: S1724048011.626213,VS0,VE22
etag: "rr6i3GOm1cLS5PiKhuZjpa8X1Am/Qd2iqjqd4g5+YWY"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 36, 0

GET
H2 200 138647.jpg
smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/12/ 20 KB
0 615ms
615ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/ottawacitizen/wp-content/uploads/2023/12/138647.jpg?quality=90&strip=all&w=288&h=216&sig=LiE6XIhOggdaNJYRUCzpsQ
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 257ad141723803cc55b91f279ad4d3b1582a9866a533d0d317233d7f3267b09e

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: ottawacitizen
date: Sat, 17 Aug 2024 16:47:00 GMT
via: 1.1 google
server: nginx/1.18.0
age: 134791
etag: "3208f2d6fdbe0052c0836d48d187b68b7ccb2520"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-mxbg9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20444

GET
H2 200 hospitals-1.jpg
smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/08/ 14 KB
0 686ms
686ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/nationalpost/wp-content/uploads/2024/08/hospitals-1.jpg?quality=90&strip=all&w=288&h=216&sig=EeUCPHsw6s_j_ZP0zOCdGw
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 00ca33f932087d1df0b8b15a1f3904ced936e5a0860286d5a84ad2bfa615b3aa

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: nationalpost
date: Sat, 17 Aug 2024 11:19:28 GMT
via: 1.1 google
server: nginx/1.18.0
age: 154443
etag: "f3a428a4442cd918a6bc6148cafa41f8f99c3a6d"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-lqx5v
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13874

GET
H2 200 doug.jpg
smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/08/ 6 KB
0 614ms
614ms Image
image/webp 34.149.157.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcdn.gprod.postmedia.digital/torontosun/wp-content/uploads/2024/08/doug.jpg?quality=90&strip=all&w=288&h=216&sig=L57zkNHaDHcZzRageB1Aqw
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.157.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.157.149.34.bc.googleusercontent.com
Software: nginx/1.18.0 /
Resource Hash: 34a594af7a9cd9ceb985f430f3f57181ba4ea4b9962d00438a2adc102f1dff68

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-pmd-smartcdn-requester: torontosun
date: Sun, 18 Aug 2024 14:05:13 GMT
via: 1.1 google
server: nginx/1.18.0
age: 58098
etag: "64936c7678cded521358b68a536fe10a7bfc6785"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000,public
x-cache-hit: hit
x-pmd-smart-cdn-proxy: thumbor-proxy-675b9bbb75-d5z5q
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6224

GET
H2 200 1627283897_news18_logo-1200x800.jpg
images.news18.com/ibnlive/uploads/2021/07/ 771 B
0 237ms
237ms Image
image/avif 2a02:26f0:480:15::213:7e47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.news18.com/ibnlive/uploads/2021/07/1627283897_news18_logo-1200x800.jpg?impolicy=website&width=510&height=383
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:15::213:7e47 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 7a59cf31ce3c8c11e2938c34789f6e96a2c8d5b64c760369bc1433fd56667978

Request headers

Referer: https://www.blue789news.online.lowcost-fly.shop/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 19 Aug 2024 06:13:31 GMT
last-modified: Mon, 04 Mar 2024 11:22:06 GMT
x-serial: 454
server: Akamai Image Manager
etag: "cc0c93a8969f47b9c4732488c632d15f"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,HEAD
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=2678400
access-control-allow-credentials: false
cross-origin-resource-policy: cross-origin
access-control-allow-headers: *
content-length: 771
expires: Thu, 19 Sep 2024 06:13:31 GMT

GET navigation.min.js
blue789news.online/wp-content/themes/elite-news/assets/js/ 0
0

GET slick.min.js
blue789news.online/wp-content/themes/elite-news/assets/js/ 0
0

GET jquery.marquee.min.js
blue789news.online/wp-content/themes/elite-news/assets/js/ 0
0

GET custom.min.js
blue789news.online/wp-content/themes/elite-news/assets/js/ 0
0

GET custom.min.js
blue789news.online/wp-content/themes/exclusive-news/assets/js/ 0
0

GET
BLOB 200
OK d6c6bf8d-8cc6-4c9c-a374-0db2e3ade369
https://www.blue789news.online.lowcost-fly.shop/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.blue789news.online.lowcost-fly.shop/d6c6bf8d-8cc6-4c9c-a374-0db2e3ade369
Requested by: Host: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET wp-emoji-release.min.js
blue789news.online/wp-includes/js/ 0
0

GET favicon.ico
www.blue789news.online.lowcost-fly.shop/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blue789news.online
URL: http://blue789news.online/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/assets/css/slick.min.css?ver=1.8.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/assets/css/fontawesome.min.css?ver=6.4.2

Domain: blue789news.online
URL: http://blue789news.online/wp-content/fonts/7d76a5ea5351144867bda11929ae0f33.css

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/style.css?ver=1.0.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/exclusive-news/style.css?ver=1.0.0

Domain: blue789news.online
URL: http://blue789news.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Domain: blue789news.online
URL: http://blue789news.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/assets/js/navigation.min.js?ver=1.0.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/assets/js/slick.min.js?ver=1.8.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/assets/js/jquery.marquee.min.js?ver=1.6.0

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/elite-news/assets/js/custom.min.js?ver=1.0.1

Domain: blue789news.online
URL: http://blue789news.online/wp-content/themes/exclusive-news/assets/js/custom.min.js?ver=1.0.0

Domain: blue789news.online
URL: http://blue789news.online/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1

Domain: www.blue789news.online.lowcost-fly.shop
URL: https://www.blue789news.online.lowcost-fly.shop/favicon.ico

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure element 'http://blue789news.online/wp-content/themes/elite-news/assets/img/globe.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 52) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://blue789news.online/wp-includes/css/dist/block-library/style.min.css?ver=6.6.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 66) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://blue789news.online/wp-content/themes/elite-news/assets/css/slick.min.css?ver=1.8.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 67) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://blue789news.online/wp-content/themes/elite-news/assets/css/fontawesome.min.css?ver=6.4.2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 68) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://blue789news.online/wp-content/fonts/7d76a5ea5351144867bda11929ae0f33.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 69) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://blue789news.online/wp-content/themes/elite-news/style.css?ver=1.0.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 97) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure stylesheet 'http://blue789news.online/wp-content/themes/exclusive-news/style.css?ver=1.0.0'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 800) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure element 'http://blue789news.online/wp-content/themes/elite-news/assets/img/globe.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-content/themes/elite-news/assets/js/navigation.min.js?ver=1.0.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-content/themes/elite-news/assets/js/slick.min.js?ver=1.8.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-content/themes/elite-news/assets/js/jquery.marquee.min.js?ver=1.6.0'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-content/themes/elite-news/assets/js/custom.min.js?ver=1.0.1'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/ Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-content/themes/exclusive-news/assets/js/custom.min.js?ver=1.0.0'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.blue789news.online.lowcost-fly.shop/(Line 36) Message: Mixed Content: The page at 'https://www.blue789news.online.lowcost-fly.shop/' was loaded over HTTPS, but requested an insecure script 'http://blue789news.online/wp-includes/js/wp-emoji-release.min.js?ver=6.6.1'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blue789news.online
images.news18.com
smartcdn.gprod.postmedia.digital
static.standard.co.uk
www.blue789news.online.lowcost-fly.shop
blue789news.online
www.blue789news.online.lowcost-fly.shop
162.241.123.25
2a02:26f0:480:15::213:7e47
2a04:4e42:200::347
34.149.157.221
00ca33f932087d1df0b8b15a1f3904ced936e5a0860286d5a84ad2bfa615b3aa
257ad141723803cc55b91f279ad4d3b1582a9866a533d0d317233d7f3267b09e
34a594af7a9cd9ceb985f430f3f57181ba4ea4b9962d00438a2adc102f1dff68
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
65d5dfabc1a5f9d45a39a4e47f098045e46b072e28b7ec982086b6413cdbb978
7a59cf31ce3c8c11e2938c34789f6e96a2c8d5b64c760369bc1433fd56667978
aa50b5aa1914ebf04fac09d8f69c4038e27564502eb6200f54bab26f38c3814a
b7a53676d70a066fa963cd3f0e23724175b78a0da340a6d5823525ace7aa2355

www.blue789news.online.lowcost-fly.shop Open in urlscan Pro 162.241.123.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

28 Requests

43 %HTTPS

50 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

288 kBTransfer

518 kBSize

0 Cookies

28 Outgoing links

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

16 Console Messages

Indicators

www.blue789news.online.lowcost-fly.shop Open in urlscan Pro
162.241.123.25 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

43 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

288 kB
Transfer

518 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions