onlynewstoday.com Open in urlscan Pro
162.241.50.157 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://commitrem.com/
Effective URL:
https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
Submission: On January 12 via manual (January 12th 2022, 2:38:58 pm UTC) from CA — Scanned from FR

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 8 HTTP transactions. The main IP is 162.241.50.157, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is onlynewstoday.com. The Cisco Umbrella rank of the primary domain is 480732.
TLS certificate: Issued by R3 on November 29th 2021. Valid for: 3 months.

This is the only time onlynewstoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.68.82.147 51.68.82.147	16276 (OVH) (OVH)
1 1	213.227.156.19 213.227.156.19	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	162.241.50.157 162.241.50.157	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	18.66.97.60 18.66.97.60	16509 (AMAZON-02) (AMAZON-02)
2	3.219.201.101 3.219.201.101	14618 (AMAZON-AES) (AMAZON-AES)
2	52.23.126.38 52.23.126.38	14618 (AMAZON-AES) (AMAZON-AES)
8	4

1 51.68.82.147 (France) 1 redirects

ASN16276 (OVH, FR)

commitrem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.227.156.19 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

admoustache.go2affise.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.50.157 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.onlynewstoday.com

onlynewstoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.97.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-60.fra56.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.219.201.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-201-101.compute-1.amazonaws.com

trc.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.126.38 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-126-38.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 4022 trc.pushnami.com — Cisco Umbrella Rank: 4206 psp.pushnami.com — Cisco Umbrella Rank: 14200	63 KB
2	onlynewstoday.com onlynewstoday.com — Cisco Umbrella Rank: 480732	18 KB
1	go2affise.com 1 redirects admoustache.go2affise.com — Cisco Umbrella Rank: 110951	225 B
1	commitrem.com 1 redirects commitrem.com — Cisco Umbrella Rank: 264165	268 B
8	4

	Domain	Requested by
2	psp.pushnami.com	api.pushnami.com
2	trc.pushnami.com	api.pushnami.com
2	api.pushnami.com	onlynewstoday.com api.pushnami.com
2	onlynewstoday.com	onlynewstoday.com
1	admoustache.go2affise.com	1 redirects
1	commitrem.com	1 redirects
8	6

This site contains no links.

Subject Issuer	Validity	Valid
www.onlynewstoday.com R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.pushnami.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
Frame ID: 944715D3F82B921D6DCCE7598EFED1ED
Requests: 5 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 0059F51912704BBC698FBA59B938B964
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play

Page URL History Show full URLs

http://commitrem.com/ HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1 HTTP 302
https://onlynewstoday.com/?clickId=61dee7e330082700014b8466 Page URL

Detected technologies

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

80 kB
Transfer

262 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://commitrem.com/ HTTP 302
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1 HTTP 302
https://onlynewstoday.com/?clickId=61dee7e330082700014b8466 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
onlynewstoday.com/
Redirect Chain

http://commitrem.com/
https://admoustache.go2affise.com/sl?id=5f0efd61dabed1d602e0fe6a&pid=503&sub1=1
https://onlynewstoday.com/?clickId=61dee7e330082700014b8466

6 KB
7 KB

26974ms
134ms

Document
text/html

162.241.50.157
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.50.157 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.onlynewstoday.com
Software: Apache /
Resource Hash: c4198e924e5eee79d17f5ad34ec51c52ce5afe150e8454198764a3f6646a819c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9

Response headers

Date: Wed, 12 Jan 2022 14:38:54 GMT
Server: Apache
Last-Modified: Wed, 05 Jan 2022 13:11:26 GMT
Accept-Ranges: bytes
Content-Length: 6551
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

server: nginx
date: Wed, 12 Jan 2022 14:38:27 GMT
content-length: 0
location: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
referer
referrer-policy: no-referrer
access-control-allow-origin: *

GET
H2 200 5d422c93b7134a0011b9b02f Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 242 KB
61 KB 89ms
27ms Script
application/javascript 18.66.97.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d422c93b7134a0011b9b02f
Requested by: Host: onlynewstoday.com
URL: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-60.fra56.r.cloudfront.net
Software: /
Resource Hash: 5c8f79655b5ef8171e829cbec83aa26096dd8b075de61dbfe7f3575539541264

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://onlynewstoday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 14:31:57 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
age: 417
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-pop: FRA56-P2
content-encoding: gzip
x-amz-cf-id: bKeerIolOiZ-9XwA7dTdJhRc8zJNbTBHz8NJkWdX6lDA6O0BemZ9cw==

GET
H/1.1 200
OK play.png
onlynewstoday.com/ 11 KB
11 KB 134ms
134ms Image
image/png 162.241.50.157
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlynewstoday.com/play.png
Requested by: Host: onlynewstoday.com
URL: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.50.157 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: server.onlynewstoday.com
Software: Apache /
Resource Hash: b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861

Request headers

Accept-Language: fr-FR,fr;q=0.9
Referer: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 12 Jan 2022 14:38:54 GMT
Last-Modified: Fri, 11 Oct 2019 00:17:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 11015

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 0059 2 KB
1 KB 23ms
23ms Document
text/html 18.66.97.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d422c93b7134a0011b9b02f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-60.fra56.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
Referer: https://onlynewstoday.com/

Response headers

content-type: text/html; charset=utf-8
date: Wed, 12 Jan 2022 13:58:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: X-Requested-With
content-security-policy: default-src 'unsafe-inline' *
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *
cache-control: no-cache
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: v6rcA21m6MBdb2KwNo8G5dRpg-jTQeJ972nad-6J5qKp84IoC7uNJA==
age: 2441

POST
H2 200 track Show response
trc.pushnami.com/api/push/ 2 B
168 B 106ms
106ms Fetch
text/html 3.219.201.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d422c93b7134a0011b9b02f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.201.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-201-101.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://onlynewstoday.com/
key: 5d422c93b7134a0011b9b02f
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Wed, 12 Jan 2022 14:38:55 GMT
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 2
access-control-expose-headers: WWW-Authenticate,Server-Authorization

OPTIONS
H2 204 track
trc.pushnami.com/api/push/ Frame 0
0 307ms
102ms Preflight 3.219.201.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.pushnami.com/api/push/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.201.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-201-101.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://onlynewstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 12 Jan 2022 14:38:55 GMT
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
224 B 103ms
102ms Fetch
text/html 52.23.126.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5d422c93b7134a0011b9b02f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-126-38.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://onlynewstoday.com/
key: 5d422c93b7134a0011b9b02f
Accept-Language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://onlynewstoday.com
date: Wed, 12 Jan 2022 14:38:55 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 311ms
101ms Preflight
application/json 52.23.126.38
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.126.38 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-23-126-38.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: key
Origin: https://onlynewstoday.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 12 Jan 2022 14:38:55 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://onlynewstoday.com
access-control-allow-credentials: true
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
access-control-allow-headers: key
access-control-allow-methods: POST
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			admoustache.go2affise.com/	1970-01-20 08:52:14	Name: afclick Value: 61dee7e330082700014b8466

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://onlynewstoday.com/?clickId=61dee7e330082700014b8466 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.go2affise.com
api.pushnami.com
commitrem.com
onlynewstoday.com
psp.pushnami.com
trc.pushnami.com
162.241.50.157
18.66.97.60
213.227.156.19
3.219.201.101
51.68.82.147
52.23.126.38
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c8f79655b5ef8171e829cbec83aa26096dd8b075de61dbfe7f3575539541264
b63e6e57adc4e0a10eee845d513258e424b27a7985c510bb252d75eac63af861
c4198e924e5eee79d17f5ad34ec51c52ce5afe150e8454198764a3f6646a819c

onlynewstoday.com Open in urlscan Pro 162.241.50.157 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

4 IPs

3 Countries

80 kBTransfer

262 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

onlynewstoday.com Open in urlscan Pro
162.241.50.157 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

4
IPs

3
Countries

80 kB
Transfer

262 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions