w-news.biz Open in urlscan Pro
2606:4700:3034::6815:899 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://n1major.com/?p=ga4gmobwmy5gi3bpgq3tgny
Effective URL:
https://w-news.biz/?start=1&s=o&t=light&f=feed9317&h=2f78417c
Submission: On September 02 via api (September 2nd 2023, 1:52:48 pm UTC) from US — Scanned from NL

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 15 domains to perform 74 HTTP transactions. The main IP is 2606:4700:3034::6815:899, located in United States and belongs to CLOUDFLARENET, US. The main domain is w-news.biz.
TLS certificate: Issued by GTS CA 1P5 on July 27th 2023. Valid for: 3 months.

This is the only time w-news.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.177.94.194 185.177.94.194	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	185.177.94.180 185.177.94.180	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	185.177.94.42 185.177.94.42	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	185.177.92.29 185.177.92.29	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	164.90.194.65 164.90.194.65	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	172.67.205.133 172.67.205.133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	172.64.195.3 172.64.195.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.90.27.45 157.90.27.45	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:899	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2606:4700:10:... 2606:4700:10::6816:458f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.92.30 185.177.92.30	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
74	14

1 185.177.94.194 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-194.ah-server.com

n1major.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.180 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-180.ah-server.com

au01.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.177.94.42 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-42.ah-server.com

lan05.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.92.29 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-29.ah-server.com

national-team.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.90.194.65 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

dm9.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.205.133 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tqnqt.rigelbetelgeuse.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.64.195.3 (United States)

ASN13335 (CLOUDFLARENET, US)

tqnqt.goldengrinder.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnstatic.goldengrinder.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.90.27.45 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.45.27.90.157.clients.your-server.de

js2json.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:899 (United States)

ASN13335 (CLOUDFLARENET, US)

w-news.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:10::6816:458f (United States)

ASN13335 (CLOUDFLARENET, US)

report1.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.92.30 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-30.ah-server.com

dr6.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	report1.biz report1.biz — Cisco Umbrella Rank: 26358	6 MB
18	goldengrinder.top tqnqt.goldengrinder.top cdnstatic.goldengrinder.top — Cisco Umbrella Rank: 225244	78 KB
8	lan05.biz lan05.biz	50 KB
4	gstatic.com www.gstatic.com	35 KB
4	js2json.com js2json.com — Cisco Umbrella Rank: 344778	37 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	4 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 320	57 KB
1	dr6.biz dr6.biz — Cisco Umbrella Rank: 370723	13 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 733	30 KB
1	w-news.biz w-news.biz	9 KB
1	rigelbetelgeuse.top 1 redirects tqnqt.rigelbetelgeuse.top — Cisco Umbrella Rank: 977573	715 B
1	dm9.biz 1 redirects dm9.biz	420 B
1	national-team.top national-team.top	65 KB
1	au01.bid au01.bid	65 KB
1	n1major.com n1major.com	15 KB
74	15

	Domain	Requested by
28	report1.biz	w-news.biz code.jquery.com
14	tqnqt.goldengrinder.top	n1major.com tqnqt.goldengrinder.top cdnstatic.goldengrinder.top
8	lan05.biz	n1major.com lan05.biz
4	www.gstatic.com	cdnstatic.goldengrinder.top
4	cdnstatic.goldengrinder.top	tqnqt.goldengrinder.top cdnstatic.goldengrinder.top
4	js2json.com	tqnqt.goldengrinder.top js2json.com
2	cdnjs.cloudflare.com	w-news.biz
2	cdn.jsdelivr.net	w-news.biz
1	dr6.biz	w-news.biz
1	code.jquery.com	w-news.biz
1	w-news.biz	cdnstatic.goldengrinder.top
1	tqnqt.rigelbetelgeuse.top	1 redirects
1	dm9.biz	1 redirects
1	national-team.top	n1major.com
1	au01.bid	n1major.com
1	n1major.com
74	16

This site contains no links.

Subject Issuer	Validity	Valid
n1major.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
0.allowww.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
0.lan04.biz R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
national-team.top R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
goldengrinder.top GTS CA 1P5	`2023-08-14` - `2023-11-12`	3 months	crt.sh
js2json.com R3	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
w-news.biz GTS CA 1P5	`2023-07-27` - `2023-10-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
report1.biz E1	`2023-07-27` - `2023-10-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
0.mo11.biz R3	`2023-07-31` - `2023-10-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://w-news.biz/?start=1&s=o&t=light&f=feed9317&h=2f78417c
Frame ID: 3CC8D33804EE3CFBECA3B7E31D31A4FF
Requests: 76 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NEWS

Page URL History Show full URLs

https://n1major.com/?p=ga4gmobwmy5gi3bpgq3tgny Page URL
https://au01.bid/go/mi4tgnbumy5dsmjzg4?subid1=%D1%81 Page URL
https://lan05.biz/?p=gntdoobvmm5gi3bpgy3toni&sub1=hhh Page URL
https://national-team.top/go/gu4dmmjvgm5dcmzq Page URL
https://dm9.biz/?auf=gvrtsnrumu5dgmjxf4ytgmbphaxtezrxha2dcn3df4zdilzrgy4tgnrwgi3tmna&p=l&sub... HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A&sub_id=feed9317&click_id=2f78417c HTTP 302
https://tqnqt.goldengrinder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&click_id=2f78417c&sub_id... Page URL
https://tqnqt.goldengrinder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&click_id=2f78417c&sub_id... Page URL
https://w-news.biz/?start=1&s=o&t=light&f=feed9317&h=2f78417c Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

74
Requests

97 %
HTTPS

40 %
IPv6

15
Domains

16
Subdomains

14
IPs

3
Countries

7040 kB
Transfer

7627 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://n1major.com/?p=ga4gmobwmy5gi3bpgq3tgny Page URL
https://au01.bid/go/mi4tgnbumy5dsmjzg4?subid1=%D1%81 Page URL
https://lan05.biz/?p=gntdoobvmm5gi3bpgy3toni&sub1=hhh Page URL
https://national-team.top/go/gu4dmmjvgm5dcmzq Page URL
https://dm9.biz/?auf=gvrtsnrumu5dgmjxf4ytgmbphaxtezrxha2dcn3df4zdilzrgy4tgnrwgi3tmna&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A&sub_id=feed9317&click_id=2f78417c HTTP 302
https://tqnqt.goldengrinder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&click_id=2f78417c&sub_id=feed9317&hash=RgzFHo4xTFeozK_IcOr52A&exp=1693663064 Page URL
https://tqnqt.goldengrinder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&click_id=2f78417c&sub_id=feed9317&hash=RgzFHo4xTFeozK_IcOr52A&exp=1693663064 Page URL
https://w-news.biz/?start=1&s=o&t=light&f=feed9317&h=2f78417c Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://dm9.biz/?auf=gvrtsnrumu5dgmjxf4ytgmbphaxtezrxha2dcn3df4zdilzrgy4tgnrwgi3tmna&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0 HTTP 302
https://tqnqt.rigelbetelgeuse.top/?pl=jPYNfiJs70uLjptRAgGw_A&sub_id=feed9317&click_id=2f78417c HTTP 302
https://tqnqt.goldengrinder.top/eyes-robot/?pl=jPYNfiJs70uLjptRAgGw_A&sm=eyes-robot&click_id=2f78417c&sub_id=feed9317&hash=RgzFHo4xTFeozK_IcOr52A&exp=1693663064

74 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
n1major.com/ 15 KB
15 KB 69ms
23ms Document
text/html 185.177.94.194
ADVANCEDHOSTERS-AS

General

Domain/Path	Expires	Name / Value
.n1major.com/	1970-01-20 15:10:54	Name: uuid Value: 422dd18f-80c7-4175-a049-aa46fc134f52
.au01.bid/	1970-01-20 15:10:54	Name: uuid Value: db743ecf-c8bb-4f53-86ab-dbf8e3922e6b
.lan05.biz/	1970-01-20 15:10:54	Name: uuid Value: 70598392-22f8-4328-936b-c9031a86d39f
.national-team.top/	1970-01-20 15:10:54	Name: uuid Value: c39598e0-1154-42a9-9835-e23d41f37aea
dm9.biz/	1970-01-20 15:10:54	Name: uuid Value: 7f3b1ea1-d4e9-426e-920c-e25df4c48a74
.dm9.biz/	1970-01-20 14:29:09	Name: ccid Value: %5B170878%5D
tqnqt.rigelbetelgeuse.top/	1970-01-20 14:33:28	Name: jPYNfiJs70uLjptRAgGw_A Value: 5
tqnqt.rigelbetelgeuse.top/	1970-01-21 00:03:42	Name: __pl Value: b27a399c-9b59-4288-882c-186458a44e83
tqnqt.rigelbetelgeuse.top/	1970-01-20 14:27:46	Name: __cap Value: 1
cdnstatic.goldengrinder.top/	1970-01-21 00:03:42	Name: __psu Value: 0ee07f49-a584-4cee-9197-8b1e3ded2cce
w-news.biz/	1970-01-20 15:10:54	Name: uuid Value: 51ea360f-354c-4318-a0cb-38b21c9882cb
.dr6.biz/	1970-01-20 15:10:54	Name: uuid Value: 87b4986c-5985-4bf8-b0da-d83bc6fed5da

Header	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

w-news.biz Open in urlscan Pro 2606:4700:3034::6815:899 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

74 Requests

97 %HTTPS

40 %IPv6

15 Domains

16 Subdomains

14 IPs

3 Countries

7040 kBTransfer

7627 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

w-news.biz Open in urlscan Pro
2606:4700:3034::6815:899 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

97 %
HTTPS

40 %
IPv6

15
Domains

16
Subdomains

14
IPs

3
Countries

7040 kB
Transfer

7627 kB
Size

12
Cookies

74 HTTP transactions
4 data transactions