Submitted URL: https://track.newsplug.com/
Effective URL: https://newsplug.com/
Submission: On October 23 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 75.98.40.53, located in United States and belongs to INTERNAP-BLK3, US. The main domain is newsplug.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 12th 2021. Valid for: a year.
This is the only time newsplug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
8 cdn.newsplug.com newsplug.com
cdn.newsplug.com
2 api2.branch.io cdn.branch.io
2 www.gstatic.com newsplug.com
www.google.com
1 app.link cdn.branch.io
1 www.google.com newsplug.com
1 cdn.branch.io newsplug.com
1 www.google-analytics.com newsplug.com
1 newsplug.com
1 track.newsplug.com 1 redirects
17 9

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
Subject Issuer Validity Valid
*.newsplug.com
DigiCert TLS RSA SHA256 2020 CA1
2021-05-12 -
2022-05-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-25
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
www.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
appipv4.link
Amazon
2021-06-24 -
2022-07-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://newsplug.com/
Frame ID: AEC93E1965C9B94AEAAA0C133B97D191
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Newsplug

Page URL History Show full URLs

  1. https://track.newsplug.com/ HTTP 307
    https://newsplug.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

2570 kB
Transfer

2877 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.newsplug.com/ HTTP 307
    https://newsplug.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newsplug.com/
Redirect Chain
  • https://track.newsplug.com/
  • https://newsplug.com/
27 KB
8 KB
Document
General
Full URL
https://newsplug.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.98.40.53 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx / PHP/7.2.18
Resource Hash
a866b0066d4a41e4dca026a466bdc03106ce80b0ff5f2973d106a3ccb13c8e3d

Request headers

:method
GET
:authority
newsplug.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sat, 23 Oct 2021 11:26:21 GMT
content-type
text/html; charset=UTF-8
content-encoding
gzip
set-cookie
XDEBUG_SESSION=www-data; expires=Sat, 23-Oct-2021 12:26:21 GMT; Max-Age=3600; path=/
vary
Accept-Encoding
x-powered-by
PHP/7.2.18

Redirect headers

Server
openresty
Date
Sat, 23 Oct 2021 11:26:20 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
location
https://newsplug.com
cache-control
no-cache
branch-server-fallback
Branch-Server-Fallback
esp-server-fallback
Error-Response-Email-Server-Provider
c97f91886c7b6fc287fe-app.css
cdn.newsplug.com/themes/spa/build/
154 KB
155 KB
Stylesheet
General
Full URL
https://cdn.newsplug.com/themes/spa/build/c97f91886c7b6fc287fe-app.css
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7b48fb49b148dbe4dda120faa129789a68642e760870e3aaa32857c25f544a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:23 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jan 2021 23:14:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"4e56fbd5dc29b929f957f8b1401cc876"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
157830
x-amz-cf-id
XdVFnlajo5laeMcoFFpOyUuecKRHI94h9bJ8D8EE4OS17u-f5oWRAg==
font-newsplug-icons.css
cdn.newsplug.com/themes/spa/css/font-newsplug-icons-1.0/
3 KB
3 KB
Stylesheet
General
Full URL
https://cdn.newsplug.com/themes/spa/css/font-newsplug-icons-1.0/font-newsplug-icons.css
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d30fa80c6ea0ee686209487afa39dd1054880cf8baf68c7b2b080dc998f1481

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:23 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Fri, 13 Apr 2018 16:34:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"760834c5a8d1c930b6d9426cc8ccec55"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
3137
x-amz-cf-id
OrVBzIStXEvw_BNhDX6-mTMrG_iW5wbnXPfv9Y4VOXUJVqeJckMJhw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 19 Oct 2021 16:47:48 GMT
server
Golfe2
age
5116
date
Sat, 23 Oct 2021 10:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19887
expires
Sat, 23 Oct 2021 12:01:06 GMT
branch-latest.min.js
cdn.branch.io/
79 KB
24 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.59 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
dPcbo._dc8laXt1CGk.P2lrH66o74Yit
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 16:27:46 GMT
server
AmazonS3
age
119
etag
"49d34b8e058b253d35893807b3bac09d"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Sat, 23 Oct 2021 11:24:27 GMT
x-amz-cf-pop
FRA56-C1
content-length
23872
x-amz-cf-id
qpzFk00lp-NSgs7xFMtlFTnXIXUGthhYK3h0n6RR_Fq_r7vWUM5EAg==
recaptcha__en.js
www.gstatic.com/recaptcha/api2/r20161109131337/
0
0
Script
General
Full URL
https://www.gstatic.com/recaptcha/api2/r20161109131337/recaptcha__en.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

libraries.min.js
cdn.newsplug.com/themes/spa/
531 KB
532 KB
Script
General
Full URL
https://cdn.newsplug.com/themes/spa/libraries.min.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fb1187acfa84bcb3cb94d3d2d144eeaf0bd516252ce0c07d914cefe04864d7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:23 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Wed, 11 Apr 2018 13:48:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"712ef38366ec233a58138532840ecb04"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
543744
x-amz-cf-id
g_ojDGHzXAwo9ejVuEES1e2UyZeeMzeWxT_qrfkmLKy2DO5JTTbgJg==
api.js
www.google.com/recaptcha/
850 B
939 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7130f5c9ab08bdff86a1da4500008a45639dc9a23a587775941377f90eb1a16d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 23 Oct 2021 11:26:21 GMT
logo.svg
cdn.newsplug.com/themes/spa/img/access-landing/
122 KB
123 KB
Image
General
Full URL
https://cdn.newsplug.com/themes/spa/img/access-landing/logo.svg
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33701fc696359572e2a9a589f1b86b2cd1665e2999a6986f7f08347813bb1dd5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:24 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"3269feec6557ce79c81ce3f9dd7bb988"
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
125427
x-amz-cf-id
1C94UanGo5JKfyCUoblmQx8afireKlEJE1mHglFU_9_5R3TsL5Zbkw==
text_to_get_your_app_link.png
cdn.newsplug.com/themes/spa/img/sw-texts/
7 KB
7 KB
Image
General
Full URL
https://cdn.newsplug.com/themes/spa/img/sw-texts/text_to_get_your_app_link.png
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23a80df71c333b846237e4ffd43e74a71e070e2b270c5217207afffe60616528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:24 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"a90f41de61104c304c477b39609f0a8a"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6715
x-amz-cf-id
pB-ihUOnVUhfuQvuC919IWQ7_a46XET0n7zPr68sX6Q08Ynfbvy7fg==
button-appstore.png
cdn.newsplug.com/themes/spa/img/sw-icons/
30 KB
30 KB
Image
General
Full URL
https://cdn.newsplug.com/themes/spa/img/sw-icons/button-appstore.png
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6306f583c95ca461709ce8503bc95ffa9561e2b80c53da295100136d82ff4549

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:24 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"32b41b12f68d57dc7707343545331f68"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30428
x-amz-cf-id
Z120hp42_65_ro99Meg1RFfGBfmsY-mo-VtEyGVMnKBsoULJBTLyrQ==
button-googleplay.png
cdn.newsplug.com/themes/spa/img/sw-icons/
27 KB
27 KB
Image
General
Full URL
https://cdn.newsplug.com/themes/spa/img/sw-icons/button-googleplay.png
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49c951a2c2184369bb2b6a95e08735b1f2c7b802b9cc29bddc2a2ed26fbcab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:24 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"426d30e8d6898a70b8444c3c751ba114"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27294
x-amz-cf-id
73FArUi9cvXbpFzuEyWoiooIOCb2zJviOim0byvu1_jLTLiUrLCy2A==
recaptcha__de.js
www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/
346 KB
136 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/YhkYx1k-yvvb8OonJPmOpoJY/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newsplug.com/
Origin
https://newsplug.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
138388
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 04:02:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="recaptcha"
expires
Sun, 23 Oct 2022 11:02:17 GMT
06d36f2d07e1297d2633ddea5ff2fdf2-desktop.jpg
cdn.newsplug.com/themes/spa/build/img/
1 MB
1 MB
Image
General
Full URL
https://cdn.newsplug.com/themes/spa/build/img/06d36f2d07e1297d2633ddea5ff2fdf2-desktop.jpg
Requested by
Host: cdn.newsplug.com
URL: https://cdn.newsplug.com/themes/spa/build/c97f91886c7b6fc287fe-app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:7a00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d685b430affbe36b7094e822c682f9c955eac9acf682363c591b111b8e486763

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.newsplug.com/themes/spa/build/c97f91886c7b6fc287fe-app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:24 GMT
via
1.1 ade2b5e2170ccd4f394b741b27bb0eed.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jan 2021 23:14:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"06d36f2d07e1297d2633ddea5ff2fdf2"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1536977
x-amz-cf-id
BR39Kzd9D3029n1moGPSuz06y4PWR_D5FEFlTCMinkLYeazsC6LhBA==
_r
app.link/
90 B
571 B
Script
General
Full URL
https://app.link/_r?sdk=web2.59.0&branch_key=key_live_kkwbjoe1rybmIJYjecU3LmhkrqfVoDDG&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:e000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
6e3dbaaa53a61710ab875e652b10f52780776b537468cab6ebe1e6f49d172b15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 23 Oct 2021 11:26:22 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
FRA6-C1
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
90
etag
W/"5a-Wt5EMZ0ogBbZXxl3Fk5m4Ci4/YA"
x-amz-cf-id
oEE3YyKdXFFpVSktfQVKpN3NhwVnQjpX3Yymn8P7PP5PDtTfc6BdbA==
open
api2.branch.io/v1/
266 B
585 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b5eaae27a133eb35b9908e60825461338e8866876a4c8f0b4d8eb303d33675d4

Request headers

Referer
https://newsplug.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Oct 2021 11:26:23 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
5b8cbe2f211a4268ba0eb61a18d7ac09-2021102311
content-length
266
x-amz-cf-id
g7Ax55Etm8HJJuGe0f7gT0DUbNQFinKOAI0vioYa8o-sitqYaUbRpg==
pageview
api2.branch.io/v1/
29 B
384 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
https://newsplug.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 23 Oct 2021 11:26:23 GMT
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-powered-by
Express
etag
W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
1bb1ba11d61d44509028d7f464b005a6-2021102311
content-length
29
x-amz-cf-id
HU6XijRt_vR1DpDGs1l1vfHGMoasdoiB3-NUl2scJWdd9Wulh70b0g==

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| google_tag_data function| ga object| gaplugins object| branch function| DateTime function| TokenizedInput function| TokenizedTextarea undefined| $ function| jQuery function| _ function| emoji object| returnExports object| JSON3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| APP string| GoogleAnalyticsObject object| gaGlobal object| gaData object| recaptcha

4 Cookies

Domain/Path Name / Value
newsplug.com/ Name: XDEBUG_SESSION
Value: www-data
.newsplug.com/ Name: _ga
Value: GA1.2.721238924.1634988383
.newsplug.com/ Name: _gid
Value: GA1.2.670770614.1634988383
.app.link/ Name: _s
Value: P%2BrKsCEaKq1baVDhIY3OxAeHrqz7qrjCKH8ZMGpK8w7NZ6njg2IFnOncxhqsgeTp

1 Console Messages

Source Level URL
Text
network error URL: https://www.gstatic.com/recaptcha/api2/r20161109131337/recaptcha__en.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn.branch.io
cdn.newsplug.com
newsplug.com
track.newsplug.com
www.google-analytics.com
www.google.com
www.gstatic.com
2600:9000:2057:e000:19:9934:6a80:93a1
2600:9000:21f3:f000:11:f728:3040:93a1
2600:9000:223e:7a00:7:343d:d940:93a1
2a00:1450:4001:810::2004
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
52.8.37.49
65.9.71.59
75.98.40.53
1fb1187acfa84bcb3cb94d3d2d144eeaf0bd516252ce0c07d914cefe04864d7d
23a80df71c333b846237e4ffd43e74a71e070e2b270c5217207afffe60616528
33701fc696359572e2a9a589f1b86b2cd1665e2999a6986f7f08347813bb1dd5
3d30fa80c6ea0ee686209487afa39dd1054880cf8baf68c7b2b080dc998f1481
49c951a2c2184369bb2b6a95e08735b1f2c7b802b9cc29bddc2a2ed26fbcab17
6306f583c95ca461709ce8503bc95ffa9561e2b80c53da295100136d82ff4549
6e3dbaaa53a61710ab875e652b10f52780776b537468cab6ebe1e6f49d172b15
7130f5c9ab08bdff86a1da4500008a45639dc9a23a587775941377f90eb1a16d
93019ef931f847b3f88047feb3c87914c648839920dfd0482fe4d640a106372e
a866b0066d4a41e4dca026a466bdc03106ce80b0ff5f2973d106a3ccb13c8e3d
b5eaae27a133eb35b9908e60825461338e8866876a4c8f0b4d8eb303d33675d4
b7b48fb49b148dbe4dda120faa129789a68642e760870e3aaa32857c25f544a9
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
d685b430affbe36b7094e822c682f9c955eac9acf682363c591b111b8e486763
dda2aba38252dcb4fde2222ecdcf5806f23fc3e9400f310f0ee1927329243c78
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3