urlscan.io logo urlscan.io
SecurityTrails logo

news.planqdirect.com Open in urlscan Pro
176.126.250.255  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.planqdirect.com/c/ilF/EJT/V8goh9XRsbu6QjghXNVUxa/7/obqw/F/ad662eb0
Effective URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Submission: On June 01 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 17 HTTP transactions. The main IP is 176.126.250.255, located in Poland and belongs to IQPL-AS, PL. The main domain is news.planqdirect.com.
TLS certificate: Issued by R3 on May 14th 2022. Valid for: 3 months.
This is the only time news.planqdirect.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 176.126.250.255 47544 (IQPL-AS)
1 2 13.69.68.37 8075 (MICROSOFT...)
1 12 51.158.67.141 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
1 51.15.217.50 12876 (Online SAS)
2 2a00:1450:400... 15169 (GOOGLE)
17 6
3    176.126.250.255 (Poland)

ASN47544 (IQPL-AS, PL)
PTR: 176-126-250-255.rev.iq.pl
news.planqdirect.com
2    13.69.68.37 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
r.ar-mtch1.com
12    51.158.67.141 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 141-67-158-51.instances.scw.cloud
to.planqdirect.com
image.planqdirect.com
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    51.15.217.50 (France)

ASN12876 (Online SAS, FR)
PTR: 50-217-15-51.instances.scw.cloud
campaigns.thevaluefactory.es
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
15 planqdirect.com
news.planqdirect.com
to.planqdirect.com
image.planqdirect.com
228 KB
2 gstatic.com
fonts.gstatic.com
64 KB
2 ar-mtch1.com
r.ar-mtch1.com — Cisco Umbrella Rank: 456786
792 B
1 thevaluefactory.es
campaigns.thevaluefactory.es
22 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
1 KB
17 5
Domain Requested by
11 image.planqdirect.com news.planqdirect.com
3 news.planqdirect.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 r.ar-mtch1.com 1 redirects news.planqdirect.com
1 campaigns.thevaluefactory.es news.planqdirect.com
1 fonts.googleapis.com news.planqdirect.com
1 to.planqdirect.com 1 redirects
17 7

This site contains no links.

Subject Issuer Validity Valid
news.planqdirect.com
R3		 2022-05-14 -
2022-08-12		 3 months crt.sh
image.planqdirect.com
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
campaigns.thevaluefactory.es
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Frame ID: B49AB67F786AD3FEA00F5AD60D592AC2
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://news.planqdirect.com/c/ilF/EJT/V8goh9XRsbu6QjghXNVUxa/7/obqw/F/ad662eb0 HTTP 302
    https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e353... HTTP 302
    https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

17
Requests

88 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

4
Countries

315 kB
Transfer

349 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.planqdirect.com/c/ilF/EJT/V8goh9XRsbu6QjghXNVUxa/7/obqw/F/ad662eb0 HTTP 302
    https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e3534c051feded6d84d0d991eb241e37ab45272fdf0573bd323c097ac78&url=https%3a%2f%2fnews.planqdirect.com%2fv%2filF%2fV8goh9XRsbu6QjghXNVUxa%2f7b5a5b2e&type=c&list=planqdirectinstinct&esp=F HTTP 302
    https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://to.planqdirect.com/Jyk3Fei82aAUUYKri1ME3poRt?&family=Ubuntu:300,400,500,700 HTTP 302
  • https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Request Chain 13
  • https://news.planqdirect.com/o/ilF/V8goh9XRsbu6QjghXNVUxa/obqw/F/2600c340 HTTP 302
  • https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e3534c051feded6d84d0d991eb241e37ab45272fdf0573bd323c097ac78&type=o&list=planqdirectinstinct&esp=F

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7b5a5b2e
news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/
Redirect Chain
  • https://news.planqdirect.com/c/ilF/EJT/V8goh9XRsbu6QjghXNVUxa/7/obqw/F/ad662eb0
  • https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e3534c051feded6d84d0d991eb241e37ab45272fdf0573bd323c097ac78&url=https%3a%2f%2fnews.planqdirect.com%2fv...
  • https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
40 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
176.126.250.255 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS
176-126-250-255.rev.iq.pl
Software
/
Resource Hash
b5333ed55bb10f00b98d5f45bd91703755548ab19577154f19d4b1e6d6fc149a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
7394
content-type
text/html; charset=utf-8
date
Wed, 01 Jun 2022 08:28:17 GMT
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 01 Jun 2022 08:28:16 GMT
location
https://news.planqdirect.com:443/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
css
fonts.googleapis.com/
Redirect Chain
  • https://to.planqdirect.com/Jyk3Fei82aAUUYKri1ME3poRt?&family=Ubuntu:300,400,500,700
  • https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
H2
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e87a1cbe106e401c305a8a3a20573b43fd9af49b2ab7cb18fab46727c854cf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 07:56:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 08:28:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 08:28:17 GMT

Redirect headers

location
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Date
Wed, 01 Jun 2022 08:28:17 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
2
Content-Type
text/html; charset=UTF-8
heart_picto.png
image.planqdirect.com/1649431632/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/heart_picto.png
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
754670c0760b13a5cc4319a80211d2e76916439c3722d74339cb3c8dd0d99b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"72b-5dc263a85702b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1835
66-e1649431923576.jpg
campaigns.thevaluefactory.es/wp-content/uploads/2022/04/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns.thevaluefactory.es/wp-content/uploads/2022/04/66-e1649431923576.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.15.217.50 , France, ASN12876 (Online SAS, FR),
Reverse DNS
50-217-15-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
28d7b0b7fe72064b3a0adbcf43bf03d53e3cf5ea9cbf8b0c560332a51a9463c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
public
Date
Wed, 01 Jun 2022 08:28:17 GMT
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Fri, 08 Apr 2022 15:32:03 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"5708-5dc264be1f193"
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22280
Expires
Thu, 01 Jun 2023 08:28:17 GMT
message_transparent.png
image.planqdirect.com/1649431632/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/message_transparent.png
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
59d4092f196499014309bd730374d2a9a014ed6f402b6f143ba678e0365160d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1439-5dc263a857fcb"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5177
arrow_top_right.png
image.planqdirect.com/1649431632/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/arrow_top_right.png
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2e1d72b52716e24e8dc84701bf5ba76d1673887437fd7d5d013ce3c03e9e467b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6e2-5dc263a858f6b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1762
envelope.png
image.planqdirect.com/1649431632/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/envelope.png
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0baa0bcffa69938d49612b80d0fdfa5916a0b486a4cb3e6ebbcb9f7c42fcf9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"40f-5dc263a858f6b"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1039
pic1.jpg
image.planqdirect.com/1649431632/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/pic1.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
31b1b0d410c9e77f28a8b42bcc557079859e6e4445d2f2dd4c7a719ecf347d52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"90eb-5dc263a859f0b"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
37099
clock.png
image.planqdirect.com/1649431632/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/clock.png
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
df0172e6732c4c036e2bf1f3226488648546381192afa4369c08d63ac98a2025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8a5-5dc263a85aeab"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2213
pic2.jpg
image.planqdirect.com/1649431632/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/pic2.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8e916756a6899dd3ded4f720a3a36e808908d5274c8fc763e042cb4dcbad931d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"925f-5dc263a85aeab"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
37471
pic3.jpg
image.planqdirect.com/1649431632/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/pic3.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
850ed2b781c668679ac595ad18fcb5cf7b47665d0db5ef32d4644af58f0b5851

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"6700-5dc263a85be4b"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26368
pic4.jpg
image.planqdirect.com/1649431632/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/pic4.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b219134e7893f25729bed4d57dbcbc774f5216394eb2e7b763b265445e1d843f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8462-5dc263a85cdeb"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
33890
pic5.jpg
image.planqdirect.com/1649431632/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/pic5.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
4cef030d005b4a188e34d574faf95de848958650b46c5d87121d4b5995d7150e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"991a-5dc263a85cdeb"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39194
pic6.jpg
image.planqdirect.com/1649431632/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.planqdirect.com/1649431632/pic6.jpg
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.158.67.141 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
141-67-158-51.instances.scw.cloud
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
2c6d356a12141e38c001677b6c529dbc1b11475c4199ea988658a9506211a2dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 08:28:17 GMT
Last-Modified
Fri, 08 Apr 2022 15:27:12 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8c51-5dc263a85dd8b"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
35921
Redirect
r.ar-mtch1.com/
Redirect Chain
  • https://news.planqdirect.com/o/ilF/V8goh9XRsbu6QjghXNVUxa/obqw/F/2600c340
  • https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e3534c051feded6d84d0d991eb241e37ab45272fdf0573bd323c097ac78&type=o&list=planqdirectinstinct&esp=F
43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e3534c051feded6d84d0d991eb241e37ab45272fdf0573bd323c097ac78&type=o&list=planqdirectinstinct&esp=F
Requested by
Host: news.planqdirect.com
URL: https://news.planqdirect.com/v/ilF/V8goh9XRsbu6QjghXNVUxa/7b5a5b2e
Protocol
H2
Server
13.69.68.37 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.planqdirect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 08:28:17 GMT
cache-control
no-cache, max-age=0
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
43
content-type
image/gif

Redirect headers

location
https://r.ar-mtch1.com/Redirect?pid=Q&chid=X4&md5=5ea7c682d5438268eb1836a4bf1c3c65&sha256=b6585e3534c051feded6d84d0d991eb241e37ab45272fdf0573bd323c097ac78&type=o&list=planqdirectinstinct&esp=F
date
Wed, 01 Jun 2022 08:28:17 GMT
cache-control
private
content-length
333
content-type
text/html; charset=utf-8
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.planqdirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:27:13 GMT
x-content-type-options
nosniff
age
565265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:27:13 GMT
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://news.planqdirect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:28:13 GMT
x-content-type-options
nosniff
age
565205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29752
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:05:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 25 May 2023 19:28:13 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation

2 Cookies

Domain/Path Name / Value
news.planqdirect.com/ Name: TEMP_DATA
Value: 0c8f5f3d-9d0d-41b9-8f64-d9593c9992d0
news.planqdirect.com/ Name: esg1
Value: ilF/EJT/V8goh9XRsbu6QjghXNVUxa/7/obqw/F/f1f82b6e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaigns.thevaluefactory.es
fonts.googleapis.com
fonts.gstatic.com
image.planqdirect.com
news.planqdirect.com
r.ar-mtch1.com
to.planqdirect.com
13.69.68.37
176.126.250.255
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
51.15.217.50
51.158.67.141
0baa0bcffa69938d49612b80d0fdfa5916a0b486a4cb3e6ebbcb9f7c42fcf9de
0e87a1cbe106e401c305a8a3a20573b43fd9af49b2ab7cb18fab46727c854cf5
28d7b0b7fe72064b3a0adbcf43bf03d53e3cf5ea9cbf8b0c560332a51a9463c9
2c6d356a12141e38c001677b6c529dbc1b11475c4199ea988658a9506211a2dc
2e1d72b52716e24e8dc84701bf5ba76d1673887437fd7d5d013ce3c03e9e467b
31b1b0d410c9e77f28a8b42bcc557079859e6e4445d2f2dd4c7a719ecf347d52
4cef030d005b4a188e34d574faf95de848958650b46c5d87121d4b5995d7150e
59d4092f196499014309bd730374d2a9a014ed6f402b6f143ba678e0365160d6
754670c0760b13a5cc4319a80211d2e76916439c3722d74339cb3c8dd0d99b08
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
850ed2b781c668679ac595ad18fcb5cf7b47665d0db5ef32d4644af58f0b5851
8e916756a6899dd3ded4f720a3a36e808908d5274c8fc763e042cb4dcbad931d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b219134e7893f25729bed4d57dbcbc774f5216394eb2e7b763b265445e1d843f
b5333ed55bb10f00b98d5f45bd91703755548ab19577154f19d4b1e6d6fc149a
df0172e6732c4c036e2bf1f3226488648546381192afa4369c08d63ac98a2025