urlscan.io logo urlscan.io
SecurityTrails logo

newsplug.com Open in urlscan Pro
75.98.40.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://track.newsplug.com/
Effective URL: https://newsplug.com/
Submission: On May 24 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 75.98.40.53, located in United States and belongs to INTERNAP-BLK3, US. The main domain is newsplug.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 12th 2021. Valid for: a year.
This is the only time newsplug.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.8.249.118 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-249-118.us-west-1.compute.amazonaws.com
track.newsplug.com
1    75.98.40.53 (United States)

ASN13789 (INTERNAP-BLK3, US)
newsplug.com
8    2600:9000:21f3:bc00:7:343d:d940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.newsplug.com
1    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.192.219.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-219-40.mrs52.r.cloudfront.net
cdn.branch.io
2    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2181:a400:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    2600:9000:2175:9000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
Domain Requested by
8 cdn.newsplug.com newsplug.com
cdn.newsplug.com
2 api2.branch.io cdn.branch.io
2 www.gstatic.com newsplug.com
www.google.com
1 app.link cdn.branch.io
1 www.google.com newsplug.com
1 cdn.branch.io newsplug.com
1 www.google-analytics.com newsplug.com
1 newsplug.com
1 track.newsplug.com 1 redirects
17 9

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
Subject Issuer Validity Valid
*.newsplug.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-12 -
2022-05-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
*.branch.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-25		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-05-03 -
2021-07-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-03 -
2021-07-26		 3 months crt.sh
appipv4.link
Amazon		 2020-07-22 -
2021-08-22		 a year crt.sh

This page contains 1 frames:

Primary Page: https://newsplug.com/
Frame ID: EF5F3AB5A4AB6F7001A413B48468AE6C
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://track.newsplug.com/ HTTP 307
    https://newsplug.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

2565 kB
Transfer

2865 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://track.newsplug.com/ HTTP 307
    https://newsplug.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
newsplug.com/
Redirect Chain
  • https://track.newsplug.com/
  • https://newsplug.com/
27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsplug.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.98.40.53 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx / PHP/7.2.18
Resource Hash
4e2eb19fff9656be765aac7145637ef23768726d7e4265107d9838eedb89a6fc

Request headers

:method
GET
:authority
newsplug.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 24 May 2021 13:26:31 GMT
content-type
text/html; charset=UTF-8
content-encoding
gzip
set-cookie
XDEBUG_SESSION=www-data; expires=Mon, 24-May-2021 14:26:31 GMT; Max-Age=3600; path=/
vary
Accept-Encoding
x-powered-by
PHP/7.2.18

Redirect headers

Server
openresty
Date
Mon, 24 May 2021 13:26:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
location
https://newsplug.com
cache-control
no-cache
branch-server-fallback
Branch-Server-Fallback
esp-server-fallback
Error-Response-Email-Server-Provider
c97f91886c7b6fc287fe-app.css
cdn.newsplug.com/themes/spa/build/ 		154 KB
155 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.newsplug.com/themes/spa/build/c97f91886c7b6fc287fe-app.css
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7b48fb49b148dbe4dda120faa129789a68642e760870e3aaa32857c25f544a9

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:32 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jan 2021 23:14:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"4e56fbd5dc29b929f957f8b1401cc876"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
157830
x-amz-cf-id
IuauLwlNM8XPNPnzVcVTt107_mCHHR8RLEodMtSTHbfTrp7yMZnHSQ==
font-newsplug-icons.css
cdn.newsplug.com/themes/spa/css/font-newsplug-icons-1.0/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.newsplug.com/themes/spa/css/font-newsplug-icons-1.0/font-newsplug-icons.css
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d30fa80c6ea0ee686209487afa39dd1054880cf8baf68c7b2b080dc998f1481

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:32 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Fri, 13 Apr 2018 16:34:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"760834c5a8d1c930b6d9426cc8ccec55"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
3137
x-amz-cf-id
ywJRN0tpU-7xpKxb5dxYbiKp5nypfNxmHoqV-59M5f-r6wuk16LxfQ==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
6996
date
Mon, 24 May 2021 11:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 24 May 2021 13:29:56 GMT
branch-latest.min.js
cdn.branch.io/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-40.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de030cc9c3f22768061b211aae59af3d8d50215dead5492459250d1463db8a82

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A3PXFurDYArfKtGvMq1i8MhCmt.nGzr8
content-encoding
gzip
last-modified
Mon, 10 May 2021 22:27:33 GMT
server
AmazonS3
age
202
etag
"6288b350a0db1853cfee4ef7c5d8ac42"
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 ea1c7d25276fd0defb5abff5c2a56f68.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Mon, 24 May 2021 13:23:10 GMT
x-amz-cf-pop
MRS52-P2
content-length
23807
x-amz-cf-id
AiU_-tDGt6R4ctis9vx3eAWUm5FbEW98ko72GAkDX2Bka0gMpJAKKQ==
recaptcha__en.js
www.gstatic.com/recaptcha/api2/r20161109131337/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/r20161109131337/recaptcha__en.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
libraries.min.js
cdn.newsplug.com/themes/spa/ 		531 KB
532 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.newsplug.com/themes/spa/libraries.min.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1fb1187acfa84bcb3cb94d3d2d144eeaf0bd516252ce0c07d914cefe04864d7d

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:32 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Wed, 11 Apr 2018 13:48:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"712ef38366ec233a58138532840ecb04"
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
543744
x-amz-cf-id
oND3kzulZdgLJUoaYC5kt-kNsmUfhIT2q_SLGBpThzPMyeyCwlEviw==
api.js
www.google.com/recaptcha/ 		850 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e537fa335a26b92c75b2de6ca558361ad08b656727a0d5fb362abfa4b2a5b403
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 24 May 2021 13:26:31 GMT
logo.svg
cdn.newsplug.com/themes/spa/img/access-landing/ 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.newsplug.com/themes/spa/img/access-landing/logo.svg
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33701fc696359572e2a9a589f1b86b2cd1665e2999a6986f7f08347813bb1dd5

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"3269feec6557ce79c81ce3f9dd7bb988"
x-cache
Miss from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
125427
x-amz-cf-id
Se8afl3rG4rq5mN5vPFwhCb1-90JIRhWEF6uc4ou7okXNSJSbZ06MQ==
text_to_get_your_app_link.png
cdn.newsplug.com/themes/spa/img/sw-texts/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.newsplug.com/themes/spa/img/sw-texts/text_to_get_your_app_link.png
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
23a80df71c333b846237e4ffd43e74a71e070e2b270c5217207afffe60616528

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"a90f41de61104c304c477b39609f0a8a"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6715
x-amz-cf-id
973wtGHM1i02YPZuHPyUnoCJK8OokaLF987ZgztMsbtE6Xx_vYjyTg==
button-appstore.png
cdn.newsplug.com/themes/spa/img/sw-icons/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.newsplug.com/themes/spa/img/sw-icons/button-appstore.png
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6306f583c95ca461709ce8503bc95ffa9561e2b80c53da295100136d82ff4549

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"32b41b12f68d57dc7707343545331f68"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30428
x-amz-cf-id
WIvAnMJ5LBrzFbTGO7oxRiCA5nGQDcb_4VI_w6w_7sHqDpqChqnDdw==
button-googleplay.png
cdn.newsplug.com/themes/spa/img/sw-icons/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.newsplug.com/themes/spa/img/sw-icons/button-googleplay.png
Requested by
Host: newsplug.com
URL: https://newsplug.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49c951a2c2184369bb2b6a95e08735b1f2c7b802b9cc29bddc2a2ed26fbcab17

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Tue, 31 Dec 2019 14:52:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"426d30e8d6898a70b8444c3c751ba114"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27294
x-amz-cf-id
22hjvL3Kbwz_SYcnaeh9gziAY8UoWEjynH8y87WNP6gXiXsvW7Sodg==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/ 		335 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/eWmgPeIYKJsH2R2FrgakEIkq/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://newsplug.com
Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 11:44:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6129
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133858
x-xss-protection
0
last-modified
Mon, 17 May 2021 02:05:30 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 May 2022 11:44:23 GMT
06d36f2d07e1297d2633ddea5ff2fdf2-desktop.jpg
cdn.newsplug.com/themes/spa/build/img/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.newsplug.com/themes/spa/build/img/06d36f2d07e1297d2633ddea5ff2fdf2-desktop.jpg
Requested by
Host: cdn.newsplug.com
URL: https://cdn.newsplug.com/themes/spa/build/c97f91886c7b6fc287fe-app.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:bc00:7:343d:d940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d685b430affbe36b7094e822c682f9c955eac9acf682363c591b111b8e486763

Request headers

Referer
https://cdn.newsplug.com/themes/spa/build/c97f91886c7b6fc287fe-app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
last-modified
Fri, 22 Jan 2021 23:14:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"06d36f2d07e1297d2633ddea5ff2fdf2"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1536977
x-amz-cf-id
tZ9Vq1UyYEKoyvUDTSqgdy7zBCfdcibMfWRmkEHQoI_RIg7e39XVlA==
_r
app.link/ 		90 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.58.1&branch_key=key_live_kkwbjoe1rybmIJYjecU3LmhkrqfVoDDG&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2181:a400:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty / Express
Resource Hash
1da3a9d9bb3df55c9573fb1357899fbf2303f3f82cf95e4ed46a36d6f197c9e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 24 May 2021 13:26:32 GMT
via
1.1 ea1c7d25276fd0defb5abff5c2a56f68.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
openresty
x-amz-cf-pop
MRS52-P2
x-powered-by
Express
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
90
etag
W/"5a-pKyuWovI+rloN7ieImsB+zB7zTA"
x-amz-cf-id
3oBtqzgK_3Z-CEl30uAxcGBwawYdjVByl6DS-EDyg9X1ZqyXKUDQNA==
open
api2.branch.io/v1/ 		266 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2175:9000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
452721229192495a38601275056f73ab3f630b1f0bbe78f315780d2d1c476e56

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 7fd2e53766edf2c95772fedd22bce34f.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
e330193d49c148f68ac44320b6e1af32-2021052413
content-length
266
x-amz-cf-id
v5XOqEjJT8MiWWR_AcREoPcm6fvAKcHz5xxNUa2F0XaHLAvspQXYZw==
pageview
api2.branch.io/v1/ 		29 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2175:9000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Request headers

Referer
https://newsplug.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 24 May 2021 13:26:33 GMT
via
1.1 7fd2e53766edf2c95772fedd22bce34f.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
x-powered-by
Express
etag
W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
cf9f150b2fd64674ae566e5df95ae6ad-2021052413
content-length
29
x-amz-cf-id
l2r3VjBCbS89NHJo7Go3GjM7H-BBLOoRidXsP_ZTU8aunKWqXKzI3Q==

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| google_tag_data function| ga object| gaplugins object| branch function| DateTime function| TokenizedInput function| TokenizedTextarea undefined| $ function| jQuery function| _ function| emoji object| returnExports object| JSON3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| APP string| GoogleAnalyticsObject object| gaGlobal object| gaData object| recaptcha

2 Cookies

Domain/Path Name / Value
.newsplug.com/ Name: _gid
Value: GA1.2.1055389134.1621862793
.newsplug.com/ Name: _ga
Value: GA1.2.1669298720.1621862793

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api2.branch.io
app.link
cdn.branch.io
cdn.newsplug.com
newsplug.com
track.newsplug.com
www.google-analytics.com
www.google.com
www.gstatic.com
2600:9000:2175:9000:11:f728:3040:93a1
2600:9000:2181:a400:19:9934:6a80:93a1
2600:9000:21f3:bc00:7:343d:d940:93a1
2a00:1450:4001:802::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
52.8.249.118
54.192.219.40
75.98.40.53
1da3a9d9bb3df55c9573fb1357899fbf2303f3f82cf95e4ed46a36d6f197c9e8
1fb1187acfa84bcb3cb94d3d2d144eeaf0bd516252ce0c07d914cefe04864d7d
23a80df71c333b846237e4ffd43e74a71e070e2b270c5217207afffe60616528
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
33701fc696359572e2a9a589f1b86b2cd1665e2999a6986f7f08347813bb1dd5
3d30fa80c6ea0ee686209487afa39dd1054880cf8baf68c7b2b080dc998f1481
452721229192495a38601275056f73ab3f630b1f0bbe78f315780d2d1c476e56
49c951a2c2184369bb2b6a95e08735b1f2c7b802b9cc29bddc2a2ed26fbcab17
4e2eb19fff9656be765aac7145637ef23768726d7e4265107d9838eedb89a6fc
6306f583c95ca461709ce8503bc95ffa9561e2b80c53da295100136d82ff4549
b7b48fb49b148dbe4dda120faa129789a68642e760870e3aaa32857c25f544a9
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
d685b430affbe36b7094e822c682f9c955eac9acf682363c591b111b8e486763
de030cc9c3f22768061b211aae59af3d8d50215dead5492459250d1463db8a82
e537fa335a26b92c75b2de6ca558361ad08b656727a0d5fb362abfa4b2a5b403
f8cb544f90b2c0399716bd41669bcef24768dd8c509a7c7d1c26ca9fe4efc0fb