news-info.tech Open in urlscan Pro
80.89.234.128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&campaign=1364675&source...
Effective URL:
https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u346...
Submission: On June 01 via api (June 1st 2024, 10:25:52 pm UTC) from US — Scanned from CH

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 80.89.234.128, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is news-info.tech.
TLS certificate: Issued by R3 on April 10th 2024. Valid for: 3 months.

This is the only time news-info.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	95.216.10.57 95.216.10.57	24940 (HETZNER-AS) (HETZNER-AS)
1 10	80.89.234.128 80.89.234.128	204601 (ON-LINE-D...) (ON-LINE-DATA Server location - Netherlands)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	142.132.255.57 142.132.255.57	24940 (HETZNER-AS) (HETZNER-AS)
11	3

1 95.216.10.57 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.57.10.216.95.clients.your-server.de

vpn-pro.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 80.89.234.128 (Netherlands) 1 redirects

ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL)
PTR: vm3981222.1nvme.had.wf

news-info.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.255.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.57.255.132.142.clients.your-server.de

pushtorm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	news-info.tech 1 redirects news-info.tech	80 KB
1	pushtorm.net pushtorm.net — Cisco Umbrella Rank: 32533	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 380	33 KB
1	vpn-pro.tech 1 redirects vpn-pro.tech	404 B
11	4

	Domain	Requested by
10	news-info.tech	1 redirects news-info.tech
1	pushtorm.net	news-info.tech
1	ajax.googleapis.com	news-info.tech
1	vpn-pro.tech	1 redirects
11	4

This site contains links to these domains. Also see Links.

Domain
danger-av.shop

Subject Issuer	Validity	Valid
news-info.tech R3	`2024-04-10` - `2024-07-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
pushtorm.net R3	`2024-04-11` - `2024-07-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Frame ID: E5D57273644F4BD7A8F8511A817A6552
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your card payment has failed!

Page URL History Show full URLs

http://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&cam... HTTP 307
https://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&cam... HTTP 302
https://news-info.tech/usa/totalav-anti-bin?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216... HTTP 301
http://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k21... HTTP 307
https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k21... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

118 kB
Transfer

186 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://danger-av.shop/click.php?lp=1
Title: Renew Subscription

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&campaign=1364675&source=220815.919673&pubfeed=220815&site_id=&push_type=floating_push&referrer_domain=d000d.com&keyword=key_27&pictures=device_not_protected_2 HTTP 307
https://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&campaign=1364675&source=220815.919673&pubfeed=220815&site_id=&push_type=floating_push&referrer_domain=d000d.com&keyword=key_27&pictures=device_not_protected_2 HTTP 302
https://news-info.tech/usa/totalav-anti-bin?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f HTTP 301
http://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f HTTP 307
https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
news-info.tech/usa/totalav-anti-bin/
Redirect Chain

http://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&campaign=1364675&source=220815.919673&pubfeed=220815&site_id=&push_type=floating_push&referrer_domain=d0...
https://vpn-pro.tech/index.php?key=prfk0t1r36rwkiw4a74g&subid=919673&bid=0.008&banner=6416224&campaign=1364675&source=220815.919673&pubfeed=220815&site_id=&push_type=floating_push&referrer_domain=d...
https://news-info.tech/usa/totalav-anti-bin?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
http://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

4 KB
4 KB

44ms
43ms

Document
text/html

80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 / PHP/7.4.33

Resource Hash

14cd6289c580b567b9574881b14ee965e73fb2f9c807013fc7c5996d270a74ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 01 Jun 2024 22:25:48 GMT
Server: nginx/1.14.1
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.33

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK css2
news-info.tech/usa/totalav-anti-bin/ 22 KB
23 KB 73ms
70ms Stylesheet
text/plain 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://news-info.tech/usa/totalav-anti-bin/css2

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

fde3368365ff80618dade0f5e409f3bb483aba6d3e769a302e9dba3d246dd1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 24 Jan 2024 08:50:38 GMT
Server: nginx/1.14.1
ETag: "5940-60fad282c1380"
Content-Type: text/plain
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22848

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 115ms
27ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 23:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 May 2025 23:43:03 GMT

GET
H/1.1 200
OK custom.css
news-info.tech/usa/totalav-anti-bin/ 2 KB
2 KB 109ms
33ms Stylesheet
text/css 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://news-info.tech/usa/totalav-anti-bin/custom.css

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

10b2d8074293c027ea259c7f69b09fa99de51f615c4cce314f18f26c6986a522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Tue, 07 May 2024 10:31:45 GMT
Server: nginx/1.14.1
ETag: "663a0311-715"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1813

GET
H/1.1 200
OK m=el_main_css
news-info.tech/usa/totalav-anti-bin/ 22 KB
22 KB 143ms
68ms Stylesheet
application/x-troff 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://news-info.tech/usa/totalav-anti-bin/m=el_main_css

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 24 Jan 2024 08:50:42 GMT
Server: nginx/1.14.1
ETag: "575f-60fad28691c80"
Content-Type: application/x-troff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22367

GET
H/1.1 200
OK visa.png
news-info.tech/usa/totalav-anti-bin/ 6 KB
7 KB 108ms
34ms Image
image/png 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-info.tech/usa/totalav-anti-bin/visa.png

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

781a8b39c3e0a78b0dbdc4ca0fe020651e5d21fa5615bf474cd59065e4b1e3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 24 Jan 2024 08:50:44 GMT
Server: nginx/1.14.1
ETag: "65b0cf64-1932"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6450

GET
H/1.1 200
OK master.png
news-info.tech/usa/totalav-anti-bin/ 5 KB
5 KB 108ms
34ms Image
image/png 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-info.tech/usa/totalav-anti-bin/master.png

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

dacb6938e81f9329a851021b95979f319fb2897b3f42deca1b6c940a1e12ffcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 24 Jan 2024 08:50:44 GMT
Server: nginx/1.14.1
ETag: "65b0cf64-14b4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5300

GET
H/1.1 200
OK paypal.png
news-info.tech/usa/totalav-anti-bin/ 6 KB
6 KB 36ms
36ms Image
image/png 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-info.tech/usa/totalav-anti-bin/paypal.png

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

58b6304237a0a91b888d0f20a1d6bdfd8848efaf3ea7f8b58dc70ba63556ac13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 24 Jan 2024 08:50:44 GMT
Server: nginx/1.14.1
ETag: "65b0cf64-16c4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5828

GET
H/1.1 200
OK discover.png
news-info.tech/usa/totalav-anti-bin/ 7 KB
7 KB 37ms
37ms Image
image/png 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-info.tech/usa/totalav-anti-bin/discover.png

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

7f6078e37d408ac5eab55a493815e7dec334e5710ed363faeae25c8bc46cd75f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Wed, 24 Jan 2024 08:50:44 GMT
Server: nginx/1.14.1
ETag: "65b0cf64-1b48"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6984

GET
H/1.1 200
OK subscription.js Show response
pushtorm.net/ 14 KB
4 KB 132ms
30ms Script
application/javascript 142.132.255.57
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushtorm.net/subscription.js

Requested by

Host: news-info.tech
URL: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

142.132.255.57 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.57.255.132.142.clients.your-server.de

Software

nginx/1.14.2 /

Resource Hash

46c3f65c74f9fb2eef2044d3b07caf50c2251bbe3db8a3da4776f0863c334721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Content-Encoding: br
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 21 May 2024 17:00:09 GMT
Server: nginx/1.14.2
ETag: "1daaba056308a1e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK favicon.png
news-info.tech/usa/totalav-anti-bin/ 4 KB
4 KB 34ms
34ms Other
image/png 80.89.234.128
Netherlands

General

Check archive.org

Show headers Download Go to

Full URL

https://news-info.tech/usa/totalav-anti-bin/favicon.png

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.89.234.128 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),

Reverse DNS

vm3981222.1nvme.had.wf

Software

nginx/1.14.1 /

Resource Hash

46f5e6120b725c39546b95d2463cf97344316c9596fee719463fd98c13c161ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://news-info.tech/usa/totalav-anti-bin/?uclick=gxpmktfnvr&uclickhash=gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f
Accept-Language: de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 01 Jun 2024 22:25:48 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Thu, 02 May 2024 09:16:36 GMT
Server: nginx/1.14.1
ETag: "663359f4-ea3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3747

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			vpn-pro.tech/	1970-01-20 21:02:47	Name: uclick Value: gxpmktfnvr
			vpn-pro.tech/	1970-01-20 21:02:47	Name: uclickhash Value: gxpmktfnvr-gxpmktfnvr-k216-0-qn9z-u346fe-u3460-a6873f

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
news-info.tech
pushtorm.net
vpn-pro.tech
142.132.255.57
2a00:1450:4001:811::200a
80.89.234.128
95.216.10.57
10b2d8074293c027ea259c7f69b09fa99de51f615c4cce314f18f26c6986a522
14cd6289c580b567b9574881b14ee965e73fb2f9c807013fc7c5996d270a74ba
46c3f65c74f9fb2eef2044d3b07caf50c2251bbe3db8a3da4776f0863c334721
46f5e6120b725c39546b95d2463cf97344316c9596fee719463fd98c13c161ff
58b6304237a0a91b888d0f20a1d6bdfd8848efaf3ea7f8b58dc70ba63556ac13
71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3
781a8b39c3e0a78b0dbdc4ca0fe020651e5d21fa5615bf474cd59065e4b1e3e8
7f6078e37d408ac5eab55a493815e7dec334e5710ed363faeae25c8bc46cd75f
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
dacb6938e81f9329a851021b95979f319fb2897b3f42deca1b6c940a1e12ffcb
fde3368365ff80618dade0f5e409f3bb483aba6d3e769a302e9dba3d246dd1b3

news-info.tech Open in urlscan Pro 80.89.234.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

118 kBTransfer

186 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

1 Console Messages

Security Headers

Indicators

news-info.tech Open in urlscan Pro
80.89.234.128 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

118 kB
Transfer

186 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions