clients.newtonbates.com Open in urlscan Pro
3.219.132.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clients.newtonbates.com/
Effective URL:
https://clients.newtonbates.com/auth/?f=login&success=%2Fclient
Submission: On February 25 via automatic, source certstream-suspicious (February 25th 2022, 1:57:05 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 3.219.132.80, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is clients.newtonbates.com.
TLS certificate: Issued by Kubernetes Ingress Controller Fake Ce... on January 14th 2022. Valid for: a year.

This is the only time clients.newtonbates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.219.132.80 3.219.132.80	14618 (AMAZON-AES) (AMAZON-AES)
8	18.66.248.116 18.66.248.116	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
12	4

3 3.219.132.80 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-132-80.compute-1.amazonaws.com

clients.newtonbates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.248.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-116.dus51.r.cloudfront.net

dojq4kt8ws9iq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudfront.net dojq4kt8ws9iq.cloudfront.net	371 KB
3	newtonbates.com 1 redirects clients.newtonbates.com	3 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250	33 KB
12	3

	Domain	Requested by
8	dojq4kt8ws9iq.cloudfront.net	clients.newtonbates.com
3	clients.newtonbates.com	1 redirects clients.newtonbates.com
1	ajax.googleapis.com	clients.newtonbates.com
12	3

This site contains links to these domains. Also see Links.

Domain
tnbg.nimbusweb.me

Subject Issuer	Validity	Valid
Kubernetes Ingress Controller Fake Certificate Kubernetes Ingress Controller Fake Certificate	`2022-01-14` - `2023-01-14`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient
Frame ID: 00CBAED7068FBB47FE13CC46AACE456A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Organization domain setup information

Page URL History Show full URLs

https://clients.newtonbates.com/ HTTP 302
https://clients.newtonbates.com/client Page URL
https://clients.newtonbates.com/auth/?f=login&success=%2Fclient Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

406 kB
Transfer

7151 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tnbg.nimbusweb.me/
Title: tnbg.nimbusweb.me

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clients.newtonbates.com/ HTTP 302
https://clients.newtonbates.com/client Page URL
https://clients.newtonbates.com/auth/?f=login&success=%2Fclient Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://clients.newtonbates.com/ HTTP 302
https://clients.newtonbates.com/client

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

401

client
clients.newtonbates.com/
Redirect Chain

https://clients.newtonbates.com/
https://clients.newtonbates.com/client

1 KB
1 KB

106ms
106ms

Document
text/html

3.219.132.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://clients.newtonbates.com/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.219.132.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-132-80.compute-1.amazonaws.com

Software

nginx/1.19.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.19.1
date: Fri, 25 Feb 2022 13:57:00 GMT
content-type: text/html; charset=utf-8
content-length: 1116
x-powered-by: Express
etag: W/"45c-j8ipo+tGLXkrd2+b3VSg1vltl1g"
strict-transport-security: max-age=15724800; includeSubDomains

Redirect headers

server: nginx/1.19.1
date: Fri, 25 Feb 2022 13:57:00 GMT
content-type: text/html; charset=UTF-8
content-length: 1014
location: /client
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 app.36236710e50b50248a25.css
dojq4kt8ws9iq.cloudfront.net/static/css/ 3 MB
348 KB 57ms
15ms Stylesheet
text/css 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/static/css/app.36236710e50b50248a25.css

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:51:39 GMT
content-encoding: gzip
age: 180321
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 22 Feb 2022 08:00:58 GMT
server: nginx/1.19.1
etag: W/"2d865a-17f2072a290"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/css; charset=UTF-8
via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: FRA60-P2, DUS51-P1
access-control-allow-headers: Content-Type
x-amz-cf-id: V_-uhDqSbr0zAuVVnvWe1s8pFMyVIO-cSB-9MOcFAvqaZ_c2udsIlA==

GET
H2 200 nimbus-chunk-editor.36fbf8280fe2a428a073.js
dojq4kt8ws9iq.cloudfront.net/static/assets/ 1 MB
0 178ms
136ms Script
application/javascript 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/static/assets/nimbus-chunk-editor.36fbf8280fe2a428a073.js

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 21 Feb 2022 11:31:06 GMT
content-encoding: gzip
age: 354354
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
last-modified: Mon, 21 Feb 2022 10:51:08 GMT
server: nginx/1.19.1
etag: W/"46689d-17f1be81160"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/javascript; charset=UTF-8
via: 1.1 16aa5c15345b1c0756b83a5ae8ee765e.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: FRA60-P2, DUS51-P1
access-control-allow-headers: Content-Type
x-amz-cf-id: PEXur1ZzvmBeVKweOR5fFdWcsFRFgKhAOn0bmlVY1ooO3LWUT9qYiQ==

GET
H2 200 nimbus-app.36236710e50b50248a25.js
dojq4kt8ws9iq.cloudfront.net/static/assets/ 3 MB
0 116ms
74ms Script
application/javascript 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/static/assets/nimbus-app.36236710e50b50248a25.js

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 23 Feb 2022 11:51:39 GMT
content-encoding: gzip
age: 180321
x-powered-by: Express
x-cache: Hit from cloudfront
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
last-modified: Tue, 22 Feb 2022 08:00:58 GMT
server: nginx/1.19.1
etag: W/"c5848c-17f2072a290"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/javascript; charset=UTF-8
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
cache-control: public, max-age=604800, immutable
x-amz-cf-pop: FRA60-P2, DUS51-P1
access-control-allow-headers: Content-Type
x-amz-cf-id: 4HrFBwS4OoKAUpmZeUyrGrIseGPkCCuFSK5lqnpIyn5bbP7sk-Oo5g==

GET nimbus-custom-elements.0267b204e16aa5cf4ede.js
dojq4kt8ws9iq.cloudfront.net/static/assets/ 0
0

GET
H2 200 Primary Request / Show response
clients.newtonbates.com/auth/ 3 KB
1 KB 210ms
210ms Document
text/html 3.219.132.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.219.132.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-219-132-80.compute-1.amazonaws.com

Software

nginx/1.19.1 /

Resource Hash

513590bc56db1053c882d92fdddc5b7a1cc119e57cc8079b6ce741f1cff4a809

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/client

Response headers

server: nginx/1.19.1
date: Fri, 25 Feb 2022 13:57:00 GMT
content-type: text/html; charset=UTF-8
content-length: 1205
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 flex.css
dojq4kt8ws9iq.cloudfront.net/auth/style/ 22 KB
2 KB 80ms
78ms Stylesheet
text/css 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/auth/style/flex.css

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 /

Resource Hash

f92e46eca23a967a27a39efcee9de38f04ea2b118b373afadccc6e56db700bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:33:19 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 13:00:28 GMT
server: nginx/1.19.1
age: 8621
etag: "56f3-5d7a988caf300-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P2, DUS51-P1
accept-ranges: bytes
content-length: 1716
x-amz-cf-id: wPI5BEITYy6aLd7qSk41M3yqvBuq43cueX5yRCFTdboR444D6U-f4A==

GET
H2 200 style.css
dojq4kt8ws9iq.cloudfront.net/auth/style/ 50 KB
11 KB 80ms
78ms Stylesheet
text/css 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/auth/style/style.css

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 /

Resource Hash

f84b2a1d7a3476dc434d59ce1ef5d327e12c60387757845502a48fd13102064d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 07:25:56 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 13:00:28 GMT
server: nginx/1.19.1
age: 23464
etag: "c76e-5d7a988caf300-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1, DUS51-P1
accept-ranges: bytes
content-length: 10382
x-amz-cf-id: 1-ocJhiOXXR5Vh908rWkcbRlecHzwyzbPTmIhIGIsHqqlWMpmouh6A==

GET
H2 200 forms_nimbus.css
dojq4kt8ws9iq.cloudfront.net/auth/style/ 9 KB
3 KB 520ms
518ms Stylesheet
text/css 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/auth/style/forms_nimbus.css?v=4

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 /

Resource Hash

227fc007cfc667d2a0ee3befa0d50f867210c662ae8a484b28f44d817db753d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 13:57:01 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 13:00:28 GMT
server: nginx/1.19.1
x-amz-cf-pop: FRA50-C1, DUS51-P1
etag: "2326-5d7a988caf300-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
via: 1.1 bab8148a65b29113f79cf2725076287c.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 2388
x-amz-cf-id: 9vuHYyRzA63XYMqnZnOMoZOPcFZ4e6vz58vPgnb6mC4y03VErw6pGQ==

GET
H2 200 query.css
dojq4kt8ws9iq.cloudfront.net/auth/style/ 7 KB
2 KB 80ms
79ms Stylesheet
text/css 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/auth/style/query.css

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 /

Resource Hash

d7e382ebd21ada3052b2a542823a480d6429175d69a41a1c86df939da0854386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:18:17 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 13:00:28 GMT
server: nginx/1.19.1
age: 9523
etag: "1a58-5d7a988caf300-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/css
via: 1.1 24c299c0a6423c6f96984a85fb014108.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1, DUS51-P1
accept-ranges: bytes
content-length: 1601
x-amz-cf-id: 7NrEGLobO_f-c-60KUmWZQlvAlZWhxYYM9i8fI4uhFvb-C-rsVxVTw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.0/ 91 KB
33 KB 50ms
17ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.0/jquery.min.js

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 10:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271146
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32964
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Feb 2023 10:37:54 GMT

GET
H2 200 sourcebuster.min.js Show response
dojq4kt8ws9iq.cloudfront.net/auth/js/ 14 KB
5 KB 79ms
78ms Script
application/javascript 18.66.248.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dojq4kt8ws9iq.cloudfront.net/auth/js/sourcebuster.min.js

Requested by

Host: clients.newtonbates.com
URL: https://clients.newtonbates.com/auth/?f=login&success=%2Fclient

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.248.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-248-116.dus51.r.cloudfront.net

Software

nginx/1.19.1 /

Resource Hash

eec4d0715e9fffd3683df1b8dda42758ed9be7df9fc2a2c95e446dac41fb5041

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://clients.newtonbates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:18:17 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 13:00:27 GMT
server: nginx/1.19.1
age: 9523
etag: "38b0-5d7a988bbb0c0-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront), 1.1 3f309afe37d854da2eb973ba0e31d032.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1, DUS51-P1
accept-ranges: bytes
content-length: 4641
x-amz-cf-id: jpKu5DkAa_7fpS2SXm_zpyWUthQD7T7E8z68oJ0Af-tqDePZvHIQbA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dojq4kt8ws9iq.cloudfront.net
URL: https://dojq4kt8ws9iq.cloudfront.net/static/assets/nimbus-custom-elements.0267b204e16aa5cf4ede.js

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.clients.newtonbates.com/	1969-12-31 23:59:59	Name: eversessionid Value: 2s7q3QOCTkdzzRv5PV71hQbTOvCOQUHd
.clients.newtonbates.com/	1970-01-20 05:29:09	Name: sbjs_migrations Value: 1418474375998%3D1
.clients.newtonbates.com/	1970-01-20 05:29:09	Name: sbjs_current_add Value: fd%3D2022-02-25%2013%3A57%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fclients.newtonbates.com%2Fauth%2F%3Ff%3Dlogin%26success%3D%252Fclient%7C%7C%7Crf%3Dhttps%3A%2F%2Fclients.newtonbates.com%2Fclient
.clients.newtonbates.com/	1970-01-20 05:29:09	Name: sbjs_first_add Value: fd%3D2022-02-25%2013%3A57%3A01%7C%7C%7Cep%3Dhttps%3A%2F%2Fclients.newtonbates.com%2Fauth%2F%3Ff%3Dlogin%26success%3D%252Fclient%7C%7C%7Crf%3Dhttps%3A%2F%2Fclients.newtonbates.com%2Fclient
.clients.newtonbates.com/	1970-01-20 05:29:09	Name: sbjs_current Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.clients.newtonbates.com/	1970-01-20 05:29:09	Name: sbjs_first Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.clients.newtonbates.com/	1970-01-20 05:29:09	Name: sbjs_udata Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F98.0.4758.80%20Safari%2F537.36
.clients.newtonbates.com/	1970-01-20 01:09:59	Name: sbjs_session Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fclients.newtonbates.com%2Fauth%2F%3Ff%3Dlogin%26success%3D%252Fclient

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://clients.newtonbates.com/client Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
clients.newtonbates.com
dojq4kt8ws9iq.cloudfront.net
dojq4kt8ws9iq.cloudfront.net
18.66.248.116
2a00:1450:4001:813::200a
3.219.132.80
1e80de36726582824df3f9a7eb6ecdfe9827fc5a7c69f597b1502ebc13950ecd
227fc007cfc667d2a0ee3befa0d50f867210c662ae8a484b28f44d817db753d0
513590bc56db1053c882d92fdddc5b7a1cc119e57cc8079b6ce741f1cff4a809
d7e382ebd21ada3052b2a542823a480d6429175d69a41a1c86df939da0854386
eec4d0715e9fffd3683df1b8dda42758ed9be7df9fc2a2c95e446dac41fb5041
f84b2a1d7a3476dc434d59ce1ef5d327e12c60387757845502a48fd13102064d
f92e46eca23a967a27a39efcee9de38f04ea2b118b373afadccc6e56db700bc8

clients.newtonbates.com Open in urlscan Pro 3.219.132.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

75 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

406 kBTransfer

7151 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

8 Cookies

1 Console Messages

Security Headers

Indicators

clients.newtonbates.com Open in urlscan Pro
3.219.132.80 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

406 kB
Transfer

7151 kB
Size

8
Cookies

12 HTTP transactions
0 data transactions