news.belaanbieding.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 195.140.186.101, located in Germany and belongs to GLOBALACCESS, DE. The main domain is news.belaanbieding.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on February 10th 2023. Valid for: a year.

This is the only time news.belaanbieding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	195.140.186.101 195.140.186.101	15960 (GLOBALACCESS) (GLOBALACCESS)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	204.236.158.215 204.236.158.215	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
7	4

5 195.140.186.101 (Germany) 1 redirects

ASN15960 (GLOBALACCESS, DE)
PTR: www.l3.ec-messenger.com

news.belaanbieding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.236.158.215 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-204-236-158-215.us-west-1.compute.amazonaws.com

som.trkng.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	belaanbieding.com 1 redirects news.belaanbieding.com	79 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	trkng.nl som.trkng.nl	523 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	1 KB
7	4

	Domain	Requested by
5	news.belaanbieding.com	1 redirects news.belaanbieding.com
1	fonts.gstatic.com	fonts.googleapis.com
1	som.trkng.nl	news.belaanbieding.com
1	fonts.googleapis.com	news.belaanbieding.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
news.belaanbieding.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-02-10` - `2024-03-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
som.trkng.nl Amazon RSA 2048 M01	`2023-02-10` - `2024-01-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
Frame ID: 5492045D5408101FDF33BCE25A784590
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page URL History Show full URLs

https://news.belaanbieding.com/public/read_message.jsp?tsp=1680909785666&custid=21086&uid=21035246676&sig=A... HTTP 302
https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283 Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

124 kB
Transfer

141 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.belaanbieding.com/public/read_message.jsp?tsp=1680909785666&custid=21086&uid=21035246676&sig=ABKFGHOLPODMALFG&mid=2105766569 HTTP 302
https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200

Primary Request read_message.jsp;jsessionid=0;apw17 Show response
news.belaanbieding.com/public/
Redirect Chain

https://news.belaanbieding.com/public/read_message.jsp?tsp=1680909785666&custid=21086&uid=21035246676&sig=ABKFGHOLPODMALFG&mid=2105766569
https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283

16 KB
17 KB

155ms
155ms

Document
text/html

195.140.186.101
GLOBALACCESS

General

Check archive.org

Show headers Download Go to

Full URL

https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

195.140.186.101 , Germany, ASN15960 (GLOBALACCESS, DE),

Reverse DNS

www.l3.ec-messenger.com

Software

WebServer /

Resource Hash

174b80246b83b76bff6bb199218ccf6b91779e8e4b3b0a2118e6e34fcd6d5390

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, no-cache, no-store, must-revalidate, proxy-revalidate
content-type: text/html;charset=UTF-8
date: Sat, 08 Apr 2023 06:32:28 GMT
expires: Fri, 07 Apr 2023 06:32:28 GMT
feature-policy: autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
p3p: CP="CAO PSA OUR"
pragma: no-cache
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: WebServer
strict-transport-security: max-age=63072000; includeSubDomains
transfer-encoding: chunked
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

content-length: 0
date: Sat, 08 Apr 2023 06:32:28 GMT
feature-policy: autoplay 'self'; camera 'self'; document-domain 'self'; encrypted-media 'self'; fullscreen 'self'; geolocation 'self'; microphone 'self'; midi 'self'; payment 'self';
location: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
referrer-policy: no-referrer, strict-origin-when-cross-origin
server: WebServer
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 85ms
33ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,800

Requested by

Host: news.belaanbieding.com
URL: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf7a52a2740ff9e88a115567ce9d8c4ce65d93502098e718a77dcb60154bee14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.belaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 08 Apr 2023 06:32:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 08 Apr 2023 06:32:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 Apr 2023 06:32:28 GMT

GET
H/1.1 200 p.gif
news.belaanbieding.com/tr/ 42 B
216 B 53ms
31ms Image
image/gif 195.140.186.101
GLOBALACCESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.belaanbieding.com/tr/p.gif?uid=21035246676&mid=2105766569&msd=1680909305135&s=MPPCNNMGBGPOEKKG&st=
Requested by: Host: news.belaanbieding.com
URL: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.140.186.101 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS: www.l3.ec-messenger.com
Software: WebServer /
Resource Hash: 492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed Feb 9 0:19:49 CET 2000
pragma: no-cache
date: Sat, 08 Apr 2023 06:32:28 GMT
server: WebServer
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK logo.png
news.belaanbieding.com/imgproxy/img/778044563/ 7 KB
8 KB 57ms
27ms Image
image/png 195.140.186.101
GLOBALACCESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.belaanbieding.com/imgproxy/img/778044563/logo.png
Requested by: Host: news.belaanbieding.com
URL: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.140.186.101 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS: www.l3.ec-messenger.com
Software: WebServer /
Resource Hash: 23c07e4313d0235e2603a11a7d8f5483f0c6e45f0542332d9cb62b0332e3101d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 06:28:08 GMT
last-modified: Wed, 05 Apr 2023 16:10:23 GMT
server: WebServer
etag: "1"
surrogate-control: max-age=900, must-revalidate
content-type: image/png
cache-control: max-age=900, s-maxage=900, proxy-revalidate
accept-ranges: bytes
content-length: 7599

GET
H/1.1 200
OK beeld-header.jpg
news.belaanbieding.com/imgproxy/img/778044564/ 53 KB
53 KB 59ms
28ms Image
image/jpeg 195.140.186.101
GLOBALACCESS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.belaanbieding.com/imgproxy/img/778044564/beeld-header.jpg
Requested by: Host: news.belaanbieding.com
URL: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 195.140.186.101 , Germany, ASN15960 (GLOBALACCESS, DE),
Reverse DNS: www.l3.ec-messenger.com
Software: WebServer /
Resource Hash: c212beba55a3018b4b5d383ba34135f5ff60df12eba465d530676a2cb0df80e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sat, 08 Apr 2023 06:29:50 GMT
last-modified: Wed, 05 Apr 2023 16:10:23 GMT
server: WebServer
etag: "1"
surrogate-control: max-age=900, must-revalidate
content-type: image/jpeg
cache-control: max-age=900, s-maxage=900, proxy-revalidate
accept-ranges: bytes
content-length: 53936

GET
H/1.1 200
OK aff_i
som.trkng.nl/ 43 B
523 B 749ms
177ms Image
image/gif 204.236.158.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://som.trkng.nl/aff_i?offer_id=3164&file_id=5099&aff_id=1114
Requested by: Host: news.belaanbieding.com
URL: https://news.belaanbieding.com/public/read_message.jsp;jsessionid=0;apw17?sigreq=1236782283
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.236.158.215 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-204-236-158-215.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://news.belaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 Apr 2023 06:32:29 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 1022f8c12c79e3eb559df18950980c
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: a1e319ca548d7495e9adf8ad3fc28d8c
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 69ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,800

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.belaanbieding.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 331284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:04 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			news.belaanbieding.com/	1970-01-20 10:55:35	Name: ECM Value: 1F60EAE9750E8E6E69109A3305732DC4

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'document-domain'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
news.belaanbieding.com
som.trkng.nl
195.140.186.101
204.236.158.215
2a00:1450:4001:812::200a
2a00:1450:4001:82f::2003
174b80246b83b76bff6bb199218ccf6b91779e8e4b3b0a2118e6e34fcd6d5390
23c07e4313d0235e2603a11a7d8f5483f0c6e45f0542332d9cb62b0332e3101d
492b292fd4e408db92b71f2c83f609203f9f716c9d7cdb35c3e663f1f8ca72ff
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
bf7a52a2740ff9e88a115567ce9d8c4ce65d93502098e718a77dcb60154bee14
c212beba55a3018b4b5d383ba34135f5ff60df12eba465d530676a2cb0df80e7

news.belaanbieding.com Open in urlscan Pro 195.140.186.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

124 kBTransfer

141 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

news.belaanbieding.com Open in urlscan Pro
195.140.186.101 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

124 kB
Transfer

141 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions