news.bluemailing.be Open in urlscan Pro
116.203.118.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3
Submission: On October 13 via api (October 13th 2021, 12:31:51 am UTC) from BE — Scanned from DE

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 116.203.118.191, located in Germany and belongs to HETZNER-AS, DE. The main domain is news.bluemailing.be.

This is the only time news.bluemailing.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	116.203.118.191 116.203.118.191	24940 (HETZNER-AS) (HETZNER-AS)
1	52.218.28.251 52.218.28.251	16509 (AMAZON-02) (AMAZON-02)
3	52.218.105.51 52.218.105.51	16509 (AMAZON-02) (AMAZON-02)
2	185.82.140.203 185.82.140.203	42812 (DT-IT) (DT-IT)
8	4

2 116.203.118.191 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb04.brm24.de

news.bluemailing.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.28.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.105.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

rq4u-craftie.s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.82.140.203 (Arnhem, Netherlands)

ASN42812 (DT-IT, NL)

www.snelleofferte.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	amazonaws.com s3-eu-west-1.amazonaws.com rq4u-craftie.s3-eu-west-1.amazonaws.com	132 KB
2	snelleofferte.nl www.snelleofferte.nl	7 KB
2	bluemailing.be news.bluemailing.be	6 KB
8	3

	Domain	Requested by
3	rq4u-craftie.s3-eu-west-1.amazonaws.com	news.bluemailing.be
2	www.snelleofferte.nl	news.bluemailing.be
2	news.bluemailing.be	news.bluemailing.be
1	s3-eu-west-1.amazonaws.com	news.bluemailing.be
8	4

This site contains links to these domains. Also see Links.

Domain
www.bluemailing.be

Subject Issuer	Validity	Valid
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
www.snelleofferte.nl R3	`2021-09-02` - `2021-12-01`	3 months	crt.sh
news.bluemailing.be R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3
Frame ID: E12A0DCEE63B6F0466BFAB11F5FDB553
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

145 kB
Transfer

177 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bluemailing.be/contact.html
Title: Contact

Search URL Search Domain Scan URL

URL: http://www.bluemailing.be/impressum.html
Title: Impressum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request vo.php Show response news.bluemailing.be/	40 KB 6 KB	1140ms 1124ms	Document text/html	116.203.118.191 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Server 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb04.brm24.de Software nginx/1.18.0 / Resource Hash `06315eea4ef535077c4073195ebcaf7b57f76e21f3084336c9573da94dfd437d` Request headers Host news.bluemailing.be Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.18.0 Date Wed, 13 Oct 2021 00:31:47 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip
GET H/1.1	200 OK	logo-benl.png s3-eu-west-1.amazonaws.com/rq4u-craftie/images/	4 KB 5 KB	147ms 47ms	Image image/png	52.218.28.251 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3-eu-west-1.amazonaws.com/rq4u-craftie/images/logo-benl.png Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.28.251 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1.amazonaws.com Software AmazonS3 / Resource Hash `9c656b0ee6394fce940ad6e16a0e346dd501c7642b8b81543db97d6df76f3cc4` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:48 GMT Last-Modified Wed, 31 Jan 2018 10:46:54 GMT Server AmazonS3 x-amz-request-id 380M1J2KXW112JB1 ETag "acee4bf5f88a0e7b6301c0ba86b3a3b5" Content-Language be-nl x-amz-version-id null Accept-Ranges bytes Content-Type image/png Content-Length 4388 x-amz-id-2 U0hoDrO/rm47C1cwe5RvouF8n3jI6Bwe+pvtrcx7XDP0xk9GMeDdP1h+yk1wLCDPI/mlMYsFvfU=
GET H/1.1	200 OK	img-trustedshops-rating-mandrill.png rq4u-craftie.s3-eu-west-1.amazonaws.com/images/mail-images/	1 KB 2 KB	150ms 46ms	Image image/png	52.218.105.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://rq4u-craftie.s3-eu-west-1.amazonaws.com/images/mail-images/img-trustedshops-rating-mandrill.png Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.51 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash `89c9568fa03d209b2a00c022cdaf3fb52117cff3e2fb8ac6f55cce63577039f8` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:48 GMT Last-Modified Wed, 15 Apr 2020 09:44:50 GMT Server AmazonS3 x-amz-request-id 380M7BZF110AEGV0 ETag "4116cfc81c9e65f1db0e304ab1d4a447" Content-Type image/png x-amz-version-id null Accept-Ranges bytes Content-Length 1224 x-amz-id-2 jDKfHRVZtaBadOVlnpvtpXFECT90ovxx238YtZQ7ed8n9Yb1FZRtQXv2jhaH5Dqqs/VvdFhnGv0=
GET H/1.1	200 OK	324-143-cus-bar_wis-np-nt-nb-not.jpg rq4u-craftie.s3-eu-west-1.amazonaws.com/images/mail-images/	82 KB 82 KB	172ms 67ms	Image image/jpeg	52.218.105.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://rq4u-craftie.s3-eu-west-1.amazonaws.com/images/mail-images/324-143-cus-bar_wis-np-nt-nb-not.jpg Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.51 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash `3d05672d4abc449afa4c1a4b730130002a35481b08ce928188b4db9f05cd2875` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:48 GMT Last-Modified Thu, 25 Mar 2021 12:03:02 GMT Server AmazonS3 x-amz-request-id 380ZA7WR150EDQK9 ETag "2d90d7692cc2b31ba32f263d0aa77f46" Content-Type image/jpeg x-amz-version-id 7g1z8nfh5n..Am_fnsBKaK9wb7jhpa_v Accept-Ranges bytes Content-Length 83521 x-amz-id-2 9hs98Cn9ePeXGPE980Q/DWxfyegXIVTvEgVbjrEU16me0xCe5lFdIbaCpyKDb+SCZn3EaBO00JI=
GET H/1.1	200 OK	step-1-1.png www.snelleofferte.nl/assets/images/inloopdouches/	3 KB 4 KB	76ms 15ms	Image image/png	185.82.140.203 DT-IT
General Check archive.org Show headers Download Go to Show image Full URL https://www.snelleofferte.nl/assets/images/inloopdouches/step-1-1.png Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.82.140.203 Arnhem, Netherlands, ASN42812 (DT-IT, NL), Reverse DNS Software nginx / Resource Hash `505611ea57fc05f0a62910adba5f37c62eeee00d103e0b046fbf0ef8c00ae504` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:47 GMT Last-Modified Tue, 10 Oct 2017 08:10:19 GMT Server nginx ETag "59dc806b-cd3" Content-Type image/png Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 3283 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	step-1-2.png www.snelleofferte.nl/assets/images/inloopdouches/	3 KB 3 KB	76ms 15ms	Image image/png	185.82.140.203 DT-IT
General Check archive.org Show headers Download Go to Show image Full URL https://www.snelleofferte.nl/assets/images/inloopdouches/step-1-2.png Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.82.140.203 Arnhem, Netherlands, ASN42812 (DT-IT, NL), Reverse DNS Software nginx / Resource Hash `a80e0cf8994d9f034b0ddc45e79618b8b713b63e700fd2b8bf3fa3b298a4439d` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:47 GMT Last-Modified Tue, 10 Oct 2017 08:10:19 GMT Server nginx ETag "59dc806b-b3b" Content-Type image/png Cache-Control max-age=315360000, public Connection keep-alive Accept-Ranges bytes Content-Length 2875 Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	voor-na-nl.jpg rq4u-craftie.s3-eu-west-1.amazonaws.com/images/mail-images/	43 KB 44 KB	166ms 62ms	Image image/jpeg	52.218.105.51 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://rq4u-craftie.s3-eu-west-1.amazonaws.com/images/mail-images/voor-na-nl.jpg Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.218.105.51 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS s3-eu-west-1-r-w.amazonaws.com Software AmazonS3 / Resource Hash `ca3a12b8d1763088b9d392432a983f9ce1cf99c80f6d0e70833fc68f89fbe6d7` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:48 GMT Last-Modified Fri, 22 Mar 2019 13:17:58 GMT Server AmazonS3 x-amz-request-id 380PQE85V4BAN424 ETag "dd089a5600f04ce567e69d910876d03a" Content-Type image/jpeg x-amz-version-id null Accept-Ranges bytes Content-Length 44503 x-amz-id-2 zYqOQRE/dKwdelxAPgAwSLhvzjohWZYnNI6RoaxpCb1GeD4jBNriSPPmRxcgoO+O8df5+G7c3ro=
GET H/1.1	200 OK	O news.bluemailing.be/	60 B 60 B	78ms 51ms	Image image/gif	116.203.118.191 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://news.bluemailing.be/O?20153-1311353-597192-925549269-999-4-222.gif Requested by Host: news.bluemailing.be URL: http://news.bluemailing.be/vo.php?client_id=20153&campagne_id=1311353&message_id=597192&mid=dde4742b691cfeec376f369b087226e3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS lb04.brm24.de Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://news.bluemailing.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Wed, 13 Oct 2021 00:31:47 GMT Server nginx/1.18.0 Connection keep-alive Transfer-Encoding chunked Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

news.bluemailing.be
rq4u-craftie.s3-eu-west-1.amazonaws.com
s3-eu-west-1.amazonaws.com
www.snelleofferte.nl
116.203.118.191
185.82.140.203
52.218.105.51
52.218.28.251
06315eea4ef535077c4073195ebcaf7b57f76e21f3084336c9573da94dfd437d
3d05672d4abc449afa4c1a4b730130002a35481b08ce928188b4db9f05cd2875
505611ea57fc05f0a62910adba5f37c62eeee00d103e0b046fbf0ef8c00ae504
89c9568fa03d209b2a00c022cdaf3fb52117cff3e2fb8ac6f55cce63577039f8
9c656b0ee6394fce940ad6e16a0e346dd501c7642b8b81543db97d6df76f3cc4
a80e0cf8994d9f034b0ddc45e79618b8b713b63e700fd2b8bf3fa3b298a4439d
ca3a12b8d1763088b9d392432a983f9ce1cf99c80f6d0e70833fc68f89fbe6d7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

news.bluemailing.be Open in urlscan Pro 116.203.118.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

145 kBTransfer

177 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

news.bluemailing.be Open in urlscan Pro
116.203.118.191 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

145 kB
Transfer

177 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions