news.blueaanbieding.com Open in urlscan Pro
116.203.118.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Submission: On October 17 via api (October 17th 2021, 11:01:32 am UTC) from BE — Scanned from DE

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 5 countries across 6 domains to perform 18 HTTP transactions. The main IP is 116.203.118.191, located in Germany and belongs to HETZNER-AS, DE. The main domain is news.blueaanbieding.com.

This is the only time news.blueaanbieding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	116.203.118.191 116.203.118.191	24940 (HETZNER-AS) (HETZNER-AS)
1	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
12	54.36.145.173 54.36.145.173	16276 (OVH) (OVH)
1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
1	193.149.246.164 193.149.246.164	6848 (TELENET-AS) (TELENET-AS)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
18	6

2 116.203.118.191 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb04.brm24.de

news.blueaanbieding.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.36.145.173 (Spain)

ASN16276 (OVH, FR)
PTR: cluster028.hosting.ovh.net

img.blauwnieuwsbrief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

immowise.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.149.246.164 (Anderlecht, Belgium)

ASN6848 (TELENET-AS, BE)

www.partena-ziekenfonds.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	blauwnieuwsbrief.com img.blauwnieuwsbrief.com
2	blueaanbieding.com news.blueaanbieding.com	7 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	partena-ziekenfonds.be www.partena-ziekenfonds.be	53 KB
1	go2cloud.org immowise.go2cloud.org	523 B
1	googleapis.com fonts.googleapis.com	1 KB
18	6

	Domain	Requested by
12	img.blauwnieuwsbrief.com	news.blueaanbieding.com
2	news.blueaanbieding.com	news.blueaanbieding.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.partena-ziekenfonds.be	news.blueaanbieding.com
1	immowise.go2cloud.org	news.blueaanbieding.com
1	fonts.googleapis.com	news.blueaanbieding.com
18	6

This site contains links to these domains. Also see Links.

Domain
www.blueaanbieding.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
news.blueaanbieding.com R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.partena-ziekenfonds.be GlobalSign GCC R3 DV TLS CA 2020	`2021-10-08` - `2022-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 1 frames:

Primary Page: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Frame ID: A3EB62FB095C380E7971B4E456A6F0CF
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

18
Requests

22 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

78 kB
Transfer

105 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.blueaanbieding.com/contact.html
Title: Contact

Search URL Search Domain Scan URL

URL: http://www.blueaanbieding.com/impressum.html
Title: Impressum

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request vo.php Show response
news.blueaanbieding.com/ 37 KB
7 KB 1204ms
1166ms Document
text/html 116.203.118.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb04.brm24.de
Software: nginx/1.18.0 /
Resource Hash: c907a99e6b073d9198860614e37352aa11d0e48c7a7958f2cc4d6b6641c28f5d

Request headers

Host: news.blueaanbieding.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx/1.18.0
Date: Sun, 17 Oct 2021 11:01:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 40ms
17ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500&display=swap

Requested by

Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

ESF /

Resource Hash

f04236b247e99f21f5cd8ca69d4195d60c39a526bffad8812bf4b941903fcb28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 17 Oct 2021 10:48:01 GMT
server: ESF
date: Sun, 17 Oct 2021 11:01:27 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 17 Oct 2021 11:01:27 GMT

GET
H/1.1 503
Service Unavailable evi.jpg
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 41ms
18ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/evi.jpg
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 01_rusteenpersoonskamer.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 37ms
16ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/01_rusteenpersoonskamer.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 02_erelonen.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 38ms
17ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/02_erelonen.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 03_terugbetaling.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 37ms
16ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/03_terugbetaling.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 04_voorzorgnazorg.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 37ms
16ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/04_voorzorgnazorg.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 05_grensbedrag.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 36ms
15ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/05_grensbedrag.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 06_dienstenpakket.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 30ms
15ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/06_dienstenpakket.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable tagline.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 31ms
15ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/tagline.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable twitter.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 32ms
17ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/twitter.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable facebook.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 30ms
15ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/facebook.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable instagram.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 31ms
16ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/instagram.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable linkedin.png
img.blauwnieuwsbrief.com/2021/10/956356/ 0
0 31ms
16ms Image
text/html 54.36.145.173
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.blauwnieuwsbrief.com/2021/10/956356/linkedin.png
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 54.36.145.173 , Spain, ASN16276 (OVH, FR),
Reverse DNS: cluster028.hosting.ovh.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK aff_i
immowise.go2cloud.org/ 43 B
523 B 78ms
37ms Image
image/gif 52.210.2.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://immowise.go2cloud.org/aff_i?offer_id=94&aff_id=1005&file_id=87
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Server: 52.210.2.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 17 Oct 2021 11:01:27 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 102815a3afd5690ebbec0005b4685b
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: eb3f2aae23465cf465338c98e9978de5
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK O
news.blueaanbieding.com/ 60 B
60 B 116ms
86ms Image
image/gif 116.203.118.191
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://news.blueaanbieding.com/O?20153-1316342-599466-1481391487-999-4-222.gif
Requested by: Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb04.brm24.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 17 Oct 2021 11:01:27 GMT
Server: nginx/1.18.0
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H/1.1 200
OK header-mailing-evi.jpg
www.partena-ziekenfonds.be/-/media/partenaziekenfonds/emails/affiliates/ 44 KB
53 KB 169ms
48ms Image
image/jpeg 193.149.246.164
TELENET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.partena-ziekenfonds.be/-/media/partenaziekenfonds/emails/affiliates/header-mailing-evi.jpg

Requested by

Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1316342&message_id=599466&mid=969960808080a57ad5de73a3d35bcf52

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_GCM

Server

193.149.246.164 Anderlecht, Belgium, ASN6848 (TELENET-AS, BE),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

ef9548489ce92ce55542f441a1319ef5c059f8717bdf37badeccf7581394c347

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://news.blueaanbieding.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=16070400; includeSubDomains
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: default-src 'self' https://bam.eu01.nr-data.net *.visualstudio.com http://*.google.com https://*.google.com http://*.google.be https://*.google.be http://*.google.nl https://*.google.nl http://*.google.pl https://*.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com; script-src 'self' data: connect.facebook.net cogupo.piyugahevo.com tpc.googlesyndication.com i.tryinteract.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googleadservices.com *.bootstrapcdn.com db2.partena-ziekenfonds.be *.partena-tools.be code.jquery.com bat.bing.com *.onetrust.com *.msecnd.net https://bat.bing.com https://cdn.cookielaw.org https://diffuser-cdn.app-us1.com *.newrelic.com 'unsafe-eval' 'unsafe-inline' https://bam.eu01.nr-data.net *.visualstudio.com *.google.com *.google.be *.google.nl *.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com http://www.partena-tools.be; script-src-elem 'self' *.hotjar.com diffuser-cdn.app-us1.com maps.googleapis.com cdn.cookielaw.org *.kis.v2.scr.kaspersky-labs.com https://gc.kis.v2.scr.kaspersky-labs.com https://www.googletagmanager.com https://diffuser-cdn.app-us1.com https://www.googleadservices.com https://js-agent.newrelic.com *.partena-ziekenfonds.be *.outbrain.com mocadi.wisoyekivo.com connect.facebook.net cogupo.piyugahevo.com tpc.googlesyndication.com i.tryinteract.com cdn.jsdelivr.net cdnjs.cloudflare.com www.googleadservices.com *.bootstrapcdn.com db2.partena-ziekenfonds.be *.partena-tools.be code.jquery.com bat.bing.com *.onetrust.com *.msecnd.net https://bat.bing.com https://cdn.cookielaw.org https://diffuser-cdn.app-us1.com *.newrelic.com 'unsafe-eval' 'unsafe-inline' https://bam.eu01.nr-data.net *.visualstudio.com *.google.com *.google.be *.google.nl *.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com http://www.partena-tools.be; style-src 'self' https://code.jquery.com maxcdn.icons8.com hello.myfonts.net cdnjs.cloudflare.com *.typekit.net *.partena-tools.be https://fast.fonts.net *.bootstrapcdn.com 'unsafe-inline' https://bam.eu01.nr-data.net *.visualstudio.com *.google.com *.google.be *.google.nl *.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com; img-src 'self' data: http://www.partena-tools.be https://www.partena-tools.be android-webview-video-poster connect.facebook.net app.gimme.eu www.googleadservices.com www.cashbackxl.nl iml1.nl *.imailo.nl *.partena-ziekenfonds.be *.ggpht.com www.partena-tools.be cdn.rawgit.com raw.githubusercontent.com android-webview-video-poster *.ytimg.com www.gstatic.com cdn.cookielaw.org https://www.partena-ziekenfonds.be https://maps.gstatic.com https://bat.bing.com https://bam.eu01.nr-data.net *.visualstudio.com http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com *.google.com *.google.ad *.google.ae *.google.com.af *.google.com.ag *.google.com.ai *.google.al *.google.am *.google.co.ao *.google.com.ar *.google.as *.google.at *.google.com.au *.google.az *.google.ba *.google.com.bd *.google.be *.google.bf *.google.bg *.google.com.bh *.google.bi *.google.bj *.google.com.bn *.google.com.bo *.google.com.br *.google.bs *.google.bt *.google.co.bw *.google.by *.google.com.bz *.google.ca *.google.cd *.google.cf *.google.cg *.google.ch *.google.ci *.google.co.ck *.google.cl *.google.cm *.google.cn *.google.com.co *.google.co.cr *.google.com.cu *.google.cv *.google.com.cy *.google.cz *.google.de *.google.dj *.google.dk *.google.dm *.google.com.do *.google.dz *.google.com.ec *.google.ee *.google.com.eg *.google.es *.google.com.et *.google.fi *.google.com.fj *.google.fm *.google.fr *.google.ga *.google.ge *.google.gg *.google.com.gh *.google.com.gi *.google.gl *.google.gm *.google.gr *.google.com.gt *.google.gy *.google.com.hk *.google.hn *.google.hr *.google.ht *.google.hu *.google.co.id *.google.ie *.google.co.il *.google.im *.google.co.in *.google.iq *.google.is *.google.it *.google.je *.google.com.jm *.google.jo *.google.co.jp *.google.co.ke *.google.com.kh *.google.ki *.google.kg *.google.co.kr *.google.com.kw *.google.kz *.google.la *.google.com.lb *.google.li *.google.lk *.google.co.ls *.google.lt *.google.lu *.google.lv *.google.com.ly *.google.co.ma *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.com.mm *.google.mn *.google.ms *.google.com.mt *.google.mu *.google.mv *.google.mw *.google.com.mx *.google.com.my *.google.co.mz *.google.com.na *.google.com.ng *.google.com.ni *.google.ne *.google.nl *.google.no *.google.com.np *.google.nr *.google.nu *.google.co.nz *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.pl *.google.pn *.google.com.pr *.google.ps *.google.pt *.google.com.py *.google.com.qa *.google.ro *.google.ru *.google.rw *.google.com.sa *.google.com.sb *.google.sc *.google.se *.google.com.sg *.google.sh *.google.si *.google.sk *.google.com.sl *.google.sn *.google.so *.google.sm *.google.sr *.google.st *.google.com.sv *.google.td *.google.tg *.google.co.th *.google.com.tj *.google.tl *.google.tm *.google.tn *.google.to *.google.com.tr *.google.tt *.google.com.tw *.google.co.tz *.google.com.ua *.google.co.ug *.google.co.uk *.google.com.uy *.google.co.uz *.google.com.vc *.google.co.ve *.google.vg *.google.co.vi *.google.com.vn *.google.vu *.google.ws *.google.rs *.google.co.za *.google.co.zm *.google.co.zw *.google.cat; font-src 'self' data: cdn.faceworks.nl static3.avast.com maxcdn.icons8.com chrome://resources www.partena-tools.be https://cdnjs.cloudflare.com use.typekit.net https://fonts.gstatic.com https://fast.fonts.net *.bootstrapcdn.com *.visualstudio.com *.google.com *.google.be *.google.nl *.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com; frame-src 'self' ms-appx-web anwebconsole https://gateway.zscaler.net mozbar.moz.com tpc.googlesyndication.com quiz.tryinteract.com *.oswald.ai https://www.youtube.com https://youtu.be https://youtu.com *.visualstudio.com *.google.com *.google.be *.google.nl *.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com; frame-ancestors 'self' quiz.tryinteract.com; connect-src 'self' www.partena-tools.be *.onetrust.com db2.partena-ziekenfonds.be bam.eu01.nr-data.net wss://*.hotjar.com *.hotjar.com *.oswald.ai https://cdn.cookielaw.org https://bat.bing.com https://www.youtube.com https://youtu.be https://youtu.com *.visualstudio.com http://*.google.com https://*.google.com http://*.google.be https://*.google.be http://*.google.nl https://*.google.nl http://*.google.pl https://*.google.pl http://www.googletagmanager.com https://www.googletagmanager.com *.google-analytics.com *.googleapis.com *.facebook.com *.hotjar.io *.hotjar.com https://trackcmp.net *.doubleclick.net https://prism.app-us1.com; object-src 'none'; report-uri /CspReportsHandler.ashx
Content-Disposition: inline; filename="header-mailing-evi.jpg"
Content-Length: 45362
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:f8e2830e-ead3-46cb-bb4e-bb247391356e
Last-Modified: Sat, 09 Oct 2021 16:55:31 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 17 Oct 2021 11:01:26 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: GET,POST
Content-Type: image/jpeg
Access-Control-Allow-Origin: https://www.partena-ziekenfonds.be
Cache-Control: private, max-age=604800
X-UA-Compatible: IE=Edge
Accept-Ranges: bytes
Access-Control-Allow-Headers: Content-Type
Expires: Sun, 24 Oct 2021 11:01:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 29ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://news.blueaanbieding.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 16:31:57 GMT
x-content-type-options: nosniff
age: 325770
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Oct 2022 16:31:57 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/05_grensbedrag.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/01_rusteenpersoonskamer.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/03_terugbetaling.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/04_voorzorgnazorg.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/02_erelonen.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/evi.jpg Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/06_dienstenpakket.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/facebook.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/tagline.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/instagram.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/linkedin.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://img.blauwnieuwsbrief.com/2021/10/956356/twitter.png Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
img.blauwnieuwsbrief.com
immowise.go2cloud.org
news.blueaanbieding.com
www.partena-ziekenfonds.be
116.203.118.191
142.250.186.35
172.217.16.138
193.149.246.164
52.210.2.133
54.36.145.173
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c907a99e6b073d9198860614e37352aa11d0e48c7a7958f2cc4d6b6641c28f5d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9548489ce92ce55542f441a1319ef5c059f8717bdf37badeccf7581394c347
f04236b247e99f21f5cd8ca69d4195d60c39a526bffad8812bf4b941903fcb28

news.blueaanbieding.com Open in urlscan Pro 116.203.118.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

18 Requests

22 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

6 IPs

5 Countries

78 kBTransfer

105 kBSize

0 Cookies

2 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

12 Console Messages

Indicators

news.blueaanbieding.com Open in urlscan Pro
116.203.118.191 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

22 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

5
Countries

78 kB
Transfer

105 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions