news.durvenwinnen.be Open in urlscan Pro
91.197.72.25 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Submission: On April 23 via api (April 23rd 2023, 8:45:54 am UTC) from BE — Scanned from NL

Summary HTTP 9 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 91.197.72.25, located in Netherlands and belongs to FUNDAMENTS-AS, NL. The main domain is news.durvenwinnen.be.
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.

This is the only time news.durvenwinnen.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	91.197.72.25 91.197.72.25	20559 (FUNDAMENT...) (FUNDAMENTS-AS)
1	35.186.231.97 35.186.231.97	15169 (GOOGLE) (GOOGLE)
4	2a00:b6e0:1:2... 2a00:b6e0:1:20:13::1	60362 (ALWAYSDATA) (ALWAYSDATA)
9	4

3 91.197.72.25 (Netherlands)

ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu

news.durvenwinnen.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.231.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.231.186.35.bc.googleusercontent.com

clk.tradedoubler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:b6e0:1:20:13::1 (France)

ASN60362 (ALWAYSDATA, FR)

imagesdem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	imagesdem.com imagesdem.com	281 KB
3	durvenwinnen.be news.durvenwinnen.be	8 KB
1	tradedoubler.com clk.tradedoubler.com — Cisco Umbrella Rank: 69088 impfr.tradedoubler.com Failed
9	3

	Domain	Requested by
4	imagesdem.com	news.durvenwinnen.be
3	news.durvenwinnen.be	news.durvenwinnen.be
1	clk.tradedoubler.com	news.durvenwinnen.be
0	impfr.tradedoubler.com Failed	news.durvenwinnen.be
9	4

This site contains links to these domains. Also see Links.

Domain
clk.tradedoubler.com
demprivacy.com

Subject Issuer	Validity	Valid
news.durvenwinnen.be R3	`2023-04-21` - `2023-07-20`	3 months	crt.sh
*.tradedoubler.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
imagesdem.com R3	`2023-03-25` - `2023-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Frame ID: 82512544BA91CD0706181A02C649226F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jeûne intermittent : Pourquoi et comment vous lancerJeûne intermittent : Pourquoi et comment vous lancer

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

89 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

289 kB
Transfer

320 kB
Size

2
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://clk.tradedoubler.com/click?p=330922&a=3280311&g=25254980&url=https://www.directe-sante.com/leads/aff-jeune?leadcode=PP41EXTAFFGAMJEUNUGDALL1E&leadcode2=G91GADGENA1&sourceid=3280311

Search URL Search Domain Scan URL

URL: https://clk.tradedoubler.com/click?p=330922&a=3280311&g=25254980&url=https://www.directe-sante.com/leads/jeune-202204?leadcode=PP41EXTAFFMTCJEUNUGDALL1N&leadcode2=PS410EXTAFFPPSJEUNUGDALL1G#LB-UA6FhdSqZrjCNGKGURHHaZ
Title: Le jeûne à la portée de tousCE soir, je ne mange pas !

Search URL Search Domain Scan URL

URL: https://demprivacy.com/NL/privacy_NL.html
Title: hier bekijken

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
news.durvenwinnen.be/x/ 38 KB
7 KB 236ms
74ms Document
text/html 91.197.72.25
FUNDAMENTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.197.72.25 , Netherlands, ASN20559 (FUNDAMENTS-AS, NL),

Reverse DNS

eu25.webpower.eu

Software

nginx /

Resource Hash

d4f554e45017f8ecac4e52fed730e7b7d200bd8fa1390082d2fafcd461cbaae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-length: 7043
content-type: text/html; charset=UTF-8
date: Sun, 23 Apr 2023 08:45:49 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive

GET
H2 200 social-share.css
news.durvenwinnen.be/x/ 1 KB
790 B 29ms
27ms Stylesheet
text/css 91.197.72.25
FUNDAMENTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://news.durvenwinnen.be/x/social-share.css

Requested by

Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.197.72.25 , Netherlands, ASN20559 (FUNDAMENTS-AS, NL),

Reverse DNS

eu25.webpower.eu

Software

nginx /

Resource Hash

83aab2810a20bd4bd22192dd9d0bbbbd21ad5974a276ded652f78b73f83dc977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:45:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 11:03:35 GMT
server: nginx
etag: "4d2-5ead458108fc0-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 576

GET
H2 200 click
clk.tradedoubler.com/ 0
0 101ms
33ms Stylesheet
text/html 35.186.231.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://clk.tradedoubler.com/click?p=330922&a=3280311&g=25254980&url=https://fonts.googleapis.com/css?family=Roboto
Requested by: Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.231.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 97.231.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 Capture_2.png
imagesdem.com/BE/directesante/ 30 KB
30 KB 290ms
37ms Image
image/png 2a00:b6e0:1:20:13::1
ALWAYSDATA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesdem.com/BE/directesante/Capture_2.png
Requested by: Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:b6e0:1:20:13::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software: Apache /
Resource Hash: e8ff2a7d8e629321fd87cc86ccf203076de268355251d55638101d4d25b58f9a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:45:49 GMT
via: 2.0 alproxy
last-modified: Wed, 04 May 2022 10:03:20 GMT
server: Apache
etag: "78d2-5de2cbc24aa00"
content-type: image/png
accept-ranges: bytes
content-length: 30930

GET
H2 200 image%20LP.jpg
imagesdem.com/BE/directesante/ 130 KB
130 KB 290ms
37ms Image
image/jpeg 2a00:b6e0:1:20:13::1
ALWAYSDATA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesdem.com/BE/directesante/image%20LP.jpg
Requested by: Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:b6e0:1:20:13::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software: Apache /
Resource Hash: 42f950a4f588e90339e5f29342e0cb40788a599f80d0649a9de10b51c942c07d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:45:49 GMT
via: 2.0 alproxy
last-modified: Wed, 25 May 2022 10:04:40 GMT
server: Apache
etag: "2082a-5dfd333943e00"
content-type: image/jpeg
accept-ranges: bytes
content-length: 133162

GET
H2 200 Capture%20d%e2%80%99%c3%a9cran%202021-02-19%20105700.jpg
imagesdem.com/BE/directesante/ 40 KB
40 KB 290ms
37ms Image
image/jpeg 2a00:b6e0:1:20:13::1
ALWAYSDATA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesdem.com/BE/directesante/Capture%20d%e2%80%99%c3%a9cran%202021-02-19%20105700.jpg
Requested by: Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:b6e0:1:20:13::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software: Apache /
Resource Hash: a3fbef02d5c460aad8e9a0c097b4c9858bdc7380194f6bc526eda821db5bd186

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:45:49 GMT
via: 2.0 alproxy
last-modified: Fri, 19 Feb 2021 09:57:31 GMT
server: Apache
etag: "9ff1-5bbad7b01b8c0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 40945

GET
H2 200 Capture%20d%e2%80%99%c3%a9cran%202021-02-19%20170644.jpg
imagesdem.com/BE/directesante/ 80 KB
80 KB 290ms
37ms Image
image/jpeg 2a00:b6e0:1:20:13::1
ALWAYSDATA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesdem.com/BE/directesante/Capture%20d%e2%80%99%c3%a9cran%202021-02-19%20170644.jpg
Requested by: Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:b6e0:1:20:13::1 , France, ASN60362 (ALWAYSDATA, FR),
Reverse DNS
Software: Apache /
Resource Hash: cf16910b4bcfdf130aefe177e8ecfb9542d86c869c6b0f00c48e16c2a2464676

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 08:45:49 GMT
via: 2.0 alproxy
last-modified: Fri, 19 Feb 2021 16:07:04 GMT
server: Apache
etag: "13f8a-5bbb2a49eda00"
content-type: image/jpeg
accept-ranges: bytes
content-length: 81802

GET imp
impfr.tradedoubler.com/ 0
0

GET
H2 200 /
news.durvenwinnen.be/x/p/ 45 B
257 B 33ms
33ms Image
image/gif 91.197.72.25
FUNDAMENTS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.durvenwinnen.be/x/p/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2k1P9JtoYAA67

Requested by

Host: news.durvenwinnen.be
URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

91.197.72.25 , Netherlands, ASN20559 (FUNDAMENTS-AS, NL),

Reverse DNS

eu25.webpower.eu

Software

nginx /

Resource Hash

2260e69c5ab65c15b446a0887ca1907451ac2a5b9a3d5f75f31f42737d94fa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 23 Apr 2023 08:45:49 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 23 Apr 2023 08:45:49GMT
server: nginx
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 45
expires: Mon, 01 Jul 2003 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: impfr.tradedoubler.com
URL: https://impfr.tradedoubler.com/imp?type(img)g(25254980)a(3280311)

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.tradedoubler.com/	1970-01-20 20:02:55	Name: BT Value: 1z11zz10hz4PY38zzzz9ydq1pNaB
			.tradedoubler.com/	1970-01-20 20:02:55	Name: UI Value: 1z11zz10hzM5WFuz1VtMyOgLj

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481 Message: Mixed Content: The page at 'https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481' was loaded over HTTPS, but requested an insecure element 'http://impfr.tradedoubler.com/imp?type(img)g(25254980)a(3280311)'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481(Line 547) Message: Mixed Content: The page at 'https://news.durvenwinnen.be/x/?S7a1.J9ra2hhZPg.x9bI2MT8f5GtkbmBgbnp.5z8ZNu81PJivZTSorLUvPLMvLzUPL2kVAAA60&Z=832358481' was loaded over HTTPS, but requested an insecure element 'http://impfr.tradedoubler.com/imp?type(img)g(25254980)a(3280311)'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://impfr.tradedoubler.com/imp?type(img)g(25254980)a(3280311) Message: Failed to load resource: net::ERR_INVALID_REDIRECT

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clk.tradedoubler.com
imagesdem.com
impfr.tradedoubler.com
news.durvenwinnen.be
impfr.tradedoubler.com
2a00:b6e0:1:20:13::1
35.186.231.97
91.197.72.25
2260e69c5ab65c15b446a0887ca1907451ac2a5b9a3d5f75f31f42737d94fa7d
42f950a4f588e90339e5f29342e0cb40788a599f80d0649a9de10b51c942c07d
83aab2810a20bd4bd22192dd9d0bbbbd21ad5974a276ded652f78b73f83dc977
a3fbef02d5c460aad8e9a0c097b4c9858bdc7380194f6bc526eda821db5bd186
cf16910b4bcfdf130aefe177e8ecfb9542d86c869c6b0f00c48e16c2a2464676
d4f554e45017f8ecac4e52fed730e7b7d200bd8fa1390082d2fafcd461cbaae3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ff2a7d8e629321fd87cc86ccf203076de268355251d55638101d4d25b58f9a

news.durvenwinnen.be Open in urlscan Pro 91.197.72.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

289 kBTransfer

320 kBSize

2 Cookies

3 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

3 Console Messages

Security Headers

Indicators

news.durvenwinnen.be Open in urlscan Pro
91.197.72.25 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

289 kB
Transfer

320 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions