news.breakingnewsdeals.be

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 91.197.72.25, located in Netherlands and belongs to FUNDAMENTS-AS, NL. The main domain is news.breakingnewsdeals.be.
TLS certificate: Issued by R3 on April 21st 2023. Valid for: 3 months.

This is the only time news.breakingnewsdeals.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	91.197.72.25 91.197.72.25	20559 (FUNDAMENT...) (FUNDAMENTS-AS)
1	136.243.89.186 136.243.89.186	24940 (HETZNER-AS) (HETZNER-AS)
1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
1	54.77.58.216 54.77.58.216	16509 (AMAZON-02) (AMAZON-02)
6	4

3 91.197.72.25 (Netherlands)

ASN20559 (FUNDAMENTS-AS, NL)
PTR: eu25.webpower.eu

news.breakingnewsdeals.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.89.186 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.89.243.136.clients.your-server.de

fbamso.stripocdn.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

immowise.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.58.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-58-216.eu-west-1.compute.amazonaws.com

trkt.dotmediadgtl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	breakingnewsdeals.be news.breakingnewsdeals.be	6 KB
1	dotmediadgtl.com trkt.dotmediadgtl.com	523 B
1	go2cloud.org immowise.go2cloud.org — Cisco Umbrella Rank: 679887	523 B
1	stripocdn.email fbamso.stripocdn.email — Cisco Umbrella Rank: 698616	688 KB
6	4

	Domain	Requested by
3	news.breakingnewsdeals.be	news.breakingnewsdeals.be
1	trkt.dotmediadgtl.com	news.breakingnewsdeals.be
1	immowise.go2cloud.org	news.breakingnewsdeals.be
1	fbamso.stripocdn.email	news.breakingnewsdeals.be
6	4

This site contains links to these domains. Also see Links.

Domain
trkt.dotmediadgtl.com
demprivacy.com

Subject Issuer	Validity	Valid
news.breakingnewsdeals.be R3	`2023-04-21` - `2023-07-20`	3 months	crt.sh
*.stripocdn.email Sectigo RSA Domain Validation Secure Server CA	`2022-12-05` - `2023-12-09`	a year	crt.sh
*.go2cloud.org Amazon RSA 2048 M02	`2023-02-21` - `2024-03-21`	a year	crt.sh
trkt.dotmediadgtl.com Amazon RSA 2048 M01	`2023-02-09` - `2023-10-25`	9 months	crt.sh

This page contains 1 frames:

Primary Page: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216
Frame ID: F9776829BEB4622E88B6CA709A8FB22C
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hoe u kunt genieten van vakantieplezier en een top rendementHoe u kunt genieten van vakantieplezier en een top rendement

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

695 kB
Transfer

713 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://trkt.dotmediadgtl.com/aff_c?offer_id=1472&aff_id=1022&file_id=1524&aff_sub=Breakingnewsdeals
Title: Ontvang meer informatie

Search URL Search Domain Scan URL

URL: https://demprivacy.com/NL/privacy_NL.html
Title: hier bekijken

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
news.breakingnewsdeals.be/x/ 25 KB
5 KB 251ms
74ms Document
text/html 91.197.72.25
FUNDAMENTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

91.197.72.25 , Netherlands, ASN20559 (FUNDAMENTS-AS, NL),

Reverse DNS

eu25.webpower.eu

Software

nginx /

Resource Hash

bf592017f8a6af5e4b1149f7217a3fb54b5795825d11d0a32e2f1bebc768d3f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-length: 5010
content-type: text/html; charset=UTF-8
date: Sat, 22 Apr 2023 14:51:32 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-robots-tag: noindex, nofollow, noarchive

GET
H2 200 social-share.css
news.breakingnewsdeals.be/x/ 1 KB
789 B 28ms
28ms Stylesheet
text/css 91.197.72.25
FUNDAMENTS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://news.breakingnewsdeals.be/x/social-share.css

Requested by

Host: news.breakingnewsdeals.be
URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

91.197.72.25 , Netherlands, ASN20559 (FUNDAMENTS-AS, NL),

Reverse DNS

eu25.webpower.eu

Software

nginx /

Resource Hash

83aab2810a20bd4bd22192dd9d0bbbbd21ad5974a276ded652f78b73f83dc977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:51:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 12 Oct 2022 11:03:35 GMT
server: nginx
etag: "4d2-5ead458108fc0-gzip"
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 576

GET
H2 200 ontwerp_zonder_titel_15.png
fbamso.stripocdn.email/content/guids/CABINET_fa5daaaff666c3a423403565bd75d98e/images/ 687 KB
688 KB 148ms
47ms Image
image/png 136.243.89.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fbamso.stripocdn.email/content/guids/CABINET_fa5daaaff666c3a423403565bd75d98e/images/ontwerp_zonder_titel_15.png

Requested by

Host: news.breakingnewsdeals.be
URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

136.243.89.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.89.243.136.clients.your-server.de

Software

nginx /

Resource Hash

6e44d4182c2f782aa103b3c12fb0bcfaebe8423bed7e0f58a337a708ae678c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.breakingnewsdeals.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:51:33 GMT
x-amz-version-id: telIHy7XqPtwhAuV7KHcPTynzihLgsm0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn1
x-cache-status: HIT
x-amz-meta-orgignalwidth: 800
content-length: 703141
last-modified: Thu, 06 Oct 2022 13:33:29 GMT
server: nginx
etag: "7aa53c8bc0773d206e657b1415bc5d20"
x-amz-meta-orgignalheigth: 400
content-type: image/png
x-amz-meta-stripooriginalfilename: Ontwerp+zonder+titel+%2815%29.png
cache-control: max-age=31536000
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_fa5daaaff666c3a423403565bd75d98e%2Fimages%2Fstripothumbnailurlontwerp_zonder_titel_15.png

GET
H/1.1 200
OK aff_i
immowise.go2cloud.org/ 43 B
523 B 184ms
45ms Image
image/gif 52.210.2.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://immowise.go2cloud.org/aff_i?offer_id=10&file_id=147&aff_id=1045
Requested by: Host: news.breakingnewsdeals.be
URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.2.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.breakingnewsdeals.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 14:51:33 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 102e99d43e07565c54db0e50e261bc
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: c3c59d1198e61bf708831d4b380585d2
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_i
trkt.dotmediadgtl.com/ 43 B
523 B 187ms
43ms Image
image/gif 54.77.58.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trkt.dotmediadgtl.com/aff_i?offer_id=1472&aff_id=1022&file_id=1524
Requested by: Host: news.breakingnewsdeals.be
URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.58.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-58-216.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.breakingnewsdeals.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 22 Apr 2023 14:51:33 GMT
Content-Encoding: gzip
Server: nginx
Tracking_id: 1022a2f9d530ecef9540a416a75992
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
X-Request-Id: f3ed679ebc9566aeb95c708f637d9dad
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 /
news.breakingnewsdeals.be/x/p/ 45 B
255 B 36ms
36ms Image
image/gif 91.197.72.25
FUNDAMENTS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news.breakingnewsdeals.be/x/p/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJL6P8nWEAAA82

Requested by

Host: news.breakingnewsdeals.be
URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

91.197.72.25 , Netherlands, ASN20559 (FUNDAMENTS-AS, NL),

Reverse DNS

eu25.webpower.eu

Software

nginx /

Resource Hash

2260e69c5ab65c15b446a0887ca1907451ac2a5b9a3d5f75f31f42737d94fa7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 22 Apr 2023 14:51:33 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 22 Apr 2023 14:51:33GMT
server: nginx
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 45
expires: Mon, 01 Jul 2003 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216 Message: Mixed Content: The page at 'https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216' was loaded over HTTPS, but requested an insecure element 'http://immowise.go2cloud.org/aff_i?offer_id=10&file_id=147&aff_id=1045'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216(Line 402) Message: Mixed Content: The page at 'https://news.breakingnewsdeals.be/x/?S7Y1_59ra2hubvE.x9bI2NDwf5GtoaGBoZnh.5z8ZNu81PJivaSi1MTszLx0ECclNTEHKJIKAAA69&Z=552027216' was loaded over HTTPS, but requested an insecure element 'http://immowise.go2cloud.org/aff_i?offer_id=10&file_id=147&aff_id=1045'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fbamso.stripocdn.email
immowise.go2cloud.org
news.breakingnewsdeals.be
trkt.dotmediadgtl.com
136.243.89.186
52.210.2.133
54.77.58.216
91.197.72.25
2260e69c5ab65c15b446a0887ca1907451ac2a5b9a3d5f75f31f42737d94fa7d
6e44d4182c2f782aa103b3c12fb0bcfaebe8423bed7e0f58a337a708ae678c3b
83aab2810a20bd4bd22192dd9d0bbbbd21ad5974a276ded652f78b73f83dc977
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
bf592017f8a6af5e4b1149f7217a3fb54b5795825d11d0a32e2f1bebc768d3f5

news.breakingnewsdeals.be Open in urlscan Pro 91.197.72.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

695 kBTransfer

713 kBSize

0 Cookies

2 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

news.breakingnewsdeals.be Open in urlscan Pro
91.197.72.25 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

695 kB
Transfer

713 kB
Size

0
Cookies

6 HTTP transactions
0 data transactions