urlscan.io logo urlscan.io
SecurityTrails logo

news.blueaanbieding.com Open in urlscan Pro
116.203.118.191  Public Scan

Go To Rescan Add Verdict Report
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Submission: On November 18 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 7 HTTP transactions. The main IP is 116.203.118.191, located in Germany and belongs to HETZNER-AS, DE. The main domain is news.blueaanbieding.com.
This is the only time news.blueaanbieding.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 116.203.118.191 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 78.47.111.159 24940 (HETZNER-AS)
1 18.202.12.61 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 5
2    116.203.118.191 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb04.brm24.de
news.blueaanbieding.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    78.47.111.159 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.159.111.47.78.clients.your-server.de
fbamso.stripocdn.email
1    18.202.12.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
immowise.go2cloud.org
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
2 fbamso.stripocdn.email news.blueaanbieding.com
2 news.blueaanbieding.com news.blueaanbieding.com
1 fonts.gstatic.com fonts.googleapis.com
1 immowise.go2cloud.org news.blueaanbieding.com
1 fonts.googleapis.com news.blueaanbieding.com
7 5

This site contains links to these domains. Also see Links.

Domain
www.blueaanbieding.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.stripocdn.email
Sectigo RSA Domain Validation Secure Server CA		 2020-11-30 -
2021-12-09		 a year crt.sh
*.go2cloud.org
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
news.blueaanbieding.com
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Frame ID: 1554601CFC88291A68C59BB7A105FF35
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

7
Requests

86 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1402 kB
Transfer

1431 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request vo.php
news.blueaanbieding.com/ 		29 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Protocol
HTTP/1.1
Server
116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb04.brm24.de
Software
nginx/1.18.0 /
Resource Hash
6cca562ddcbd63dbdc228e40d068a5ce1e6316de1e9655f741170a30f5a18862

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.18.0
Date
Thu, 18 Nov 2021 10:20:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Requested by
Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8ab6745de70cebc6209b53dd59820a04cbf7f480145c925860a2829ce24be3c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://news.blueaanbieding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 08:33:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 18 Nov 2021 10:20:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Nov 2021 10:20:25 GMT
novulo2.jpg
fbamso.stripocdn.email/content/guids/CABINET_43690314d086f2feefb4bb355040c34e/images/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbamso.stripocdn.email/content/guids/CABINET_43690314d086f2feefb4bb355040c34e/images/novulo2.jpg
Requested by
Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.47.111.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.111.47.78.clients.your-server.de
Software
nginx /
Resource Hash
a5b90e437595cabc2305e5688d0052bc054e2a476ae1279b3900dda0fe47cd8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://news.blueaanbieding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 10:20:25 GMT
x-amz-meta-stripooriginalfilename
Novulo2.jpg
last-modified
Wed, 03 Nov 2021 09:53:33 GMT
server
nginx
x-amz-request-id
79D031PERZZT4JK5
etag
"c3c68327f3ca636da7f3924eedaf1837"
x-cache-status
HIT
x-amz-meta-orgignalheigth
533
content-type
image/jpeg
access-control-allow-origin
*
x-amz-meta-orgignalwidth
800
content-length
245573
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_43690314d086f2feefb4bb355040c34e%2Fimages%2Fstripothumbnailurlnovulo2.jpg
x-amz-version-id
w0Wm4a88YBHwQVmHBzjgfNxyLNnkitBQ
x-amz-id-2
EOvBqQaP9hBjN8EfArnbj9+d/4MHfpznbP+JmlXJZfBxqW+geC2v8GK4/mDeI5dS5rm6ocp8rCM=
novulo11.png
fbamso.stripocdn.email/content/guids/CABINET_43690314d086f2feefb4bb355040c34e/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fbamso.stripocdn.email/content/guids/CABINET_43690314d086f2feefb4bb355040c34e/images/novulo11.png
Requested by
Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
78.47.111.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.111.47.78.clients.your-server.de
Software
nginx /
Resource Hash
304ed5e0df681f24cc05aff5f8fb6ad0577eda3864e136d24788346ce071eaca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://news.blueaanbieding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 10:20:25 GMT
x-amz-meta-stripooriginalfilename
Novulo11.png
last-modified
Wed, 03 Nov 2021 09:53:32 GMT
server
nginx
x-amz-request-id
79DA142YT8N4W8HN
etag
"f877698cd75d983fcf71059ae394c7fa"
x-cache-status
HIT
x-amz-meta-orgignalheigth
731
content-type
image/png
access-control-allow-origin
*
x-amz-meta-orgignalwidth
1311
content-length
1133931
x-amz-meta-stripothumbnailurl
https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_43690314d086f2feefb4bb355040c34e%2Fimages%2Fstripothumbnailurlnovulo11.png
x-amz-version-id
5CsqxN_AyHttPgtkxiN8a7DAoiHtrp_K
x-amz-id-2
Ae0aTmJdw0e6xO+mjy8FSX9etKkapG9O/7RVsG8rB6yf1b4owutwJgBncciXt7dU0CyCVBfPhBU=
aff_i
immowise.go2cloud.org/ 		43 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://immowise.go2cloud.org/aff_i?offer_id=103&aff_id=1&file_id=94
Requested by
Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.202.12.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-202-12-61.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://news.blueaanbieding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 10:20:25 GMT
Content-Encoding
gzip
Server
nginx
Tracking_id
1025b494b6f08d375591fd2b57a3ef
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Tune-SDK-Version
X-Request-Id
5a277cb5c5d4827fe9ec1530543bf23a
Expires
Sat, 26 Jul 1997 05:00:00 GMT
O
news.blueaanbieding.com/ 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.blueaanbieding.com/O?20153-1329436-604391-1093933726-999-4-222.gif
Requested by
Host: news.blueaanbieding.com
URL: http://news.blueaanbieding.com/vo.php?client_id=20153&campagne_id=1329436&message_id=604391&mid=14adecfc6d90075475061faf53b6b5de
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.203.118.191 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb04.brm24.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://news.blueaanbieding.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 10:20:25 GMT
Server
nginx/1.18.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://news.blueaanbieding.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 15:57:38 GMT
x-content-type-options
nosniff
age
66167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 17 Nov 2022 15:57:38 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies