urlscan.io logo urlscan.io
SecurityTrails logo

mails.mediafin.be Open in urlscan Pro
2606:4700::6811:7912  Public Scan

Go To Rescan Add Verdict Report
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGM...
Submission: On June 02 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2606:4700::6811:7912, located in United States and belongs to CLOUDFLARENET, US. The main domain is mails.mediafin.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 24th 2020. Valid for: a year.
This is the only time mails.mediafin.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
8 3
Apex Domain
Subdomains		 Transfer
4 emsecure.net
rossel.emsecure.net
12 KB
3 tijd.be
static.tijd.be
104 KB
1 mediafin.be
mails.mediafin.be
4 KB
8 3
Domain Requested by
4 rossel.emsecure.net mails.mediafin.be
3 static.tijd.be mails.mediafin.be
1 mails.mediafin.be
8 3

This site contains no links.

Subject Issuer Validity Valid
mails.mediafin.be
Cloudflare Inc ECC CA-3		 2020-07-24 -
2021-07-24		 a year crt.sh
*.emsecure.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-19 -
2022-04-19		 a year crt.sh
www.tijd.be
R3		 2021-05-20 -
2021-08-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Frame ID: 78F539426279AE8BE7AD7D59AC2F1394
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

8
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

121 kB
Transfer

139 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
mails.mediafin.be/optiext/ 		24 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95fb9a4bc4983ff217750e9f47482f1f49f82e2a8bb4eaf570c0e6bb2df63a77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
mails.mediafin.be
:scheme
https
:path
/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:22:37 GMT
content-type
text/html
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-cache-status
DYNAMIC
cf-request-id
0a706b5be50000974e933ea000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
659414d96bbb974e-FRA
content-encoding
br
logo_DBonTour.png
rossel.emsecure.net/images/Mediafin/DeBelegger/OnTour/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Mediafin/DeBelegger/OnTour/logo_DBonTour.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:fbeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c1a7710786ce1657e66c7a9320814e59e52e531f1a78de484cf2a266bafb15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:22:37 GMT
cf-cache-status
HIT
age
378
cf-polished
origSize=12347
last-modified
Mon, 18 Jan 2021 09:54:26 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
5998
cf-request-id
0a706b5c7f0000074627bf2000000001
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"d42645e87fedd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
659414da6e700746-FRA
expires
Wed, 02 Jun 2021 22:52:37 GMT
arrow_black_transp.png
rossel.emsecure.net/images/Mediafin/DeBelegger/ 		121 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Mediafin/DeBelegger/arrow_black_transp.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:fbeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f4913b6d0de46c576866c60a1cfba5b12728980dcf08a50fdd9c986d2bb743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:22:37 GMT
cf-cache-status
HIT
age
378
cf-polished
origSize=264
last-modified
Tue, 18 May 2021 12:42:07 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
121
cf-request-id
0a706b5c8300000746f4248000000001
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"9075b636e34bd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
659414da6e730746-FRA
expires
Wed, 02 Jun 2021 22:52:37 GMT
sign_bakelants.gif
rossel.emsecure.net/images/SMC/automatic_mailings/DeBelegger/BG_IN_Welkomstraject/welkom_mail_1/NL/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/SMC/automatic_mailings/DeBelegger/BG_IN_Welkomstraject/welkom_mail_1/NL/sign_bakelants.gif?no-cache=1
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:fbeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea8947378138350977380e96b4d3a57ab66abc5adb382c1bf49f40540b340348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:22:37 GMT
cf-cache-status
HIT
age
378
cf-polished
status=not_needed
last-modified
Wed, 21 Oct 2020 19:19:06 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
1486
cf-request-id
0a706b5c800000074648954000000001
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"e42aebdfa7d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-xss-protection
1; mode=block
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
659414da6e740746-FRA
expires
Wed, 02 Jun 2021 22:52:37 GMT
DB_logo_mail.png
rossel.emsecure.net/images/Mediafin/DeBelegger/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Mediafin/DeBelegger/DB_logo_mail.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:fbeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d74b854ff6ce70f841734918d93ee583ec87ef40428adc9dcfcd243a91b8f01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 02 Jun 2021 22:22:37 GMT
cf-cache-status
HIT
age
378
cf-polished
origSize=5243
last-modified
Mon, 18 Jan 2021 11:28:40 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-length
3939
cf-request-id
0a706b5c80000007466c236000000001
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
server
cloudflare
etag
"20354f128dedd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
x-xss-protection
1; mode=block
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
659414da6e750746-FRA
expires
Wed, 02 Jun 2021 22:52:37 GMT
Ageas.png
static.tijd.be/belegger/img/logo/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tijd.be/belegger/img/logo/Ageas.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
a62b88df3ef485629d4ca547224a53f61618d75030c45e4782e2d71e74af9863

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 22:22:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 18 Sep 2019 08:22:16 GMT
Server
nginx/1.17.3
X-Amz-Request-Id
2SAMX9XK9SR430VA
ETag
"ae5533e062bde36d79692c4eb390e4bd"
Vary
Accept-Encoding
Content-Type
image/png
Server-Timing
dtRpid;desc="-99696800"
Connection
keep-alive
Content-Length
60201
X-Amz-Id-2
74tazB6Iytc/ieL3mL4Vd6ZMHyeDYZ44sNbP/7Jt+ZUFJHnzjhDSPeJIk10GPeyRoSpaEaEiMfw=
retail-estates.png
static.tijd.be/belegger/img/logo/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tijd.be/belegger/img/logo/retail-estates.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
91a40500b356f194f304eaec68a596f8d0bd20d26d8c1ae149b98a0a5cfbd2df

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 22:22:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 May 2021 12:07:58 GMT
Server
nginx/1.17.3
X-Amz-Request-Id
ZN6ZYV5817XKBP9M
ETag
"933cb8bc66c93095a93c012a5334f659"
Vary
Accept-Encoding
X-Amz-Meta-Sha256
91a40500b356f194f304eaec68a596f8d0bd20d26d8c1ae149b98a0a5cfbd2df
Content-Type
image/png
Server-Timing
dtRpid;desc="-634675124"
Connection
keep-alive
Content-Length
22773
X-Amz-Id-2
h3jsXwD9F4/yrktGDGWL/ZC8pS+vTrFxNgvFx4AWit4CG7YHpVhaavwvJQL7k8xl9tifWSZsZo8=
X-Amz-Meta-S3b-Last-Modified
20210518T120702Z
unified-post.png
static.tijd.be/belegger/img/logo/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tijd.be/belegger/img/logo/unified-post.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=rZYrXApmdCKmxP4e+un12ma284b3MF4RbU8Q8TO0RtE714Fbyk8birc3SkCDzGfDcGMxY0gfP0f1GKvCPGVvNfl1y5gj4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba83 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7fa16d4db8b481746364613b50b413296e957c27e2c143064ca85d78ca22c04f

Request headers

Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 02 Jun 2021 22:22:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 May 2021 12:07:58 GMT
Server
nginx/1.17.3
X-Amz-Request-Id
ZN6YHXAP76N924WB
ETag
"323b5c7e2e4a7a0a607c209e1f2aa7b2"
Vary
Accept-Encoding
X-Amz-Meta-Sha256
7fa16d4db8b481746364613b50b413296e957c27e2c143064ca85d78ca22c04f
Content-Type
image/png
Server-Timing
dtRpid;desc="-1459515299"
Connection
keep-alive
Content-Length
22394
X-Amz-Id-2
5uxPmMw/gyAExPbcng0xJfwXVyjiWNQ4LWmpCxQDrUYRs4t1IWRmy6LPvOexovj/XVZyECLaW4E=
X-Amz-Meta-S3b-Last-Modified
20210518T120741Z

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block