urlscan.io logo urlscan.io
SecurityTrails logo

action.mediafin.be Open in urlscan Pro
2606:4700::6811:7a12  Public Scan

Go To Rescan Add Verdict Report
URL: https://action.mediafin.be/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0E...
Submission: On April 12 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 2606:4700::6811:7a12, located in United States and belongs to CLOUDFLARENET, US. The main domain is action.mediafin.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2020. Valid for: a year.
This is the only time action.mediafin.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:26f0:170... 20940 (AKAMAI-ASN1)
4 3
Apex Domain
Subdomains		 Transfer
2 tijd.be
static.tijd.be
4 MB
1 emsecure.net
rossel.emsecure.net
1 KB
1 mediafin.be
action.mediafin.be
4 KB
4 3
Domain Requested by
2 static.tijd.be action.mediafin.be
1 rossel.emsecure.net action.mediafin.be
1 action.mediafin.be
4 3

This site contains no links.

Subject Issuer Validity Valid
action.mediafin.be
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
*.emsecure.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-05-12		 2 years crt.sh
www.tijd.be
R3		 2021-02-15 -
2021-05-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://action.mediafin.be/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0ELWBfYciICGKflY8aSB_dQX3xfN
Frame ID: 313C5C312B278D0551A6391D254836DA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3600 kB
Transfer

3666 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
action.mediafin.be/optiext/ 		22 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://action.mediafin.be/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0ELWBfYciICGKflY8aSB_dQX3xfN
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21097a2c30b6ad78fa8ac8ce24977241beebbeec8ac76360775c4e257699c071
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
action.mediafin.be
:scheme
https
:path
/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0ELWBfYciICGKflY8aSB_dQX3xfN
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:10 GMT
content-type
text/html
set-cookie
__cfduid=d51ec8f9f35b5852db0e607150231b4bd1618269490; expires=Wed, 12-May-21 23:18:10 GMT; path=/; domain=.action.mediafin.be; HttpOnly; SameSite=Lax; Secure
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-cache-status
DYNAMIC
cf-request-id
0969f9e636000032441e892000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63f02c1d2ff43244-FRA
content-encoding
br
x.png
rossel.emsecure.net/Portal/ResourceHandler/static/ 		955 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/Portal/ResourceHandler/static/x.png?no-cache=1
Requested by
Host: action.mediafin.be
URL: https://action.mediafin.be/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0ELWBfYciICGKflY8aSB_dQX3xfN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c6c68a1b6ce8a91b1221cdbc8d0fa2887b22bd606ea151fff34a670b18aec3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://action.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 23:18:11 GMT
cf-cache-status
EXPIRED
strict-transport-security
max-age=31536000; includeSubdomains
content-length
955
cf-request-id
0969f9e6f6000005bf4d3f7000000001
referrer-policy
strict-origin
last-modified
Fri, 19 Mar 2021 11:31:10 GMT
server
cloudflare
etag
"1D71CB35C101300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
https://offer.slgnt.eu
x-xss-protection
1; mode=block
cache-control
public, max-age=86399
accept-ranges
bytes
cf-ray
63f02c1e5ffd05bf-FRA
expires
Tue, 13 Apr 2021 23:18:10 GMT
header_krant1_detijd.png
static.tijd.be/img/mailings/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tijd.be/img/mailings/header_krant1_detijd.png
Requested by
Host: action.mediafin.be
URL: https://action.mediafin.be/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0ELWBfYciICGKflY8aSB_dQX3xfN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:5::5f65:1b46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
7f372f40781948f5161077531d1f1f675ab962c02e64b18cb95e673d7fd27904

Request headers

Referer
https://action.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 23:18:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 25 Sep 2020 13:24:52 GMT
Server
nginx/1.17.3
X-Amz-Request-Id
44J3WBP3BWQ6KV4J
ETag
"bee511cbe3b0683d7bd881ea2d53cf57"
Vary
Accept-Encoding
X-Amz-Meta-Sha256
7f372f40781948f5161077531d1f1f675ab962c02e64b18cb95e673d7fd27904
Content-Type
image/png
Server-Timing
dtRpid;desc="-1530295223"
Connection
keep-alive
Content-Length
3678670
X-Amz-Id-2
l+AM94kh1V9+nPcxVquXaG/QCek/lxGCIbjO44LLHcCIwD2936GAIKZRKDNkk2O2UtUx/uOR9iU=
X-Amz-Meta-S3b-Last-Modified
20200925T132421Z
DT_vink.png
static.tijd.be/img/mailings/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.tijd.be/img/mailings/DT_vink.png
Requested by
Host: action.mediafin.be
URL: https://action.mediafin.be/optiext/optiextension.dll?ID=LhgLc4E8ocm9ojTub4Ztd9Jf9BrAZ7_BHNeh4Ao9exxtPadvSgX5abo9bpC0VfeOY0ELWBfYciICGKflY8aSB_dQX3xfN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:5::5f65:1b46 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.17.3 /
Resource Hash
9d0b31886729bc15ad6baf014645f3c350d1b16e9361f447d3feb376a7a8b0c9

Request headers

Referer
https://action.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 23:18:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 09:01:18 GMT
Server
nginx/1.17.3
X-Amz-Request-Id
6QNARFMCMRYHMA77
ETag
"42177507b0cb4412bed937b56ac0a201"
Vary
Accept-Encoding
X-Amz-Meta-Sha256
9d0b31886729bc15ad6baf014645f3c350d1b16e9361f447d3feb376a7a8b0c9
Content-Type
image/png
Server-Timing
dtRpid;desc="-72344961"
Connection
keep-alive
Content-Length
1583
X-Amz-Id-2
QmMvbb+v8YYIfKigSPpdkhonZ984iqLn2CbWHgU2p3PlzxkgVYl1ZemfF3ArAwljcsTdcsaIA60=
X-Amz-Meta-S3b-Last-Modified
20200924T085900Z

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

1 Cookies

Domain/Path Name / Value
.action.mediafin.be/ Name: __cfduid
Value: d51ec8f9f35b5852db0e607150231b4bd1618269490

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block