mails.mediafin.be Open in urlscan Pro
2606:4700::6811:7a12 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZ...
Submission: On November 12 via api (November 12th 2021, 4:26:09 am UTC) from BE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700::6811:7a12, located in United States and belongs to CLOUDFLARENET, US. The main domain is mails.mediafin.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 23rd 2021. Valid for: a year.

This is the only time mails.mediafin.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6811:7a12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6811:fceb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.222.214.95 52.222.214.95	16509 (AMAZON-02) (AMAZON-02)
2	35.205.165.27 35.205.165.27	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
17	6

1 2606:4700::6811:7a12 (United States)

ASN13335 (CLOUDFLARENET, US)

mails.mediafin.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6811:fceb (United States)

ASN13335 (CLOUDFLARENET, US)

rossel.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

images.tijd.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-95.fra56.r.cloudfront.net

pool-mediafin.adhese.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.165.27 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 27.165.205.35.bc.googleusercontent.com

ads-mediafin.adhese.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	emsecure.net rossel.emsecure.net	36 KB
3	adhese.com pool-mediafin.adhese.com ads-mediafin.adhese.com	8 KB
2	gstatic.com fonts.gstatic.com	75 KB
1	tijd.be images.tijd.be	170 KB
1	mediafin.be mails.mediafin.be	7 KB
17	5

	Domain	Requested by
10	rossel.emsecure.net	mails.mediafin.be
2	fonts.gstatic.com	mails.mediafin.be
2	ads-mediafin.adhese.com	mails.mediafin.be
1	pool-mediafin.adhese.com	mails.mediafin.be
1	images.tijd.be	mails.mediafin.be
1	mails.mediafin.be
17	6

This site contains no links.

Subject Issuer	Validity	Valid
mails.mediafin.be Cloudflare Inc ECC CA-3	`2021-06-23` - `2022-06-22`	a year	crt.sh
*.emsecure.net DigiCert TLS RSA SHA256 2020 CA1	`2021-03-19` - `2022-04-19`	a year	crt.sh
tijd.be R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.adhese.com Amazon	`2021-06-02` - `2022-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv
Frame ID: 53A44A0F4B689D0A9B56216E5D07DA23
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Europese beurzen gaan lichtrode opening tegemoet | Agfa: 'Inflatiedruk zal ook in 2022 impact hebben'

Page Statistics

17
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

296 kB
Transfer

333 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request optiextension.dll Show response
mails.mediafin.be/optiext/ 48 KB
7 KB 126ms
108ms Document
text/html 2606:4700::6811:7a12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bd9883e126e283a3b6fdd79d5420e6bfc1c0e7ee6d183e716112bc081762ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6acd00029f534ea4-FRA
content-encoding: br

GET
H2 200 atom-logo-logo-tijd@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 1 KB
1 KB 156ms
112ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/atom-logo-logo-tijd@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6fb5f071e2a14e392c4137288f1824ba74b44bdb9720bc44686f41d08b96df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 1318
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "94feb7c44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003ae512b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 Ellen_Vermorgen_v2.png
rossel.emsecure.net/images/Templates/DeTijd_Voorbeurs/ 15 KB
15 KB 152ms
109ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd_Voorbeurs/Ellen_Vermorgen_v2.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c963bec47f82178220b4862047ade5a0620ae17bffb65aa624f27f17e6cba3ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=22990
last-modified: Wed, 08 Sep 2021 10:16:15 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 15371
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2637b8e9aa4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003ae532b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 agenda-tijd@3x.png
rossel.emsecure.net/images/Templates/DeTijd_Voorbeurs/ 1 KB
1 KB 144ms
102ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd_Voorbeurs/agenda-tijd@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a4789b1a1c58f683ca12878faec95347333e19442ff9d115e495108c4d5834b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=1127
last-modified: Mon, 30 Aug 2021 16:08:43 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 1121
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "92ce84db99dd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003ae542b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H/1.1 200
OK view
images.tijd.be/ 169 KB
170 KB 241ms
205ms Image
image/jpeg 2a02:26f0:6c00::210:ba21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.tijd.be/view?iid=Elvis:9d2kBGQuawU9Md55YhNSLS&context=ONLINE&ratio=16/9&width=1280&u=1636407686000
Requested by: Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Skipper /
Resource Hash: 5d95325a80bbf1ce1cf12763879710f9d2b48b5a45f6fb09d4e96e7f12adbb22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:26:04 GMT
Server: Skipper
Transfer-Encoding: chunked
Content-Type: image/jpeg;charset=UTF-8
Request-Reference: 5eb759bf-a82d-40af-9981-24f1cc7f5a99
Cache-Control: max-age=31532817
Server-Timing: dtRpid;desc="2046608728", dtSInfo;desc="0"
Connection: keep-alive, Transfer-Encoding
X-Oneagent-Js-Injection: true
Expires: Sat, 12 Nov 2022 03:33:01 GMT

GET
H2 200 46030_0.png
pool-mediafin.adhese.com/pool/lib/ 7 KB
7 KB 38ms
8ms Image
image/png 52.222.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool-mediafin.adhese.com/pool/lib/46030_0.png
Requested by: Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22b191365cb96a54eeb2da709e1e546153496272e7a26cb0be08f5cd74c926ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:24 GMT
via: 1.1 63f629236e2f93bf1af732a50e42e587.cloudfront.net (CloudFront)
last-modified: Sun, 17 Oct 2021 22:13:07 GMT
server: AmazonS3
age: 123944
etag: "65d5889c0eb52e7e341a19e1d597db2a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-length: 7003
x-amz-cf-id: skVU7V27KpvuQXWPfXCJF3_bGNqz1c2tVopfFQPYo_A6fnpWuP4p1w==

GET
H2 200 facebook@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 2 KB
2 KB 154ms
113ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/facebook@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9456904a082392f229a2697ed3a86f4cfa444d4667975f997f3743c3e8e7a4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=1810
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 1796
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "eae0c5c44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003ae552b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 twitter@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 2 KB
2 KB 151ms
109ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/twitter@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6de8d42e780df8d8866895b555d08180d43a7f45274a1b67a9becece5fb2196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=2015
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 2008
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "68baebc44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003ae572b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 linkedin@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 2 KB
2 KB 155ms
113ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/linkedin@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c3bffc79d714b458ee2f5860c82cfe78f16493994b6e24e6d3edb0e45f8402e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=1960
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 1949
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2039ddc44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003ae592b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 youtube@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 2 KB
2 KB 105ms
104ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/youtube@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a6c418e30374dbb9dedb76af3e3740e8c781d90ee422adea0c2a5316d546474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=1900
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 1885
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "78d9f8c44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003de842b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 combined-shape-copy@3x.png
rossel.emsecure.net/images/Templates/DeTijd_Voorbeurs/ 2 KB
2 KB 103ms
103ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd_Voorbeurs/combined-shape-copy@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d6a03808157f57474bf1c2528bae888435c5dd3301d543d5660de1cb087f1b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=2271
last-modified: Fri, 10 Sep 2021 09:26:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 2265
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "fa2577eb25a6d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003de852b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 apple@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 3 KB
4 KB 105ms
105ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/apple@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf388f73a9c4718b56107f5e54e7cb3d15b5b90a781ccf853fab652890a99d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: origSize=3541
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 3526
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2c7ea0c44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003de862b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 google-play@3x.png
rossel.emsecure.net/images/Templates/DeTijd/ 4 KB
4 KB 110ms
109ms Image
image/png 2606:4700::6811:fceb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rossel.emsecure.net/images/Templates/DeTijd/google-play@3x.png

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf25cd0344a376728d6703e80f7dfde47b97f07bd78d867e984b44c6849d8ece

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:26:04 GMT
cf-cache-status: REVALIDATED
cf-polished: status=not_needed
last-modified: Wed, 23 Jun 2021 15:38:09 GMT
strict-transport-security: max-age=31536000; includeSubdomains
content-length: 4284
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "1ac8d1c44568d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6acd0003de882b59-FRA
expires: Fri, 12 Nov 2021 04:56:04 GMT

GET
H2 200 /
ads-mediafin.adhese.com/track/770170//sl19885/dtunknown/ogcontrol/absubscriber/II7cb89c72-6d80-455e-b33d-7db2bfec9042/coIE/tlnone/A2127.68.78.84/ 43 B
535 B 67ms
24ms Image
image/gif 35.205.165.27
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads-mediafin.adhese.com/track/770170//sl19885/dtunknown/ogcontrol/absubscriber/II7cb89c72-6d80-455e-b33d-7db2bfec9042/coIE/tlnone/A2127.68.78.84/?t=1636441255750

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.205.165.27 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

27.165.205.35.bc.googleusercontent.com

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
cache-control: must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
x-xss-protection: 1; mode=block

GET
H2 200 /
ads-mediafin.adhese.com/track/770170//sl19885/dtunknown/ogcontrol/abvisitor/II230dbc7c-aed5-4adf-b181-05d75751f6c3/coIE/tlnone/A2127.68.78.84/ 43 B
534 B 68ms
25ms Image
image/gif 35.205.165.27
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads-mediafin.adhese.com/track/770170//sl19885/dtunknown/ogcontrol/abvisitor/II230dbc7c-aed5-4adf-b181-05d75751f6c3/coIE/tlnone/A2127.68.78.84/?t=1636441255752

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.205.165.27 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

27.165.205.35.bc.googleusercontent.com

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mails.mediafin.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
cache-control: must-revalidate
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
x-xss-protection: 1; mode=block

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v27/ 51 KB
51 KB 292ms
206ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa400cfeb6d1019e0e3d18fd57ded1a50754057af2e5231a6d1ed2bfc5a07a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mails.mediafin.be/
Origin: https://mails.mediafin.be
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 13:27:37 GMT
x-content-type-options: nosniff
age: 53907
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51992
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:15:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 13:27:37 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v11/ 23 KB
23 KB 586ms
500ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v11/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=w01w3uyr0dxQhaG5jp8wngvYPsWLfQkVDniFiG8X3NP+ZLoMFuuVtZpX2g5Yxno2efZF6K2p0Cj6BJmQw_e1Eqy9GEIMv

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mails.mediafin.be/
Origin: https://mails.mediafin.be
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:03 GMT
x-content-type-options: nosniff
age: 361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23924
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 22:27:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 04:20:03 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-mediafin.adhese.com
fonts.gstatic.com
images.tijd.be
mails.mediafin.be
pool-mediafin.adhese.com
rossel.emsecure.net
2606:4700::6811:7a12
2606:4700::6811:fceb
2a00:1450:4001:808::2003
2a02:26f0:6c00::210:ba21
35.205.165.27
52.222.214.95
1a4789b1a1c58f683ca12878faec95347333e19442ff9d115e495108c4d5834b
22b191365cb96a54eeb2da709e1e546153496272e7a26cb0be08f5cd74c926ed
2d6a03808157f57474bf1c2528bae888435c5dd3301d543d5660de1cb087f1b1
2d6fb5f071e2a14e392c4137288f1824ba74b44bdb9720bc44686f41d08b96df
4c3bffc79d714b458ee2f5860c82cfe78f16493994b6e24e6d3edb0e45f8402e
5a6c418e30374dbb9dedb76af3e3740e8c781d90ee422adea0c2a5316d546474
5d95325a80bbf1ce1cf12763879710f9d2b48b5a45f6fb09d4e96e7f12adbb22
9456904a082392f229a2697ed3a86f4cfa444d4667975f997f3743c3e8e7a4b5
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
bf25cd0344a376728d6703e80f7dfde47b97f07bd78d867e984b44c6849d8ece
c963bec47f82178220b4862047ade5a0620ae17bffb65aa624f27f17e6cba3ac
cf388f73a9c4718b56107f5e54e7cb3d15b5b90a781ccf853fab652890a99d06
d6de8d42e780df8d8866895b555d08180d43a7f45274a1b67a9becece5fb2196
eced2a68da9eed95cc9c956e26607f9a6176500fd01cc1e41410b562b290e3ba
f7bd9883e126e283a3b6fdd79d5420e6bfc1c0e7ee6d183e716112bc081762ee
fa400cfeb6d1019e0e3d18fd57ded1a50754057af2e5231a6d1ed2bfc5a07a1e

mails.mediafin.be Open in urlscan Pro 2606:4700::6811:7a12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

100 %HTTPS

67 %IPv6

5 Domains

6 Subdomains

6 IPs

3 Countries

296 kBTransfer

333 kBSize

0 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

mails.mediafin.be Open in urlscan Pro
2606:4700::6811:7a12 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

296 kB
Transfer

333 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions