URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYq...
Submission: On May 31 via api from BE

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 2a02:26f0:eb::214:bef5, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is mailing.mediafin.be.
This is the only time mailing.mediafin.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
3 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 13.224.95.111 16509 (AMAZON-02)
2 35.205.232.200 15169 (GOOGLE)
8 4
Domain Requested by
3 images.tijd.be mailing.mediafin.be
2 ads-mediafin.adhese.com mailing.mediafin.be
2 mailing.mediafin.be mailing.mediafin.be
1 pool-mediafin.adhese.com mailing.mediafin.be
8 4

This site contains links to these domains. Also see Links.

Domain
www.tijd.be
Subject Issuer Validity Valid
www.tijd.be
Let's Encrypt Authority X3
2020-05-19 -
2020-08-17
3 months crt.sh
*.adhese.com
Amazon
2020-03-16 -
2021-04-16
a year crt.sh
ads-mediafin.adhese.com
Let's Encrypt Authority X3
2020-04-24 -
2020-07-23
3 months crt.sh

This page contains 1 frames:

Primary Page: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Frame ID: 6A4115764FD9E15F7A7B38E6EB0FD324
Requests: 8 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

8
Requests

75 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

185 kB
Transfer

182 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request optiextension.dll
mailing.mediafin.be/optiext/
32 KB
33 KB
Document
General
Full URL
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
HTTP/1.1
Server
2a02:26f0:eb::214:bef5 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
728ec1f32f760b631e2049551963e09fbc11967df25130fe3ba9de975e5a9a40

Request headers

Host
mailing.mediafin.be
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
text/html
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
33200
X-N
S
Expires
Sun, 31 May 2020 12:55:45 GMT
Cache-Control
max-age=0, no-cache
Pragma
no-cache
Date
Sun, 31 May 2020 12:55:45 GMT
Connection
keep-alive
logo_DT.png
mailing.mediafin.be/Images/Newsletters/
3 KB
4 KB
Image
General
Full URL
http://mailing.mediafin.be/Images/Newsletters/logo_DT.png
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
HTTP/1.1
Server
2a02:26f0:eb::214:bef5 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
13c8aa567c784c25c569e08c8aefeb8412b951adfa923645c23a7a9187725929

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 12:55:45 GMT
Last-Modified
Tue, 21 Nov 2017 12:57:25 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"b25e4347c862d31:0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3466
view
images.tijd.be/
28 KB
28 KB
Image
General
Full URL
https://images.tijd.be/view?iid=Elvis:7e6v3OQd4Pg9enlY1dLr9d&context=ONLINE&ratio=16/9&width=292&imageType=JPEG&ts=1590188522000
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::214:beeb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Skipper /
Resource Hash
69d5363eb34c03f8c99ed6fa2f8b4122326b0c277658a17e3790735dc88fbd26

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 12:55:45 GMT
Server
Skipper
Content-Type
image/jpeg;charset=UTF-8
Request-Reference
d2323b8a-89e9-45dc-b474-3d1e5efd44b3
Cache-Control
max-age=31532817
Connection
keep-alive
Content-Length
28172
X-Application-Context
[AX_15] MediafinImageServerApplicationModule
Expires
Sun, 23 May 2021 05:24:48 GMT
view
images.tijd.be/
26 KB
27 KB
Image
General
Full URL
https://images.tijd.be/view?iid=Elvis:3TF0xpo2qhJArugyaytvnQ&context=ONLINE&ratio=16/9&width=292&imageType=JPEG&ts=1590793203000
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::214:beeb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Skipper /
Resource Hash
597fcbe09cefcb21d8505620eb4c135d24028b7f93b52ed81c4b5a4a5eb149cc

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 12:55:45 GMT
Server
Skipper
Content-Type
image/jpeg;charset=UTF-8
Request-Reference
1a4dbbe9-93c9-4562-a52f-eebd16c5a24f
Cache-Control
max-age=31532817
Connection
keep-alive
Content-Length
26838
X-Application-Context
[AX_15] MediafinImageServerApplicationModule
Expires
Sun, 30 May 2021 05:36:33 GMT
view
images.tijd.be/
17 KB
17 KB
Image
General
Full URL
https://images.tijd.be/view?iid=Elvis:AJ1ZiX-sqWkBtQMYYzVsud&context=ONLINE&ratio=16/9&width=292&imageType=JPEG&ts=1590762415000
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb::214:beeb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Skipper /
Resource Hash
4e158c4580ad90c75c55c21d9e1f39d18e0ecd19e78bc863a4ad73bafe99e728

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 31 May 2020 12:55:45 GMT
Server
Skipper
Content-Type
image/jpeg;charset=UTF-8
Request-Reference
630c80fc-92f6-4ec3-af6c-6791fd9474ca
Cache-Control
max-age=31532817
Connection
keep-alive
Content-Length
17130
X-Application-Context
[AX_15] MediafinImageServerApplicationModule
Expires
Sun, 30 May 2021 05:34:46 GMT
19164.jpg
pool-mediafin.adhese.com/pool/lib/
76 KB
76 KB
Image
General
Full URL
https://pool-mediafin.adhese.com/pool/lib/19164.jpg
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.95.111 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-111.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e381ade147028fd95b5dd75804df74f871903f50305f6393e35b9f232afbf30

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 31 May 2020 12:55:46 GMT
via
1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront)
last-modified
Tue, 28 Apr 2020 15:06:20 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
etag
"cd79c8a1f754d4a0a515ebf98bad5b79"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
77773
x-amz-cf-id
brpAyAL-TKgladRw8DjJyWibJc5jtOGu6N5dP-ghbCfQgPIqKi-d2w==
/
ads-mediafin.adhese.com/track/118812//sl11901/dtunknown/ogcontrol/absubscriber/II4c29fc46-a3f8-4592-9ecf-b0286fa3f13b/coIE/tlnone/A2127.68.78.84/
43 B
513 B
Image
General
Full URL
https://ads-mediafin.adhese.com/track/118812//sl11901/dtunknown/ogcontrol/absubscriber/II4c29fc46-a3f8-4592-9ecf-b0286fa3f13b/coIE/tlnone/A2127.68.78.84/?t=1590779535621
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.205.232.200 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
200.232.205.35.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 12:55:45 GMT
x-content-type-options
nosniff
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
status
200
cache-control
must-revalidate
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
X-Requested-With
x-xss-protection
1; mode=block
/
ads-mediafin.adhese.com/track/118812//sl11901/dtunknown/ogcontrol/abvisitor/II902f53fb-7af0-4109-a8ea-f813fd6b273b/coIE/tlnone/A2127.68.78.84/
43 B
512 B
Image
General
Full URL
https://ads-mediafin.adhese.com/track/118812//sl11901/dtunknown/ogcontrol/abvisitor/II902f53fb-7af0-4109-a8ea-f813fd6b273b/coIE/tlnone/A2127.68.78.84/?t=1590779535645
Requested by
Host: mailing.mediafin.be
URL: http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.205.232.200 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
200.232.205.35.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://mailing.mediafin.be/optiext/optiextension.dll?ID=bPIbMb+mA8_Lz8k7D+2icTNvjDksUkFRMgmOaGHIFYj64JfXjF7L+jqz07E3gjB7SYqPk2GGT+4_HKjV+VX5jfBNxRmPV
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 May 2020 12:55:45 GMT
x-content-type-options
nosniff
server
nginx/1.17.8
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", policyref="/w3c/p3p.xml"
status
200
cache-control
must-revalidate
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
X-Requested-With
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies