urlscan.io logo urlscan.io
SecurityTrails logo

mails.mediafin.be Open in urlscan Pro
2606:4700::6811:7a12  Public Scan

Go To Rescan Add Verdict Report
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pE...
Submission: On January 15 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2606:4700::6811:7a12, located in United States and belongs to CLOUDFLARENET, US. The main domain is mails.mediafin.be. The Cisco Umbrella rank of the primary domain is 549719.
TLS certificate: Issued by GTS CA 1P5 on December 15th 2023. Valid for: 3 months.
This is the only time mails.mediafin.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains		 Transfer
5 emsecure.net
rossel.emsecure.net — Cisco Umbrella Rank: 191497
181 KB
1 mediafin.be
mails.mediafin.be — Cisco Umbrella Rank: 549719
5 KB
6 2
Domain Requested by
5 rossel.emsecure.net mails.mediafin.be
1 mails.mediafin.be
6 2

This site contains no links.

Subject Issuer Validity Valid
mails.mediafin.be
GTS CA 1P5		 2023-12-15 -
2024-03-14		 3 months crt.sh
*.emsecure.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-05-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Frame ID: D0BA5A5EA75A7DBAFD493AD17F9A3293
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Your Save the Date for The Future of Europe Event with Niall Ferguson

Page Statistics

6
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

185 kB
Transfer

199 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request optiextension.dll
mails.mediafin.be/optiext/ 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:7a12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2270584539f1da32ad7c97ee4630b13d7a843b59cc357ed2335a9bd3af0e0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
845f7a72cefc5d39-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 16:26:04 GMT
referrer-policy
strict-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
header2_mob_FR.jpg
rossel.emsecure.net/images/Marketing/2024/mobility/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Marketing/2024/mobility/header2_mob_FR.jpg
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e4bf1893c951dbf5982d487c6dcab8f2516dd9e9c9f418820b8070dc684676d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
cf-cache-status
HIT
age
1092
cf-polished
origSize=144164
content-length
133147
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
last-modified
Fri, 12 Jan 2024 12:47:11 GMT
server
cloudflare
etag
"dc842f765545da1:0"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
845f7a73cf53910c-FRA
expires
Mon, 15 Jan 2024 16:56:04 GMT
bullet.png
rossel.emsecure.net/images/Marketing/2023/Mobility-Tomorrow/ 		634 B
972 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Marketing/2023/Mobility-Tomorrow/bullet.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1d3815d2946a83af55e9ff177671e425322cdb2dd81a4c9073404e26f8b8081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
cf-cache-status
HIT
age
1551
cf-polished
origSize=1015
content-length
634
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 20 Mar 2023 10:22:49 GMT
server
cloudflare
etag
"106ee0eb155bd91:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
845f7a73cf50910c-FRA
expires
Mon, 15 Jan 2024 16:56:04 GMT
Will%20Butler-Adams_kader.png
rossel.emsecure.net/images/Marketing/2024/mobility/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Marketing/2024/mobility/Will%20Butler-Adams_kader.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c38a36496c0360bef7ab77945975c1113bdfc905e48586d2e2055f0075312297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
cf-cache-status
HIT
age
1551
cf-polished
origSize=30207
content-length
27420
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
last-modified
Thu, 11 Jan 2024 15:34:36 GMT
server
cloudflare
etag
"981099aea344da1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
845f7a73cf4d910c-FRA
expires
Mon, 15 Jan 2024 16:56:04 GMT
mobility-tomorrow_logos_org_2024_FR.png
rossel.emsecure.net/images/Marketing/2024/mobility/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Marketing/2024/mobility/mobility-tomorrow_logos_org_2024_FR.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f05b8058192de59b943849d7055e8b450380b347dbcbcdd42e87f8de0a2e186
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
cf-cache-status
HIT
age
1092
cf-polished
origSize=14641
content-length
10416
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Jan 2024 10:15:22 GMT
server
cloudflare
etag
"6c4cc3bf9b47da1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
845f7a73cf4f910c-FRA
expires
Mon, 15 Jan 2024 16:56:04 GMT
mobility-tomorrow_logos_partners_2024.png
rossel.emsecure.net/images/Marketing/2024/mobility/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rossel.emsecure.net/images/Marketing/2024/mobility/mobility-tomorrow_logos_partners_2024.png
Requested by
Host: mails.mediafin.be
URL: https://mails.mediafin.be/optiext/optiextension.dll?ID=9FE9EDEprHHwp48rQ4JukcULCg9MM0uqCTSDtLTgzMjc3G3T1%2BWx6htt6_Jtpr6pEIeF7NM2qPGiHSAcHltLMMvdlzW1F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:fceb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
042b2712e8840c13e2255d624d946c3067d6af24363db04313f57dcef381397d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mails.mediafin.be/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 16:26:04 GMT
strict-transport-security
max-age=31536000; includeSubdomains
cf-cache-status
HIT
age
1551
cf-polished
origSize=17416
content-length
12411
x-xss-protection
1; mode=block
referrer-policy
strict-origin
cf-bgj
imgq:100,h2pri
last-modified
Mon, 15 Jan 2024 10:15:22 GMT
server
cloudflare
etag
"5c3cd4bf9b47da1:0"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
845f7a73cf52910c-FRA
expires
Mon, 15 Jan 2024 16:56:04 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1; mode=block