empik.emsecure.net - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2606:4700::6811:fbeb, located in United States and belongs to CLOUDFLARENET, US. The main domain is empik.emsecure.net.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 19th 2021. Valid for: a year.

This is the only time empik.emsecure.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6811:fbeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:9e37	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2

1 2606:4700::6811:fbeb (United States)

ASN13335 (CLOUDFLARENET, US)

empik.emsecure.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:9e37 (United States)

ASN13335 (CLOUDFLARENET, US)

slimak.empik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	empik.com slimak.empik.com	103 KB
1	emsecure.net empik.emsecure.net	2 KB
3	2

	Domain	Requested by
2	slimak.empik.com	empik.emsecure.net
1	empik.emsecure.net
3	2

This site contains no links.

Subject Issuer	Validity	Valid
*.emsecure.net DigiCert TLS RSA SHA256 2020 CA1	`2021-03-19` - `2022-04-19`	a year	crt.sh
empik.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://empik.emsecure.net/optiext/optiextension.dll?ID=QtSxypBprhS47KHIltqDF3vLe33CCvsQ5ZNZ64GBMCLLXeCHCiL2bqHo_7zfnRFb91yFym+JbvQQQR&utm_source=newsletter&utm_medium=sms-me&utm_campaign=211004_sms_odbior_kupon20
Frame ID: C0E00F063AC4945E1CF957599181231E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

20% rabatu

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

105 kB
Transfer

107 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request optiextension.dll Show response
empik.emsecure.net/optiext/ 4 KB
2 KB 166ms
119ms Document
text/html 2606:4700::6811:fbeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://empik.emsecure.net/optiext/optiextension.dll?ID=QtSxypBprhS47KHIltqDF3vLe33CCvsQ5ZNZ64GBMCLLXeCHCiL2bqHo_7zfnRFb91yFym+JbvQQQR&utm_source=newsletter&utm_medium=sms-me&utm_campaign=211004_sms_odbior_kupon20

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6811:fbeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1b0c3f785bcc1aac29c47d8b4ac591ecf216f1b6e869d3ec9b5a62a28e7f3fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: empik.emsecure.net
:scheme: https
:path: /optiext/optiextension.dll?ID=QtSxypBprhS47KHIltqDF3vLe33CCvsQ5ZNZ64GBMCLLXeCHCiL2bqHo_7zfnRFb91yFym+JbvQQQR&utm_source=newsletter&utm_medium=sms-me&utm_campaign=211004_sms_odbior_kupon20
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 11 Oct 2021 11:15:24 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000; includeSubdomains
x-xss-protection: 1; mode=block
referrer-policy: strict-origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69c7ab9adf054e37-FRA
content-encoding: br

GET
H2 200 head_20_bez_min.jpg
slimak.empik.com/newsletter/empik/2020/200921_pon/ 99 KB
99 KB 444ms
391ms Image
image/jpeg 2606:4700::6811:9e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slimak.empik.com/newsletter/empik/2020/200921_pon/head_20_bez_min.jpg
Requested by: Host: empik.emsecure.net
URL: https://empik.emsecure.net/optiext/optiextension.dll?ID=QtSxypBprhS47KHIltqDF3vLe33CCvsQ5ZNZ64GBMCLLXeCHCiL2bqHo_7zfnRFb91yFym+JbvQQQR&utm_source=newsletter&utm_medium=sms-me&utm_campaign=211004_sms_odbior_kupon20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9e37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fe954ea5ba867e1a6fb01d645023b5326cce86174ad48070f9ffb2b6471320a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://empik.emsecure.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:15:24 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Sep 2020 07:04:51 GMT
server: cloudflare
etag: "627768510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 69c7ab9c1d860f82-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101055
expires: Mon, 11 Oct 2021 15:15:24 GMT

GET
H2 200 kupon20_211004.png
slimak.empik.com/newsletter/empik/2021/211004_pon/ 4 KB
4 KB 279ms
227ms Image
image/png 2606:4700::6811:9e37
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slimak.empik.com/newsletter/empik/2021/211004_pon/kupon20_211004.png
Requested by: Host: empik.emsecure.net
URL: https://empik.emsecure.net/optiext/optiextension.dll?ID=QtSxypBprhS47KHIltqDF3vLe33CCvsQ5ZNZ64GBMCLLXeCHCiL2bqHo_7zfnRFb91yFym+JbvQQQR&utm_source=newsletter&utm_medium=sms-me&utm_campaign=211004_sms_odbior_kupon20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:9e37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8581bbf27250f2fe586a4102e4c36f40111873ac3f2958dd8c629924a217f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://empik.emsecure.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 11:15:24 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Oct 2021 09:22:51 GMT
server: cloudflare
etag: "2392740340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 69c7ab9c1d890f82-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3936
expires: Mon, 11 Oct 2021 15:15:24 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.empik.com/	1969-12-31 23:59:59	Name: __cfruid Value: f752c639a11813e119eca02cc89eaa577035bcd1-1633950924

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

empik.emsecure.net
slimak.empik.com
2606:4700::6811:9e37
2606:4700::6811:fbeb
8c8581bbf27250f2fe586a4102e4c36f40111873ac3f2958dd8c629924a217f9
8fe954ea5ba867e1a6fb01d645023b5326cce86174ad48070f9ffb2b6471320a
d1b0c3f785bcc1aac29c47d8b4ac591ecf216f1b6e869d3ec9b5a62a28e7f3fd

empik.emsecure.net Open in urlscan Pro 2606:4700::6811:fbeb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

105 kBTransfer

107 kBSize

1 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

empik.emsecure.net Open in urlscan Pro
2606:4700::6811:fbeb Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

105 kB
Transfer

107 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions