w1.buysub.com Open in urlscan Pro
198.176.166.187 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.customerservice.charismamag.com/
Effective URL:
https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid...
Submission: On September 26 via automatic, source certstream-suspicious (September 26th 2021, 5:27:42 am UTC) — Scanned from DE

Summary HTTP 9 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 198.176.166.187, located in United States and belongs to CDS-GLOBAL-01, US. The main domain is w1.buysub.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 8th 2021. Valid for: a year.

This is the only time w1.buysub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	66.45.251.82 66.45.251.82	19318 (IS-AS-1) (IS-AS-1)
1 10	198.176.166.187 198.176.166.187	397973 (CDS-GLOBA...) (CDS-GLOBAL-01)
9	1

1 66.45.251.82 (United States) 1 redirects

ASN19318 (IS-AS-1, US)
PTR: cpanel2.strang.com

www.customerservice.charismamag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 198.176.166.187 (United States) 1 redirects

ASN397973 (CDS-GLOBAL-01, US)
PTR: w1.buysub.com

w1.buysub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	buysub.com 1 redirects w1.buysub.com	56 KB
1	charismamag.com 1 redirects www.customerservice.charismamag.com	235 B
9	2

	Domain	Requested by
10	w1.buysub.com	1 redirects w1.buysub.com
1	www.customerservice.charismamag.com	1 redirects
9	2

This site contains links to these domains. Also see Links.

Domain
secure.strangmagazines.com
www.charismamag.com

Subject Issuer	Validity	Valid
*.buysub.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-08` - `2022-07-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Frame ID: 47DD47DD6CE05484CF2FC14950BD70BA
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Charisma Customer Service

Page URL History Show full URLs

https://www.customerservice.charismamag.com/ HTTP 301
https://w1.buysub.com/servlet/CSGateway?cds_mag_code=CRA HTTP 302
https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&i... Page URL

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

55 kB
Transfer

91 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.strangmagazines.com/privacy.php
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.charismamag.com/
Title: Charisma Home

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.customerservice.charismamag.com/ HTTP 301
https://w1.buysub.com/servlet/CSGateway?cds_mag_code=CRA HTTP 302
https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set login_multimag_CAPTCHA2.jsp Show response
w1.buysub.com/pubs/SG/CRA/
Redirect Chain

https://www.customerservice.charismamag.com/
https://w1.buysub.com/servlet/CSGateway?cds_mag_code=CRA
https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

29 KB
4 KB

223ms
222ms

Document
text/html

198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

e27f50249a0c9d6364a8a9a274cb51ae2c88e8d408083c9d559fa1eef15e6590

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode = block

Request headers

Host: w1.buysub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 26 Sep 2021 05:27:36 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-XSS-Protection: 1; mode = block
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none' ;
Content-Length: 3545
X-content-Type-Options: nosniff
Keep-Alive: timeout=10, max=97
Connection: Keep-Alive
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Sun, 26 Sep 2021 05:27:36 GMT
Pragma: no-cache
Cache-Control: no-cache, no-store
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: DENY
Content-Security-Policy: frame-ancestors 'none' ;
Location: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Content-Length: 0
Set-Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; Path=/; Secure; HttpOnly TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
X-content-Type-Options: nosniff
Keep-Alive: timeout=10, max=98
Connection: Keep-Alive
Content-Language: en-US
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000 ; includeSubDomains

GET
H/1.1 200
OK CC_plus_template_style2.css
w1.buysub.com/pubs/SG/CRA/images/ 20 KB
5 KB 128ms
128ms Stylesheet
text/css 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

ee31db4b9a2e251b9245276faec1df52495231d7caa53941950a34980cc4b693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Encoding: gzip
X-content-Type-Options: nosniff
Last-Modified: Wed, 19 Sep 2012 16:07:19 GMT
Age: 305
Date: Sun, 26 Sep 2021 05:27:37 GMT
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 4699
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=10, max=88

GET
H/1.1 200
OK Cookie set CC_plus_header_cra_683w_2.jpg
w1.buysub.com/pubs/SG/CRA/images/ 21 KB
22 KB 270ms
141ms Image
image/jpeg 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_header_cra_683w_2.jpg

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

42f49cbde97a931e24ab8f0247dba919c13d322ae2d99b5d0d124e1b8ec4342b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 05:27:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Thu, 20 Sep 2012 12:56:36 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Language: en-US
Connection: Keep-Alive
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Content-Type: image/jpeg
Keep-Alive: timeout=10, max=97
Content-Length: 21635
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set 1632634056797
w1.buysub.com/servlet/SecurityImage/ 5 KB
5 KB 571ms
318ms Image
image/jpeg 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/servlet/SecurityImage/1632634056797

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

58aad7d2aa5b7840d2abfb9c518b3522c652252ebe2e7fb988ec795c681dfd72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 05:27:37 GMT
X-content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Language: en-US
Connection: Keep-Alive
Transfer-Encoding: chunked
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Content-Type: image/jpeg
Keep-Alive: timeout=10, max=97
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set CC_plus_LoginNow.png
w1.buysub.com/pubs/SG/CRA/images/ 4 KB
5 KB 525ms
271ms Image
image/png 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_LoginNow.png

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

9f4947748bac20f41b0a70c8698126c853a56ee1afed2fbabc4b265717e63d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 05:27:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Mon, 25 Oct 2010 14:47:10 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Language: en-US
Connection: Keep-Alive
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Content-Type: image/png
Keep-Alive: timeout=10, max=97
Content-Length: 4425
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Cookie set CC_plus_acct_label.png
w1.buysub.com/pubs/SG/CRA/images/ 7 KB
7 KB 647ms
263ms Image
image/png 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_acct_label.png

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

cb07fa331f5e9afde61c92af8ede92644a37f8bab516aca7452c8d56523b833e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 05:27:37 GMT
X-content-Type-Options: nosniff
Last-Modified: Mon, 25 Oct 2010 14:47:10 GMT
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Language: en-US
Connection: Keep-Alive
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Content-Type: image/png
Keep-Alive: timeout=10, max=97
Content-Length: 6934
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found Cookie set CC_plus_custcare_bkg.png
w1.buysub.com/pubs/SG/CRA/images/ 622 B
622 B 516ms
136ms Image
text/html 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_custcare_bkg.png

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

f61bc5e604194034dfd94d55de40e7eaf7e64a45863ae178643c2e6ad5265e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 05:27:37 GMT
X-content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Language: en-US
_WSEP
Connection: Keep-Alive
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 622
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=10, max=99

GET
H/1.1 404
Not Found Cookie set CC_plus_wrapper_end.png
w1.buysub.com/pubs/SG/CRA/images/ 622 B
622 B 527ms
136ms Image
text/html 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_wrapper_end.png

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

f61bc5e604194034dfd94d55de40e7eaf7e64a45863ae178643c2e6ad5265e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_template_style2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 26 Sep 2021 05:27:37 GMT
X-content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Content-Language: en-US
_WSEP
Connection: Keep-Alive
Set-Cookie: TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca; Path=/; Domain=.w1.buysub.com; Secure; HTTPOnly
Content-Type: text/html;charset=ISO-8859-1
Vary: Accept-Encoding
Content-Length: 622
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=10, max=94

GET
H/1.1 200
OK CC_plus_LoginNow.png
w1.buysub.com/pubs/SG/CRA/images/ 4 KB
5 KB 240ms
127ms Image
image/png 198.176.166.187
CDS-GLOBAL-01

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_LoginNow.png

Requested by

Host: w1.buysub.com
URL: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.176.166.187 , United States, ASN397973 (CDS-GLOBAL-01, US),

Reverse DNS

w1.buysub.com

Software

Resource Hash

9f4947748bac20f41b0a70c8698126c853a56ee1afed2fbabc4b265717e63d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: w1.buysub.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
Cookie: JSESSIONID=0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr; TS011e85fb=01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://w1.buysub.com/pubs/SG/CRA/login_multimag_CAPTCHA2.jsp?cds_page_id=86310&cds_mag_code=CRA&id=1632634056647&lsid=12690027366021692&vid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000 ; includeSubDomains
X-content-Type-Options: nosniff
Last-Modified: Mon, 25 Oct 2010 14:47:10 GMT
Age: 0
Date: Sun, 26 Sep 2021 05:27:37 GMT
X-Frame-Options: SAMEORIGIN
Content-Language: en-US
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=10, max=97
Content-Length: 4425
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			w1.buysub.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 0000si8EOYNCTQXv4I4ckwH2KpK:1dgnqdhdr
			.w1.buysub.com/	1969-12-31 23:59:59	Name: TS011e85fb Value: 01c449994b8d73a532e8280ecdccbaabf6b67c9c74eb0c841bb222a1546c14fed633306988d2b623db6078d110cdced5de7ea5bf174602d9f7de1f0047a97f672bfa0e6eca

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_custcare_bkg.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://w1.buysub.com/pubs/SG/CRA/images/CC_plus_wrapper_end.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none' ;
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode = block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

w1.buysub.com
www.customerservice.charismamag.com
198.176.166.187
66.45.251.82
42f49cbde97a931e24ab8f0247dba919c13d322ae2d99b5d0d124e1b8ec4342b
58aad7d2aa5b7840d2abfb9c518b3522c652252ebe2e7fb988ec795c681dfd72
9f4947748bac20f41b0a70c8698126c853a56ee1afed2fbabc4b265717e63d97
cb07fa331f5e9afde61c92af8ede92644a37f8bab516aca7452c8d56523b833e
e27f50249a0c9d6364a8a9a274cb51ae2c88e8d408083c9d559fa1eef15e6590
ee31db4b9a2e251b9245276faec1df52495231d7caa53941950a34980cc4b693
f61bc5e604194034dfd94d55de40e7eaf7e64a45863ae178643c2e6ad5265e5a

w1.buysub.com Open in urlscan Pro 198.176.166.187 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

55 kBTransfer

91 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

2 Console Messages

Security Headers

Indicators

w1.buysub.com Open in urlscan Pro
198.176.166.187 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

55 kB
Transfer

91 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions