x.eml.hearstmags.com Open in urlscan Pro
63.148.46.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=K...
Effective URL:
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKTh...
Submission: On October 22 via api (October 22nd 2024, 10:16:58 pm UTC) from RU — Scanned from DE

Summary HTTP 15 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 63.148.46.75, located in Royalton, United States and belongs to ASN-CHEETA-MAIL, US. The main domain is x.eml.hearstmags.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 17th 2024. Valid for: a year.

This is the only time x.eml.hearstmags.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	63.148.46.72 63.148.46.72	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	63.148.46.75 63.148.46.75	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.160.190.60 34.160.190.60	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.10.198 34.149.10.198	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	18.244.18.83 18.244.18.83	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
15	7

2 63.148.46.72 (Royalton, United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com

l.eml.hearstmags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.148.46.75 (Royalton, United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: ats.eccmp.com

x.eml.hearstmags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ei.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.190.60 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 60.190.160.34.bc.googleusercontent.com

c25.dyneml.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.10.198 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.10.149.34.bc.googleusercontent.com

dm-time.optimove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.244.18.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-83.fra56.r.cloudfront.net

media.sailthru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	sailthru.com media.sailthru.com — Cisco Umbrella Rank: 15250	12 MB
3	hearstmags.com 1 redirects l.eml.hearstmags.com — Cisco Umbrella Rank: 208553 x.eml.hearstmags.com	11 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	optimove.net dm-time.optimove.net — Cisco Umbrella Rank: 301165
1	dyneml.com 1 redirects c25.dyneml.com — Cisco Umbrella Rank: 187994	275 B
1	rlcdn.com ei.rlcdn.com — Cisco Umbrella Rank: 2287	98 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
15	7

	Domain	Requested by
9	media.sailthru.com	x.eml.hearstmags.com
2	l.eml.hearstmags.com	1 redirects x.eml.hearstmags.com
1	fonts.gstatic.com	fonts.googleapis.com
1	dm-time.optimove.net	x.eml.hearstmags.com
1	c25.dyneml.com	1 redirects
1	ei.rlcdn.com	x.eml.hearstmags.com
1	fonts.googleapis.com	x.eml.hearstmags.com
1	x.eml.hearstmags.com
15	8

This site contains links to these domains. Also see Links.

Domain
l.eml.hearstmags.com

Subject Issuer	Validity	Valid
*.eccmp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-17` - `2025-06-17`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
media.sailthru.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Frame ID: 5EF7E8B8B667EEBC8EFCCD672A5B9AE8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-l... HTTP 307
https://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-l... HTTP 302
http://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fff... HTTP 307
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fff... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

80 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

12556 kB
Transfer

12583 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=25938293&tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=25938296&tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oqA-G-lB28H5C04L-R1SwY&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x={9F755D63-1C3C-4304-9673-0DEA9DE05BB6}%7c326692%7cc8ef6f835d26c73a8937a015da47e8d1&hp2=e976f96e9795fc2c2cb90f97235ce274f0b9e68ad7ec5240bd110495dd78ec77
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=11324549&tp=i-16IJ-BL-19Yg-CUXwoz-1p-5XPzLZ-1c-SEsL-G-l9GRi7jL5Z-UiFpa
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=25938294&tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oqA-G-lB28H5C04L-R1SwY&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Title: CA Notice at Collection

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=25938292&tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oqA-G-lB28H5C04L-R1SwY&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/un.aspx?tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&hp2=7d7390f370ce96fdad04731f94f390e6666176688a90f8ed1793f9f52a37aa9e HTTP 307
https://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&hp2=7d7390f370ce96fdad04731f94f390e6666176688a90f8ed1793f9f52a37aa9e HTTP 302
http://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY HTTP 307
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://c25.dyneml.com/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1 HTTP 302
https://dm-time.optimove.net/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1&env=prod

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request msg.aspx Show response
x.eml.hearstmags.com/ats/
Redirect Chain

http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e854...
https://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e85...
http://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY

38 KB
10 KB

1436ms
945ms

Document
text/html

63.148.46.75
ASN-CHEETA-MAIL

General

Source	Level	URL Text
security	warning	URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY Message: Mixed Content: The page at 'https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY' was loaded over HTTPS, but requested an insecure element 'http://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY(Line 381) Message: Mixed Content: The page at 'https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY' was loaded over HTTPS, but requested an insecure element 'http://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://ei.rlcdn.com/456939.gif?m=C8EF6F835D26C73A8937A015DA47E8D1&n=1 Message: Failed to load resource: the server responded with a status of 451 ()

x.eml.hearstmags.com Open in urlscan Pro 63.148.46.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

80 %HTTPS

25 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

12556 kBTransfer

12583 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

x.eml.hearstmags.com Open in urlscan Pro
63.148.46.75 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

80 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

12556 kB
Transfer

12583 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions