Submitted URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=K...
Effective URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKTh...
Submission: On October 22 via api from RU — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 15 HTTP transactions. The main IP is 63.148.46.75, located in Royalton, United States and belongs to ASN-CHEETA-MAIL, US. The main domain is x.eml.hearstmags.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on May 17th 2024. Valid for: a year.
This is the only time x.eml.hearstmags.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 63.148.46.72 53316 (ASN-CHEET...)
1 63.148.46.75 53316 (ASN-CHEET...)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 1 34.160.190.60 396982 (GOOGLE-CL...)
1 34.149.10.198 396982 (GOOGLE-CL...)
9 18.244.18.83 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
15 7
Apex Domain
Subdomains
Transfer
9 sailthru.com
media.sailthru.com — Cisco Umbrella Rank: 15250
12 MB
3 hearstmags.com
l.eml.hearstmags.com — Cisco Umbrella Rank: 208553
x.eml.hearstmags.com
11 KB
1 gstatic.com
fonts.gstatic.com
47 KB
1 optimove.net
dm-time.optimove.net — Cisco Umbrella Rank: 301165
1 dyneml.com
c25.dyneml.com — Cisco Umbrella Rank: 187994
275 B
1 rlcdn.com
ei.rlcdn.com — Cisco Umbrella Rank: 2287
98 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
15 7
Domain Requested by
9 media.sailthru.com x.eml.hearstmags.com
2 l.eml.hearstmags.com 1 redirects x.eml.hearstmags.com
1 fonts.gstatic.com fonts.googleapis.com
1 dm-time.optimove.net x.eml.hearstmags.com
1 c25.dyneml.com 1 redirects
1 ei.rlcdn.com x.eml.hearstmags.com
1 fonts.googleapis.com x.eml.hearstmags.com
1 x.eml.hearstmags.com
15 8

This site contains links to these domains. Also see Links.

Domain
l.eml.hearstmags.com
Subject Issuer Validity Valid
*.eccmp.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-05-17 -
2025-06-17
a year crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-06 -
2025-03-05
a year crt.sh
media.sailthru.com
Amazon RSA 2048 M02
2024-03-05 -
2025-04-02
a year crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Frame ID: 5EF7E8B8B667EEBC8EFCCD672A5B9AE8
Requests: 15 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-l... HTTP 307
    https://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-l... HTTP 302
    http://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fff... HTTP 307
    https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fff... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

80 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

12556 kB
Transfer

12583 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&hp2=7d7390f370ce96fdad04731f94f390e6666176688a90f8ed1793f9f52a37aa9e HTTP 307
    https://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&hp2=7d7390f370ce96fdad04731f94f390e6666176688a90f8ed1793f9f52a37aa9e HTTP 302
    http://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY HTTP 307
    https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://c25.dyneml.com/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1 HTTP 302
  • https://dm-time.optimove.net/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1&env=prod

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request msg.aspx
x.eml.hearstmags.com/ats/
Redirect Chain
  • http://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e854...
  • https://l.eml.hearstmags.com/rts/go2.aspx?h=25938298&tp=i-1NHD-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq9-F1a5SA-lB25d9Nm32-yLykr&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY&x=e2d30f8e10e269cf0adb5143e85...
  • http://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
  • https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
38 KB
10 KB
Document
General
Full URL
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.75 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
ats.eccmp.com
Software
/
Resource Hash
611f3d1264ddb6dccc9ac43e2ef59988d35f290075b9bf5f5b73113ac9fcb891

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
10119
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Oct 2024 22:16:52 GMT
Expires
0
Pragma
no-cache
SERVER
Vary
Accept-Encoding
X-Powered-By

Redirect headers

Location
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
904dc3e1bee45978299da81e6b6c3a731f1240118afde61161e2be24c4c1031b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 22 Oct 2024 22:16:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 22:16:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 22 Oct 2024 21:44:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
open.aspx
l.eml.hearstmags.com/rts/
43 B
255 B
Image
General
Full URL
https://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.148.46.72 Royalton, United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS
rts.eccmp.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Transfer-Encoding
chunked
Cache-Control
no-cache, max-age=0
Pragma
no-cache
Expires
0
Date
Tue, 22 Oct 2024 22:16:52 GMT
Content-Type
image/gif
X-Powered-By
Server
456939.gif
ei.rlcdn.com/
0
98 B
Image
General
Full URL
https://ei.rlcdn.com/456939.gif?m=C8EF6F835D26C73A8937A015DA47E8D1&n=1
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 22 Oct 2024 22:16:52 GMT
pixel.png
dm-time.optimove.net/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/
Redirect Chain
  • https://c25.dyneml.com/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1
  • https://dm-time.optimove.net/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1&env=prod
68 B
0
Image
General
Full URL
https://dm-time.optimove.net/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1&env=prod
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
H2
Server
34.149.10.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
198.10.149.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

via
1.1 google
strict-transport-security
max-age=63072000
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 22:16:57 GMT
content-type
image/png
x-powered-by
Express

Redirect headers

strict-transport-security
max-age=63072000
location
https://dm-time.optimove.net/campaign/2e6848c4-d234-11e4-81b8-22000a9a8611/6601/pixel.png?_=1459958046&e=1&g=467&id=6601&et=1&dpid=326692&uid=C8EF6F835D26C73A8937A015DA47E8D1&env=prod
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 22 Oct 2024 22:16:52 GMT
content-type
text/html; charset=UTF-8
server
Apache
ESQ_Email_HEADER_DESKTOP_v2.gif
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
2 MB
2 MB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_HEADER_DESKTOP_v2.gif
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
defdbe15fbb96a0887fd771ba39333067361c191cbbf45b1dfc360aff6c9dd98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"44508c69066e905cb8a53be2f44d1125"
Age
53311
Connection
keep-alive
Via
1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1876688
X-Amz-Cf-Id
qLDOSEnnhdixF1Kquk6IAMYh4G11yEuiDMhdotO7uBM2BUeMHWys9g==
Date
Tue, 22 Oct 2024 07:50:27 GMT
Content-Type
image/gif
Last-Modified
Wed, 28 Aug 2024 01:42:39 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
ESQ_Email_HEADER_MOBILE_v2_1.gif
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
1 MB
1 MB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_HEADER_MOBILE_v2_1.gif
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e9c0749185723cb0a297515ab1112e255dc71936adb4839a83adf19482269c65

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"a61274d0e37f04a5365913ff8da496d4"
Age
39513
Connection
keep-alive
Via
1.1 888b6b44a57f755881c4b0f069225010.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1164714
X-Amz-Cf-Id
b3Co9e2fUI_ihiwpJRI7mp_NALuCgDf-QlUiDm1bDIM3iJCprZiJWw==
Date
Tue, 22 Oct 2024 11:19:51 GMT
Content-Type
image/gif
Last-Modified
Wed, 28 Aug 2024 01:42:58 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
_amazonbutton_2.png
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
16 KB
17 KB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/_amazonbutton_2.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f29c04b7528887247b8cb3922f2b223c56ba08e3fec06ad04e515f089426fa3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

ETag
"e1c8668ed437bf86008857f484df7fc9"
Age
47001
Connection
keep-alive
Via
1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
16761
X-Amz-Cf-Id
XXLiALshmj-I6MMX7KiCMJH2k4MLlH0eanhrn9F6RmjfykgY2wQK9g==
Date
Tue, 22 Oct 2024 09:13:35 GMT
Content-Type
image/png
Last-Modified
Wed, 05 Oct 2022 17:52:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
Vary
Accept-Encoding
ESQ_Email_15.png
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
3 MB
3 MB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_15.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bed48afc4db6f82969fe47e11fc80085d076cdcb7d129c2e95ed39bb03c6eb39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"c68b073bb3c2a42e34710b2d26780763"
Age
28445
Connection
keep-alive
Via
1.1 9a614f9e49eb2bcefba1d54afaaf7f80.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
2657349
X-Amz-Cf-Id
VZqW-QOyrTdACrsYoME1TZ9JYSlfAQcH3WFFDwSSO37OQkEQG2oDmQ==
Date
Tue, 22 Oct 2024 14:30:41 GMT
Content-Type
image/png
Last-Modified
Wed, 14 Aug 2024 23:09:50 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
ESQ_Email_16.png
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
2 MB
2 MB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_16.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a8b65189e47051042664daaee83b2d088822ccc6a2e55b9a9f059d890290d63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"72f5cdfeb8f2a950ecf9e56802f34062"
Age
39517
Connection
keep-alive
Via
1.1 de5feec87348dd5cbd158a449ae18d38.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
2598253
X-Amz-Cf-Id
4ZSzItONX2cXFay37VuA9Kty1vj0iw8THk6y_hiryY5cgurUBAc_XQ==
Date
Tue, 22 Oct 2024 11:19:51 GMT
Content-Type
image/png
Last-Modified
Wed, 14 Aug 2024 23:09:55 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
ESQ_Email_17.png
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
3 MB
3 MB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_17.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47604d04f37600d96aab8752f07b48d4a555746fa9157e82fe2d4be7dc6302a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"c2de4cc29c7d198e645e0eac2415281c"
Age
53322
Connection
keep-alive
Via
1.1 5d328d2e734cff11e41c897ec72f465e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3100686
X-Amz-Cf-Id
E6h4uDr927g8xmTFDq1BY_fWKK8B9Qk4qdUD8xWYYvu15MdNnnSVRA==
Date
Tue, 22 Oct 2024 07:38:33 GMT
Content-Type
image/png
Last-Modified
Wed, 14 Aug 2024 23:09:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
ESQ_Email_QUOTE_1.png
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
300 KB
300 KB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_QUOTE_1.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
725f99da2a29b98becfc716867fa28ba391a7b6d104ad32e7f482dfe81c8ed04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"ea37c76835b4f281ef6fd24f3e6469c9"
Age
45139
Connection
keep-alive
Via
1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
306876
X-Amz-Cf-Id
R2T0Zr5bsVw6zdF1MuSl0hovP2kdbfTyQdMDSggozcDhZpZCdAKgdA==
Date
Tue, 22 Oct 2024 09:50:59 GMT
Content-Type
image/png
Last-Modified
Wed, 14 Aug 2024 22:31:15 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
ESQ_Email_11.png
media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/
1 MB
1 MB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-3j6/editor_images/ESQ_Email_11.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
080c277eb0db8b7dd4ea0419a54d066305b581f7b01f00e9f9277232aab93582

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"360122d803da19e5f225126737215373"
Age
39513
Connection
keep-alive
Via
1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1065927
X-Amz-Cf-Id
zsP5yrm48kehIJ4j-8P8LNR7O1pL2PZx-b1rnQLRhtWMmSaRhtopeA==
Date
Tue, 22 Oct 2024 11:19:51 GMT
Content-Type
image/png
Last-Modified
Wed, 28 Aug 2024 01:31:43 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
Hearst_Magazines_logo_Black.png
media.sailthru.com/composer/images/sailthru-prod-5u0/Cart%20Abandon/
5 KB
5 KB
Image
General
Full URL
https://media.sailthru.com/composer/images/sailthru-prod-5u0/Cart%20Abandon/Hearst_Magazines_logo_Black.png
Requested by
Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-83.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
253d6f6dfe31dac6756d16b2aa94ed258c133c63c096ed1b86233dbaada0c692

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://x.eml.hearstmags.com/

Response headers

Vary
Accept-Encoding
ETag
"978f57bb0f22b5c3a310244f3195d891"
Age
56245
Connection
keep-alive
Via
1.1 56837fe4941e707f9c6564d049ea12b6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
4980
X-Amz-Cf-Id
1LkelYRV_NtgCbXW_DWsx_G2LukQtwYovcB4iYedrTCjrrPannShaw==
Date
Tue, 22 Oct 2024 06:41:02 GMT
Content-Type
image/png
Last-Modified
Mon, 28 Aug 2023 14:47:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P11
x-amz-server-side-encryption
AES256
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://x.eml.hearstmags.com
Referer
https://fonts.googleapis.com/

Response headers

age
21499
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 22 Oct 2025 16:18:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 22 Oct 2024 16:18:33 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
x.eml.hearstmags.com/ Name: BIGipServercnv_ats_ssl_pool
Value: !qlXoaDCOt0pOBXE7vpjUiT2lFoElIrbe4ac+IJDHhfv9HmdlhIjHlJzJfShlJ5P1BZbyYNXoyalqLSw=

3 Console Messages

Source Level URL
Text
security warning URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY
Message:
Mixed Content: The page at 'https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY' was loaded over HTTPS, but requested an insecure element 'http://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY(Line 381)
Message:
Mixed Content: The page at 'https://x.eml.hearstmags.com/ats/msg.aspx?sg1=e2d30f8e10e269cf0adb5143e854708885c1a99c7564046c8c32cf51fffd610e&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY' was loaded over HTTPS, but requested an insecure element 'http://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1MzE-F1aAKj-1p-Ag5fWz-1c-10oq8-G-lB28H5C04L-xiEpP&pi=KSz8WdqvKThOpPEeGo0ARWq1zM1CLOHtrjcXYj99izY'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ei.rlcdn.com/456939.gif?m=C8EF6F835D26C73A8937A015DA47E8D1&n=1
Message:
Failed to load resource: the server responded with a status of 451 ()