urlscan.io logo urlscan.io
SecurityTrails logo

pages.email1.msg.com Open in urlscan Pro
13.111.41.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.email1.msg.com/?qs=390ab0babfdb4b202ec4c58f8a4e5084c0d1f0676552eaad25290f3432c425f5d350c67f52d4dbb14cc1199d4864...
Effective URL: https://pages.email1.msg.com/ty?status=ok
Submission: On September 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 13.111.41.40, located in United States and belongs to EXACT-7 - ExactTarget, Inc., US. The main domain is pages.email1.msg.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on November 21st 2018. Valid for: 2 years.
This is the only time pages.email1.msg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.42.25 22606 (EXACT-7)
2 6 13.111.41.40 22606 (EXACT-7)
1 1 13.111.41.39 22606 (EXACT-7)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.237.60.77 14618 (AMAZON-AES)
10 4
1    13.111.42.25 (United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: click.email1.msg.com
click.email1.msg.com
6    13.111.41.40 (United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: pages.email1.msg.com
pages.email1.msg.com
1    13.111.41.39 (United States)

ASN22606 (EXACT-7 - ExactTarget, Inc., US)
PTR: cloud.email1.msg.com
cloud.email1.msg.com
2    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
1    34.237.60.77 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-237-60-77.compute-1.amazonaws.com
msgcdnassets.wpengine.com
Domain Requested by
6 pages.email1.msg.com 2 redirects pages.email1.msg.com
3 ajax.googleapis.com pages.email1.msg.com
2 fonts.googleapis.com pages.email1.msg.com
1 msgcdnassets.wpengine.com pages.email1.msg.com
1 cloud.email1.msg.com 1 redirects
1 click.email1.msg.com 1 redirects
10 6

This site contains no links.

Subject Issuer Validity Valid
pages.email1.msg.com
DigiCert SHA2 Secure Server CA		 2018-11-21 -
2020-11-25		 2 years crt.sh
*.googleapis.com
GTS CA 1O1		 2019-09-05 -
2019-11-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pages.email1.msg.com/ty?status=ok
Frame ID: D042103F6BB221A96A03B4C176FA449B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.email1.msg.com/?qs=390ab0babfdb4b202ec4c58f8a4e5084c0d1f0676552eaad25290f3432c425f5d350c67f... HTTP 302
    https://pages.email1.msg.com/page.aspx?qs=1550dccf35ce5f748fb4fd710c4dcf94fb09ba35f6286998a22115591ec7320... HTTP 302
    http://cloud.email1.msg.com/msgfamilyunsub?subscriberkey=knaraine@nshs.edu&jobid=1993382&listid=5604 HTTP 302
    http://pages.email1.msg.com/ty?status=ok HTTP 301
    https://pages.email1.msg.com/ty?status=ok Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)\/jquery-ui(?:\.min)?\.js/i
  • script /jquery-ui.*\.js/i

Page Statistics

10
Requests

90 %
HTTPS

33 %
IPv6

3
Domains

6
Subdomains

4
IPs

2
Countries

156 kB
Transfer

419 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email1.msg.com/?qs=390ab0babfdb4b202ec4c58f8a4e5084c0d1f0676552eaad25290f3432c425f5d350c67f52d4dbb14cc1199d4864292c7794adb045727a601af1660fb0a9f63a HTTP 302
    https://pages.email1.msg.com/page.aspx?qs=1550dccf35ce5f748fb4fd710c4dcf94fb09ba35f6286998a22115591ec73205d5226b42b73313134176426730b45cc675068a8b66079699329a09c1b8fd2f0373d9f81d85e7fe83ca8692ae9102ad13c71d41444f0e0dc37632e4e5fd9ff6ab5a2b460d93a433fe08085328919560004eafdd8b7503051f80b6d43671f9e613029cb7c5ebb3538c144672f51818213ea47a804135645811f3b7ab34c5f6c82b HTTP 302
    http://cloud.email1.msg.com/msgfamilyunsub?subscriberkey=knaraine@nshs.edu&jobid=1993382&listid=5604 HTTP 302
    http://pages.email1.msg.com/ty?status=ok HTTP 301
    https://pages.email1.msg.com/ty?status=ok Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set ty
pages.email1.msg.com/
Redirect Chain
  • https://click.email1.msg.com/?qs=390ab0babfdb4b202ec4c58f8a4e5084c0d1f0676552eaad25290f3432c425f5d350c67f52d4dbb14cc1199d4864292c7794adb045727a601af1660fb0a9f63a
  • https://pages.email1.msg.com/page.aspx?qs=1550dccf35ce5f748fb4fd710c4dcf94fb09ba35f6286998a22115591ec73205d5226b42b73313134176426730b45cc675068a8b66079699329a09c1b8fd2f0373d9f81d85e7fe83ca8692ae910...
  • http://cloud.email1.msg.com/msgfamilyunsub?subscriberkey=knaraine@nshs.edu&jobid=1993382&listid=5604
  • http://pages.email1.msg.com/ty?status=ok
  • https://pages.email1.msg.com/ty?status=ok
9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.email1.msg.com/ty?status=ok
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.41.40 , United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS
pages.email1.msg.com
Software
/
Resource Hash
8e96277f0442a0f4801d3f93da96c049ec0d6be534910afcb18335f418880631

Request headers

Host
pages.email1.msg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Cookie
ASP.NET_SessionId=4eg3uzhvyt5io0q0p4j0ogmg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Cache-Control
private
Content-Type
text/html; charset=US-ASCII
Vary
Accept
Set-Cookie
ASP.NET_SessionId=; path=/; secure
Date
Wed, 25 Sep 2019 15:25:40 GMT
Connection
close
Content-Length
8932

Redirect headers

Location
https://pages.email1.msg.com/ty?status=ok
Connection
Keep-Alive
Content-Length
0
css
fonts.googleapis.com/ 		1 KB
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
77081d6ec34cd663ea0fcdf78a0c302b5e6f28276d2ad0340100b9024f279c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 25 Sep 2019 15:25:40 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 25 Sep 2019 15:25:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 25 Sep 2019 15:25:40 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 30 Aug 2019 11:21:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2261068
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Aug 2020 11:21:12 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Sep 2019 11:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100918
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
8422
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Sep 2020 11:23:42 GMT
css
fonts.googleapis.com/ 		384 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poly
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
6ee6a3611d19515b67b7a9f1a3571871abc417c630999ffe226ab098f57daa72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 25 Sep 2019 15:25:40 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 25 Sep 2019 15:25:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
expires
Wed, 25 Sep 2019 15:25:40 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 19:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1886791
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Sep 2020 19:19:09 GMT
white_logo_msg.png
msgcdnassets.wpengine.com/wp-content/uploads/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://msgcdnassets.wpengine.com/wp-content/uploads/white_logo_msg.png
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
HTTP/1.1
Server
34.237.60.77 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-237-60-77.compute-1.amazonaws.com
Software
nginx /
Resource Hash
11ee56abde043a8c64422c38b5628e9aca8051a252e5083e0a7390289916b033

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 15:25:41 GMT
Last-Modified
Sat, 13 Apr 2019 00:05:08 GMT
Server
nginx
ETag
"5cb127b4-9157"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
37207
HttpRequest.js
pages.email1.msg.com/Script/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.email1.msg.com/Script/HttpRequest.js
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.41.40 , United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS
pages.email1.msg.com
Software
/
Resource Hash
e41aea70ff2d1f55e3df157020bc5e56c6b51539305c29dd18fc6ced55688163

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 15:25:41 GMT
Last-Modified
Tue, 03 Sep 2019 06:09:14 GMT
Connection
close
Accept-Ranges
bytes
ETag
"021431c1e62d51:0"
Content-Length
3523
Content-Type
application/x-javascript
pageTracking.js
pages.email1.msg.com/Script/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pages.email1.msg.com/Script/pageTracking.js
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/ty?status=ok
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.41.40 , United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS
pages.email1.msg.com
Software
/
Resource Hash
2e06c9aa6bdd3f6f6ec0fbdae7eafc96d08e7d78d2560c4a314c4b5e253ebbc4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://pages.email1.msg.com/ty?status=ok
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 25 Sep 2019 15:25:41 GMT
Last-Modified
Tue, 03 Sep 2019 06:09:14 GMT
Accept-Ranges
bytes
ETag
"021431c1e62d51:0"
Content-Length
1315
Content-Type
application/x-javascript
TrackingAjax.aspx
pages.email1.msg.com/ 		4 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pages.email1.msg.com/TrackingAjax.aspx
Requested by
Host: pages.email1.msg.com
URL: https://pages.email1.msg.com/Script/HttpRequest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.111.41.40 , United States, ASN22606 (EXACT-7 - ExactTarget, Inc., US),
Reverse DNS
pages.email1.msg.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Sec-Fetch-Mode
cors
Referer
https://pages.email1.msg.com/ty?status=ok
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 25 Sep 2019 15:25:41 GMT
Cache-Control
no-cache
Expires
-1
X-Error
null
Content-Length
4
Content-Type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| HttpRequest function| SaveAnalyticData function| ParseBrowserValues function| onSaveSuccess function| onSaveFailure string| absoluteBaseUrl

1 Cookies

Domain/Path Name / Value
pages.email1.msg.com/ Name: ASP.NET_SessionId
Value: