x.eml.hearstmags.com Open in urlscan Pro
63.148.46.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lAGD3Fpj4G-2Bz6Td&pi=h...
Effective URL:
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_...
Submission: On April 13 via manual (April 13th 2024, 6:47:39 pm UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 63.148.46.75, located in United States and belongs to ASN-CHEETA-MAIL, US. The main domain is x.eml.hearstmags.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 24th 2023. Valid for: a year.

This is the only time x.eml.hearstmags.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	63.148.46.72 63.148.46.72	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
2	63.148.46.75 63.148.46.75	53316 (ASN-CHEET...) (ASN-CHEETA-MAIL)
1	23.212.201.96 23.212.201.96	16625 (AKAMAI-AS) (AKAMAI-AS)
5	18.244.17.89 18.244.17.89	16509 (AMAZON-02) (AMAZON-02)
1	18.244.18.77 18.244.18.77	16509 (AMAZON-02) (AMAZON-02)
10	5

2 63.148.46.72 (United States) 1 redirects

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: rts.eccmp.com

l.eml.hearstmags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.148.46.75 (United States)

ASN53316 (ASN-CHEETA-MAIL, US)
PTR: ats.eccmp.com

x.eml.hearstmags.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.201.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-201-96.deploy.static.akamaitechnologies.com

snamwpm.eccmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.244.17.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-17-89.fra56.r.cloudfront.net

photos.smugmug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.244.18.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-77.fra56.r.cloudfront.net

media.sailthru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	smugmug.com photos.smugmug.com — Cisco Umbrella Rank: 49970	3 MB
4	hearstmags.com 1 redirects l.eml.hearstmags.com — Cisco Umbrella Rank: 173430 x.eml.hearstmags.com	11 KB
1	sailthru.com media.sailthru.com — Cisco Umbrella Rank: 13681	5 KB
1	eccmp.com snamwpm.eccmp.com — Cisco Umbrella Rank: 60168	5 KB
10	4

	Domain	Requested by
5	photos.smugmug.com	x.eml.hearstmags.com
2	x.eml.hearstmags.com
2	l.eml.hearstmags.com	1 redirects x.eml.hearstmags.com
1	media.sailthru.com	x.eml.hearstmags.com
1	snamwpm.eccmp.com	x.eml.hearstmags.com
10	5

This site contains links to these domains. Also see Links.

Domain
l.eml.hearstmags.com

Subject Issuer	Validity	Valid
*.eccmp.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-24` - `2024-06-09`	a year	crt.sh
wpm.ccmp.eu R3	`2024-04-02` - `2024-07-01`	3 months	crt.sh
smugmug.com Amazon RSA 2048 M03	`2023-09-15` - `2024-10-13`	a year	crt.sh
media.sailthru.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Frame ID: 216EBE30A70D4143E22E8F7795B49DD7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dream Giveaway

Page URL History Show full URLs

http://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lA... HTTP 307
https://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lA... HTTP 302
http://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6... HTTP 307
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2614 kB
Transfer

2627 kB
Size

2
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-G-lAGzVp2pnG-yXvHe&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0&x=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&hp2=17c83602453b425048f7b113ea9b47abd31ad4f74f029fb546dc9ec2d04a002d
Title: click here

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=17864215&tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fh-G-lAGzVp2pnG-1fI7qq&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=17864216&tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fh-G-lAGzVp2pnG-1fI7qq&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Title: www.dreamgiveaway.com/dg/roush/official-rules

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=17864211&tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fj-G-lAGzVp2pnG-235uiv&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0&x={89138D58-C202-486A-B865-530FCEC1339E}%7c306976%7c1df2c198ec3b27ac1a5270dbc055a2e4&hp2=5f17fbf2f73e277babb5d1b35729d803f46113dbe02c12e67ff1e41820bafd73
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=11324549&tp=i-16IJ-BL-19Yg-CUXwoz-1p-5XPzLZ-1c-SEsL-G-l9GRi7jL5Z-UiFpa
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=17864212&tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fj-G-lAGzVp2pnG-235uiv&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Title: CA Notice at Collection

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/go2.aspx?h=17864213&tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fj-G-lAGzVp2pnG-235uiv&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Search URL Search Domain Scan URL

URL: http://l.eml.hearstmags.com/rts/un.aspx?tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fh-G-lAGzVp2pnG-1fI7qq

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lAGD3Fpj4G-2Bz6Td&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0&x=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&hp2=926abad8734ef203cc2aec743f876d116a86fda9a7d4b9a4988411b62fca72c5 HTTP 307
https://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lAGD3Fpj4G-2Bz6Td&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0&x=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&hp2=926abad8734ef203cc2aec743f876d116a86fda9a7d4b9a4988411b62fca72c5 HTTP 302
http://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0 HTTP 307
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request msg.aspx Show response
x.eml.hearstmags.com/ats/
Redirect Chain

http://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lAGD3Fpj4G-2Bz6Td&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0&x=09cd2c092a4e4dde9fdc72a23f6c...
https://l.eml.hearstmags.com/rts/go2.aspx?h=17864214&tp=i-1NHD-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fi-EA6410-lAGD3Fpj4G-2Bz6Td&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0&x=09cd2c092a4e4dde9fdc72a23f6...
http://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

30 KB
10 KB

1400ms
895ms

Document
text/html

63.148.46.75
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.75 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: ats.eccmp.com
Software: /
Resource Hash: f691beb89b855d5e7d794e062b70e694dcc1bdf4691649be1d2b1fb0ec8863e0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 9208
Content-Type: text/html; charset=utf-8
Date: Sat, 13 Apr 2024 18:47:33 GMT
Expires: 0
Pragma: no-cache
SERVER
Vary: Accept-Encoding
X-Powered-By

Redirect headers

Location: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK open.aspx
l.eml.hearstmags.com/rts/ 43 B
255 B 113ms
112ms Image
image/gif 63.148.46.72
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fh-G-lAGzVp2pnG-1fI7qq&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Requested by: Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.72 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: rts.eccmp.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sat, 13 Apr 2024 18:47:33 GMT
Server
X-Powered-By
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: no-cache, max-age=0
Expires: 0

GET
H/1.1 200
OK ROA-Perks.png
snamwpm.eccmp.com/wpm/703/ContentUploads/PERKS/Logos/ 5 KB
5 KB 451ms
171ms Image
image/png 23.212.201.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snamwpm.eccmp.com/wpm/703/ContentUploads/PERKS/Logos/ROA-Perks.png
Requested by: Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.201.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-201-96.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4562eff53830211848d7dc6c6e0e621113790d8b856de449c57237f3c562e14a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 18:47:34 GMT
Last-Modified: Tue, 26 Sep 2023 17:29:07 GMT
Server
ETag: "52f2f1f39ef0d91:0"
X-Powered-By
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5126

GET
H2 200 rou24-march-sc-X2.png
photos.smugmug.com/2023-Giveaways/n-55xQP5/ROU24/i-GcpN925/0/C5w3kh7X6TQwGZqfdMvpDGMb8NSWPGzw7cKXzwBzj/X2/ 1 MB
1 MB 295ms
200ms Image
image/png 18.244.17.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photos.smugmug.com/2023-Giveaways/n-55xQP5/ROU24/i-GcpN925/0/C5w3kh7X6TQwGZqfdMvpDGMb8NSWPGzw7cKXzwBzj/X2/rou24-march-sc-X2.png

Requested by

Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.17.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-17-89.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

b849271277974683d54120f49fe2e87fc1c009c084af9c924767d7ba786d5aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:44:12 GMT
strict-transport-security: max-age=31536000
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
content-md5: OLHw/Y64PoJcGFP4Ptb9mg==
x-smug-ph: 0.0263
x-ttfb: 0.029
x-amz-cf-pop: FRA56-P11
x-env: a=live, b=photoserve, c=ec58e149, d=i-06954e08a67b9251f
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
age: 691402
smug-content-length: 1270266
content-length: 1270266
x-request-id: XR7CQkwg62qF6aC_i8qtX1p_NXlhSKEQ6vwe4otqQLpesU7JMEneNg==
x-ua-compatible: IE=edge
x-smug-v: 17
last-modified: Mon, 01 Apr 2024 18:25:02 GMT
server: nginx
x-smug-d: Fri, 05 Apr 2024 11:44:12 PDT
x-response: Stream
etag: "38b1f0fd8eb83e825c1853f83ed6fd9a"
x-frame-options: DENY
x-ttfb-l: 0
content-type: image/png
cache-control: public, max-age=31536000
x-smug-ct: m
x-robots-tag: index, archive
x-amz-cf-id: KKlFTonTu6X0LA8za6NqDaXDVAhTsjpXB7Y6Qmi0OlPq-tQs--RyjA==
expires: Sat, 05 Apr 2025 18:44:12 GMT

GET
H2 200 i-7sLcrPq-X4.png
photos.smugmug.com/photos/i-7sLcrPq/0/DVqSPxzDCgpTkgsB4HWQ5GCh6HgQSZcGfMW85ZGq2/X4/ 109 KB
110 KB 311ms
227ms Image
image/png 18.244.17.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photos.smugmug.com/photos/i-7sLcrPq/0/DVqSPxzDCgpTkgsB4HWQ5GCh6HgQSZcGfMW85ZGq2/X4/i-7sLcrPq-X4.png

Requested by

Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.17.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-17-89.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a67c31333254cbc6b6634ae6100b5fe7927675f9f8d2c53037090230fbf3246c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:15:44 GMT
strict-transport-security: max-age=31536000
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
content-md5: QVOJkybabxWD4+vboO3siQ==
x-smug-ph: 0.0236
x-ttfb: 0.0834
x-amz-cf-pop: FRA56-P11
x-env: a=live, b=photoserve, c=e8889be1, d=i-0098430dee98b598c
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
age: 275510
smug-content-length: 111505
content-length: 111505
x-request-id: BsE-XZM-sX67T-xgrnPewqfZoj2VRZ5rJLjc9dzsJRfp5AsLMUeFYw==
x-ua-compatible: IE=edge
x-smug-v: 17
last-modified: Thu, 24 Aug 2023 18:17:08 GMT
server: nginx
x-smug-d: Wed, 10 Apr 2024 07:15:44 PDT
x-response: Buffer
etag: "4153899326da6f1583e3ebdba0edec89"
x-frame-options: DENY
x-ttfb-l: 0
content-type: image/png
cache-control: public, max-age=31536000
x-smug-ct: m
x-robots-tag: noarchive, noindex, nosnippet
x-amz-cf-id: wMliABWQJ7yv1rJn_ZRGDtv-FmJiVNSqstti8FnMt0b9xynxR6qlZg==
expires: Thu, 10 Apr 2025 14:15:44 GMT

GET
H2 200 rou24-detail-engine-L.png
photos.smugmug.com/2023-Giveaways/n-55xQP5/ROU24/i-wRkXPKs/0/FdXr7gDJdFLZrQwbDw3XH2jWZgL6DBvns2PnLdLjS/L/ 571 KB
573 KB 128ms
44ms Image
image/png 18.244.17.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photos.smugmug.com/2023-Giveaways/n-55xQP5/ROU24/i-wRkXPKs/0/FdXr7gDJdFLZrQwbDw3XH2jWZgL6DBvns2PnLdLjS/L/rou24-detail-engine-L.png

Requested by

Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.17.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-17-89.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

9f2e21c41cad6f0e676b8c0717a1069d1bf4ddcbe64e2efe8b216f1a8ce07fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 18:44:12 GMT
strict-transport-security: max-age=31536000
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
content-md5: mkIwm5kY3grLrO7UyCZ7UQ==
x-smug-ph: 0.0261
x-ttfb: 0.0287
x-amz-cf-pop: FRA56-P11
x-env: a=live, b=photoserve, c=ec58e149, d=i-06954e08a67b9251f
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
age: 691402
smug-content-length: 585065
content-length: 585065
x-request-id: _-DfoJ67xJ9eey42qubrDZ3_XL1AG4ex_q10ceyjRUlNK088YMe0Qw==
x-ua-compatible: IE=edge
x-smug-v: 17
last-modified: Mon, 01 Apr 2024 15:24:07 GMT
server: nginx
x-smug-d: Fri, 05 Apr 2024 11:44:12 PDT
x-response: Stream
etag: "9a42309b9918de0acbaceed4c8267b51"
x-frame-options: DENY
x-ttfb-l: 0
content-type: image/png
cache-control: public, max-age=31536000
x-smug-ct: m
x-robots-tag: index, archive
x-amz-cf-id: Ck1g8ABKfFBTp7BgjZ8oh5g5lb0BUNMZ-UIx9a3elbS7k-ZRUEDbRw==
expires: Sat, 05 Apr 2025 18:44:12 GMT

GET
H2 200 rou24-details-march-v3-L.png
photos.smugmug.com/2023-Giveaways/n-55xQP5/ROU24/i-HCgHRQr/0/nmvWgZhKNFgLPrmwH6RNx83v72tqNTd7ZBxz8L9C/L/ 385 KB
386 KB 238ms
153ms Image
image/png 18.244.17.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photos.smugmug.com/2023-Giveaways/n-55xQP5/ROU24/i-HCgHRQr/0/nmvWgZhKNFgLPrmwH6RNx83v72tqNTd7ZBxz8L9C/L/rou24-details-march-v3-L.png

Requested by

Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.17.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-17-89.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

3cdc1606ea0eeaefbd8d80f86a5f83dec1f7e1475fd3a56d3a8f12d5411aace5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 14:15:47 GMT
strict-transport-security: max-age=31536000
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
content-md5: l7l7oyuyX6dj2yTthjnl9g==
x-smug-ph: 0.0256
x-ttfb: 0.0281
x-amz-cf-pop: FRA56-P11
x-env: a=live, b=photoserve, c=ec58e149, d=i-02d9af2284e86a33f
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
age: 275507
smug-content-length: 394440
content-length: 394440
x-request-id: Qg8_o8S-pEHZ7z1ojGrcL46eMjp4rgTMtPpFymZ0YA9ResFolmZv4g==
x-ua-compatible: IE=edge
x-smug-v: 17
last-modified: Mon, 01 Apr 2024 15:31:55 GMT
server: nginx
x-smug-d: Wed, 10 Apr 2024 07:15:47 PDT
x-response: Stream
etag: "97b97ba32bb25fa763db24ed8639e5f6"
x-frame-options: DENY
x-ttfb-l: 0
content-type: image/png
cache-control: public, max-age=31536000
x-smug-ct: m
x-robots-tag: index, archive
x-amz-cf-id: btDLNi-ndFhae64IhNNnmNi9crc8agx0QGhn53HqaTmCFkS03IqFIg==
expires: Thu, 10 Apr 2025 14:15:47 GMT

GET
H2 200 i-7pCBdMb.png
photos.smugmug.com/photos/i-7pCBdMb/0/DL6bNKV97w5gLwwGK987hjmL7kdGz2qc5WTDP9mBW/O/ 280 KB
281 KB 311ms
227ms Image
image/png 18.244.17.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://photos.smugmug.com/photos/i-7pCBdMb/0/DL6bNKV97w5gLwwGK987hjmL7kdGz2qc5WTDP9mBW/O/i-7pCBdMb.png

Requested by

Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.244.17.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-244-17-89.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

d35b685afba720ad9815137e130412c0e1a1d7e87891fc39b4df2df6f345d407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 16:52:24 GMT
strict-transport-security: max-age=31536000
via: 1.1 7daf545331a4f565a58e22b0fa952528.cloudfront.net (CloudFront)
content-md5: E0Lvp6tKnk/BihCcJ4EjwA==
x-smug-ph: 0.0262
x-ttfb: 0.1946
x-amz-cf-pop: FRA56-P11
x-env: a=live, b=photoserve, c=ec58e149, d=i-06954e08a67b9251f
x-cache: Hit from cloudfront
p3p: CP="This is not a P3P policy. We respect your privacy."
age: 698110
smug-content-length: 286352
content-length: 286352
x-request-id: 04BWHbQVVasCfilknLS5EtNa006xTtIWQr481bbdzsf_EDM_8arJEw==
x-ua-compatible: IE=edge
x-smug-v: 17
last-modified: Wed, 27 Mar 2024 13:48:34 GMT
server: nginx
x-smug-d: Fri, 05 Apr 2024 09:52:24 PDT
x-response: Buffer
etag: "1342efa7ab4a9e4fc18a109c278123c0"
x-frame-options: DENY
x-ttfb-l: 0
content-type: image/png
cache-control: public, max-age=31536000
x-smug-ct: m
x-robots-tag: noarchive, noindex, nosnippet
x-amz-cf-id: yBQNdL-oJoHt1ASIoo-3WwWsKw1jNIj7rcVzn5iHVwFbojefdSjClg==
expires: Sat, 05 Apr 2025 16:52:24 GMT

GET
H/1.1 200
OK Hearst_Magazines_logo_Black.png
media.sailthru.com/composer/images/sailthru-prod-5u0/Cart%20Abandon/ 5 KB
5 KB 152ms
38ms Image
image/png 18.244.18.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-5u0/Cart%20Abandon/Hearst_Magazines_logo_Black.png
Requested by: Host: x.eml.hearstmags.com
URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-77.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 253d6f6dfe31dac6756d16b2aa94ed258c133c63c096ed1b86233dbaada0c692

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 18:16:34 GMT
Via: 1.1 b2d59a81483e9c35443be57826cea9fa.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Aug 2023 14:47:49 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P11
Age: 1887
x-amz-server-side-encryption: AES256
ETag: "978f57bb0f22b5c3a310244f3195d891"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4980
X-Amz-Cf-Id: 0XUn_LuKG3WDR4xPur4C4pUDJrCXCS3wG0_SjXKpDvONBtPWFxYHOQ==

GET
H/1.1 404
Not Found favicon.ico
x.eml.hearstmags.com/ 1 KB
947 B 116ms
116ms Other
text/html 63.148.46.75
ASN-CHEETA-MAIL

General

Check archive.org

Show headers Download Go to

Full URL: https://x.eml.hearstmags.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.148.46.75 , United States, ASN53316 (ASN-CHEETA-MAIL, US),
Reverse DNS: ats.eccmp.com
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 18:47:34 GMT
Content-Encoding: gzip
Server
X-Powered-By
Vary: Accept-Encoding
Content-Type: text/html
Connection: Keep-Alive
Content-Length: 741

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			l.eml.hearstmags.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lk4oauqxjudjrmxk50lufxqv
			x.eml.hearstmags.com/	1969-12-31 23:59:59	Name: BIGipServercnv_ats_ssl_pool Value: !rsB4/eN5k6hyom1TD46Ou1ZcfpSQnXteRl2lkpKq6vTwf7Y4fiSTEnGKJavPz5qSBWnbbzLtCdbnxRY=

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0 Message: Mixed Content: The page at 'https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0' was loaded over HTTPS, but requested an insecure element 'http://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fh-G-lAGzVp2pnG-1fI7qq&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0(Line 457) Message: Mixed Content: The page at 'https://x.eml.hearstmags.com/ats/msg.aspx?sg1=09cd2c092a4e4dde9fdc72a23f6ca1a439e394f738301d1c07006cac3f6ba666&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0' was loaded over HTTPS, but requested an insecure element 'http://l.eml.hearstmags.com/rts/open.aspx?tp=i-16IJ-BL-1HrE-EA7UQh-1p-AHsHkh-1c-i6Fh-G-lAGzVp2pnG-1fI7qq&pi=hcTbJbuAyS_hQuYRZqIs5ZkW5hdUCffNl0_nMMVrMQ0'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://x.eml.hearstmags.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

l.eml.hearstmags.com
media.sailthru.com
photos.smugmug.com
snamwpm.eccmp.com
x.eml.hearstmags.com
18.244.17.89
18.244.18.77
23.212.201.96
63.148.46.72
63.148.46.75
253d6f6dfe31dac6756d16b2aa94ed258c133c63c096ed1b86233dbaada0c692
3cdc1606ea0eeaefbd8d80f86a5f83dec1f7e1475fd3a56d3a8f12d5411aace5
4562eff53830211848d7dc6c6e0e621113790d8b856de449c57237f3c562e14a
9f2e21c41cad6f0e676b8c0717a1069d1bf4ddcbe64e2efe8b216f1a8ce07fa5
a67c31333254cbc6b6634ae6100b5fe7927675f9f8d2c53037090230fbf3246c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b849271277974683d54120f49fe2e87fc1c009c084af9c924767d7ba786d5aa5
d35b685afba720ad9815137e130412c0e1a1d7e87891fc39b4df2df6f345d407
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
f691beb89b855d5e7d794e062b70e694dcc1bdf4691649be1d2b1fb0ec8863e0

x.eml.hearstmags.com Open in urlscan Pro 63.148.46.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

70 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2614 kBTransfer

2627 kBSize

2 Cookies

8 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

3 Console Messages

Indicators

x.eml.hearstmags.com Open in urlscan Pro
63.148.46.75 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

70 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2614 kB
Transfer

2627 kB
Size

2
Cookies

10 HTTP transactions
0 data transactions