urlscan.io logo urlscan.io
SecurityTrails logo

newsletter.keymedia.com Open in urlscan Pro
104.26.9.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://na04.mypinpointe.com/l/-XLysMfFepmMP8n8IeNaDAruxuBxUqm0ygjPojUGXrU
Effective URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250...
Submission: On March 12 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 104.26.9.198, located in and belongs to CLOUDFLARENET, US. The main domain is newsletter.keymedia.com.
TLS certificate: Issued by E1 on February 17th 2024. Valid for: 3 months.
This is the only time newsletter.keymedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 199.127.241.6 53797 (PINPOINTE-N1)
1 104.26.9.198 13335 (CLOUDFLAR...)
2 3 142.251.16.156 15169 (GOOGLE)
1 172.253.122.147 15169 (GOOGLE)
3 3
Apex Domain
Subdomains		 Transfer
3 doubleclick.net
pubads.g.doubleclick.net — Cisco Umbrella Rank: 410
986 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 keymedia.com
newsletter.keymedia.com
863 B
1 mypinpointe.com
na04.mypinpointe.com — Cisco Umbrella Rank: 670185
744 B
3 4
Domain Requested by
3 pubads.g.doubleclick.net 2 redirects newsletter.keymedia.com
1 www.google.com newsletter.keymedia.com
1 newsletter.keymedia.com
1 na04.mypinpointe.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
keymedia.com
E1		 2024-02-17 -
2024-05-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.google.com/gen_204?reason=EmptyURL
Frame ID: 915159A98A7163E46853C072E5AC4DD6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page URL History Show full URLs

  1. https://na04.mypinpointe.com/l/-XLysMfFepmMP8n8IeNaDAruxuBxUqm0ygjPojUGXrU HTTP 302
    https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1 kB
Transfer

0 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://na04.mypinpointe.com/l/-XLysMfFepmMP8n8IeNaDAruxuBxUqm0ygjPojUGXrU HTTP 302
    https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3 HTTP 302
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3&pre=1
Request Chain 1
  • https://pubads.g.doubleclick.net/gampad/jump?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3 HTTP 302
  • https://www.google.com/gen_204?reason=EmptyURL

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request dfp.aspx
newsletter.keymedia.com/
Redirect Chain
  • https://na04.mypinpointe.com/l/-XLysMfFepmMP8n8IeNaDAruxuBxUqm0ygjPojUGXrU
  • https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
324 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.198 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
521cb647d41d36809875de6e22b422b477762685ae24a54aa60cf91821716983

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8635e92b8b9436ae-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 12 Mar 2024 18:40:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbNIb9jlrpQLu4RFkFm%2FJCGxbp1mbR%2FjVTUvv8P%2BCzZVO4rJjXdr6cG%2F28N66GsReHKGTE%2BZ3s7UvGxLlYDfSUzI4Z4Cik9%2BXRz711orK4PyLB9mky2Kr4j%2BTb7NLsb28NOB5WVGxqig"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Tue, 12 Mar 2024 18:40:06 GMT
Keep-Alive
timeout=3
Location
https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Vary
User-Agent
X-Powered-By
PHP/7.4.33
X-Robots-Tag
noindex, nofollow
ad
pubads.g.doubleclick.net/gampad/
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3
  • https://pubads.g.doubleclick.net/gampad/ad?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3&pre=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/gampad/ad?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3&pre=1
Requested by
Host: newsletter.keymedia.com
URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Protocol
H2
Server
142.251.16.156 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://newsletter.keymedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
date
Tue, 12 Mar 2024 18:40:07 GMT
x-content-type-options
nosniff
server
cafe
google-creative-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
google-lineitem-id
-2

Redirect headers

date
Tue, 12 Mar 2024 18:40:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://pubads.g.doubleclick.net/gampad/ad?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3&pre=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
www.google.com/
Redirect Chain
  • https://pubads.g.doubleclick.net/gampad/jump?iu=/1042886/_560x250&sz=560x250&c=28450&tile=3
  • https://www.google.com/gen_204?reason=EmptyURL
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/gen_204?reason=EmptyURL
Requested by
Host: newsletter.keymedia.com
URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f147.1e100.net
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-8_BQa-7boirfgOQYo_LMzQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-8_BQa-7boirfgOQYo_LMzQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 12 Mar 2024 18:40:08 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server
gws
x-frame-options
SAMEORIGIN
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 12 Mar 2024 18:40:07 GMT
location
https://www.google.com/gen_204?reason=EmptyURL
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.mypinpointe.com/ Name: PPVTOK
Value: eyJuYTA0Lm15cGlucG9pbnRlLmNvbSI6IjFJTnZEVlBBY1d4eThLazdvbGN4S2x5QlpqV2JMS0NfOF9qMUZsSkhnMlUifQ%3D%3D
.newsletter.keymedia.com/ Name: ARRAffinity
Value: 18a79d1c1f275ffdab15044be9c1f5a7a24bf8a703e5133f1c6d14160e4823be
.newsletter.keymedia.com/ Name: ARRAffinitySameSite
Value: 18a79d1c1f275ffdab15044be9c1f5a7a24bf8a703e5133f1c6d14160e4823be
.doubleclick.net/ Name: IDE
Value: AHWqTUkX5y2H3REXEE3W-rCIbpsx4Hx4BrQqDuV39HFf_sPVF7tbkw2NOxV3c5_hcMQ
.google.com/ Name: NID
Value: 512=SIm3XJFjXHJgWGY3AgSKCDIXpDKqQvzV_ouW98zvYe_jvNuGuL-hGFV_Cj-GRSEugVodYB0Zpdes6DiuMuJDVLENCj469IuF2MrtdeHNg7Lh3ohW6rrcPHrfMPXJS1AC1uXSJzlvZOmxfWSAbv37cOxFYEOlA98UQE95mhm31bE

4 Console Messages

Source Level URL
Text
other warning URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://newsletter.keymedia.com/dfp.aspx?url=https%3a%2f%2fpubads.g.doubleclick.net%2fgampad%2fjump%3fiu%3d%2f1042886%2f_560x250%26sz%3d560x250%26c%3d28450%26tile%3d3
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

na04.mypinpointe.com
newsletter.keymedia.com
pubads.g.doubleclick.net
www.google.com
104.26.9.198
142.251.16.156
172.253.122.147
199.127.241.6
521cb647d41d36809875de6e22b422b477762685ae24a54aa60cf91821716983
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629