URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLl...
Submission: On December 01 via manual from IN — Scanned from DE

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 201.234.171.146, located in Buenos Aires, Argentina and belongs to LVLT-3549, US. The main domain is app.embluemail.com. The Cisco Umbrella rank of the primary domain is 345269.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on June 4th 2022. Valid for: a year.
This is the only time app.embluemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 201.234.171.146 3549 (LVLT-3549)
3 191.232.237.52 8075 (MICROSOFT...)
1 18.229.68.234 16509 (AMAZON-02)
5 3
Apex Domain
Subdomains
Transfer
3 wundermanlab.com.ar
newsletters.wundermanlab.com.ar
175 KB
2 embluemail.com
app.embluemail.com — Cisco Umbrella Rank: 345269
nts.embluemail.com — Cisco Umbrella Rank: 125454
5 KB
5 2
Domain Requested by
3 newsletters.wundermanlab.com.ar app.embluemail.com
1 nts.embluemail.com app.embluemail.com
1 app.embluemail.com
5 3

This site contains links to these domains. Also see Links.

Domain
nts.embluemail.com
Subject Issuer Validity Valid
*.embluemail.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-06-04 -
2023-07-05
a year crt.sh
newsletters.wundermanlab.com.ar
R3
2022-11-11 -
2023-02-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Frame ID: 2CA441F56201DE00D354C6D70AE58B80
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Hoy a la Noche Descuentos en Celus!

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.aspx?(?:$|\?)

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

180 kB
Transfer

189 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request VON.aspx
app.embluemail.com/Online/
15 KB
5 KB
Document
General
Full URL
https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
201.234.171.146 Buenos Aires, Argentina, ASN3549 (LVLT-3549, US),
Reverse DNS
201-234-171-146.static.impsat.net.ar
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b66c8cfb0439ca0107d774db61fd47d8a3eed94f4557bf95d44e455012c0d55

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
content-encoding
gzip
content-length
5013
content-type
text/html; charset=utf-8
date
Thu, 01 Dec 2022 13:37:37 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
M_Nuevo_azul.png
newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/00_Individuos/
2 KB
2 KB
Image
General
Full URL
https://newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/00_Individuos/M_Nuevo_azul.png
Requested by
Host: app.embluemail.com
URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
191.232.237.52 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
27db586dcf9d9050f181135c285a7c8d1adf4fd12ad7537aeb07c198f2de035f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.embluemail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:38:21 GMT
Last-Modified
Thu, 26 Aug 2021 14:53:09 GMT
Server
Apache
ETag
"6a8-5ca778673e42c"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1704
tituu.png
newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/20221129_terminales_movistarnight/
54 KB
55 KB
Image
General
Full URL
https://newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/20221129_terminales_movistarnight/tituu.png
Requested by
Host: app.embluemail.com
URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
191.232.237.52 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
531fdab11e16e6766efcee75d6dc7cc0f2d85f125ebda5b575276de697c5de89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.embluemail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:38:21 GMT
Last-Modified
Tue, 29 Nov 2022 15:40:35 GMT
Server
Apache
ETag
"d920-5ee9dcf1ef7ec"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
55584
promo.png
newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/20221129_terminales_movistarnight/
118 KB
118 KB
Image
General
Full URL
https://newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/20221129_terminales_movistarnight/promo.png
Requested by
Host: app.embluemail.com
URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
191.232.237.52 Campinas, Brazil, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash
e3f84a942ba771816e521fc77393f1650dc2af09f607415dcc1bf8c7968bb3f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.embluemail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date
Thu, 01 Dec 2022 13:38:21 GMT
Last-Modified
Tue, 29 Nov 2022 15:34:03 GMT
Server
Apache
ETag
"1d87e-5ee9db7b686b1"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
120958
op
nts.embluemail.com/p/
0
38 B
Image
General
Full URL
https://nts.embluemail.com/p/op?data=ZnTsA17eNR6TkwC%2fg50E4awroNAOb5Oatvqjn6Y9%2fje7K%2bqOPZCC62PIYlAdDZxb4raan6BXHuf5NWS1qefhFw%3d%3d!-!System.Collections.Generic.List`1[System.String]
Requested by
Host: app.embluemail.com
URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.229.68.234 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-229-68-234.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.embluemail.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Thu, 01 Dec 2022 13:38:21 GMT
content-length
0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
app.embluemail.com/ Name: ASP.NET_SessionId
Value: oj1b5dq3zqjbmg0ulipm2h4f

3 Console Messages

Source Level URL
Text
security warning URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W
Message:
Mixed Content: The page at 'https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W' was loaded over HTTPS, but requested an insecure element 'http://newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/00_Individuos/M_Nuevo_azul.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W(Line 302)
Message:
Mixed Content: The page at 'https://app.embluemail.com/Online/VON.aspx?data=ZnTsA17eNR6TkwC%2Fg50E4UlPa28xHKTArUWFU3vrVwBA09fHnpv96hb7oZ7CDfmuplHEYRGLlMugT0Aj3iw01cLNkJE0SwQm11VnNcPkqFY4kpf%2BESvdeIyYLvicXBMe!-!aH/JvWuF4vvQWLpw4w/PDIJbjOsQeDpZxFZEVTRAwB41KQtuDUfyREWy/vHowj+W' was loaded over HTTPS, but requested an insecure element 'http://newsletters.wundermanlab.com.ar/MAILS/wundermanservices/Movistar/00_Individuos/M_Nuevo_azul.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://nts.embluemail.com/p/op?data=ZnTsA17eNR6TkwC%2fg50E4awroNAOb5Oatvqjn6Y9%2fje7K%2bqOPZCC62PIYlAdDZxb4raan6BXHuf5NWS1qefhFw%3d%3d!-!System.Collections.Generic.List`1[System.String]
Message:
Failed to load resource: the server responded with a status of 400 ()