campaign.r20.constantcontact.com Open in urlscan Pro
172.64.151.121  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request render Show response campaign.r20.constantcontact.com/	37 KB 7 KB	378ms 305ms	Document text/html	172.64.151.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Server 172.64.151.121 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48040df54091d4720fa494240e7333f1e58ab0dcd5f9b834a3ee2bba178b87f7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 760bf582eb306919-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Thu, 27 Oct 2022 14:00:37 GMT Server cloudflare Server-Timing cf-q-config;dur=6.0000020312145e-06 Transfer-Encoding chunked
GET H2	200	S.gif imgssl.constantcontact.com/letters/images/sys/	42 B 336 B	242ms 41ms	Image image/webp	104.18.171.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/sys/S.gif Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.171.33 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bd3dce8a6b2d8f9400226f88ee6d8a09ef959f6278ea56d9d0a48bc67b20d69 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT cf-cache-status HIT age 76969 cf-polished origFmt=gif, origSize=271 content-disposition inline; filename="S.webp" content-length 42 cf-bgj imgq:100,h2pri last-modified Thu, 05 May 2016 16:01:59 GMT server cloudflare vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 760bf5861b939a00-FRA expires Fri, 27 Oct 2023 14:00:38 GMT
GET H/1.1	200 OK	9a95738b-3f88-439f-9394-984fb1e9eeac.jpg files.constantcontact.com/06c60b48701/	50 KB 51 KB	151ms 42ms	Image image/jpeg	2600:9000:206f:c600:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/9a95738b-3f88-439f-9394-984fb1e9eeac.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c600:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6521a664b98574691d21b6f85500a72fe71263eef8bbd54e0befccbbfe80b90 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:00:38 GMT x-amz-version-id xqVETqIX2A6BpRVN_02f3x515iykshwN Via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-C1 Age 75601 X-Cache Hit from cloudfront Content-Disposition filename=B2B_Cover_v5.jpg Connection keep-alive Content-Length 51181 Last-Modified Mon, 24 Oct 2022 21:15:39 GMT Server AmazonS3 ETag "96f9749ee3c3562c778e3193f2147845" Content-Type image/jpeg Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id ap2kVYSybpNcm6c2x9NBLOWtGzMKtRXOtBfMndEq3LqjIYiP_u8GJg==
GET H/1.1	200 OK	ff10125b-02f3-402b-b42c-fd5cbf068550.png files.constantcontact.com/06c60b48701/	89 KB 89 KB	150ms 40ms	Image image/png	2600:9000:206f:c600:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/ff10125b-02f3-402b-b42c-fd5cbf068550.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c600:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a094fb88627edfe34316a43ff2bbdefb1ebd349c1b6dcf1e49bc81a23b876b4f Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:00:38 GMT x-amz-version-id cdxvNgTD8f4cCffzhLHI0VHEAtqPO.Vu Via 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-C1 Age 75601 X-Cache Hit from cloudfront Content-Disposition filename=Untitled design _3_.png Connection keep-alive Content-Length 90852 Last-Modified Mon, 17 Oct 2022 22:02:14 GMT Server AmazonS3 ETag "4774ffdb15be9c042bea3fc291c67145" Content-Type image/png Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id UbWOf1-LIcmLcB9Diqx7-st9SAnENJcVnV0R2LmxAB2o9WRmSM8fYQ==
GET H2	200	spirit-full.png www.spiritaero.com/images/	13 KB 14 KB	346ms 211ms	Image image/png	23.213.161.204 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.spiritaero.com/images/spirit-full.png?v=1568350800 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.204 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-204.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c8d7fa7194be7bad49c34dac3212709d920d20b5beeeb8e35cf2ef2d6c7365d5 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT last-modified Fri, 10 Jul 2020 17:03:49 GMT server nginx etag "3544-5aa195329b90c" x-cache-nxaccel HIT content-type image/png cache-control max-age=54984 server-timing cdn-cache; desc=HIT, edge; dur=168 accept-ranges bytes content-length 13636 expires Fri, 28 Oct 2022 05:17:02 GMT
GET H2	200	deq-logo-2022.jpg www.deq.ok.gov/wp-content/uploads/deqmainresources/	9 KB 10 KB	864ms 40ms	Image image/jpeg	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.deq.ok.gov/wp-content/uploads/deqmainresources/deq-logo-2022.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 921a6f0f331d2804da580e85ae03c10682208e0abf0bcbb79ba57ea31702051f Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT cf-cache-status HIT age 75425 cf-polished origSize=10051, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9556 cf-bgj imgq:100,h2pri last-modified Mon, 04 Apr 2022 11:46:45 GMT server cloudflare etag "624adaa5-2743" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 760bf58b0e04697f-FRA
GET H/1.1	200 OK	tzoo-logo-horiz-color.png tulsazoo.org/wp-content/themes/tzoo2017/img/	8 KB 8 KB	1703ms 138ms	Image image/png	67.43.9.100 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://tulsazoo.org/wp-content/themes/tzoo2017/img/tzoo-logo-horiz-color.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.43.9.100 Grandville, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache / Resource Hash 5d875cdf6f368eb96ef699f71167c37b989694b33ad503758e0425025c2d1fdb Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Thu, 27 Oct 2022 14:00:38 GMT Last-Modified Wed, 08 Nov 2017 20:54:18 GMT Server Apache Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 7780 Expires Sat, 26 Nov 2022 14:00:38 GMT
GET H2	200	slb_logo_rgb_svg.ashx www.slb.com/-/media/images/logo/	1 KB 2 KB	381ms 122ms	Image image/svg+xml	99.83.132.177 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.slb.com/-/media/images/logo/slb_logo_rgb_svg.ashx Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.132.177 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a105596a4cefbdd47.awsglobalaccelerator.com Software Microsoft-IIS/10.0 / Resource Hash 9db1684ff9634bca50528a6c89c50ea9422878dd853fefaf7a47ccba72c58cf0 Security Headers Name Value Content-Security-Policy default-src 'self' https: blob: data: 'unsafe-inline' 'unsafe-eval' script-src: https://ajax.googleapis.com https://analytics.kaltura.com https://api.peer5.com https://bat.bing.com https://cdnapisec.kaltura.com https://cookie-cdn.cookiepro.com https://maps.googleapis.com https://players.brightcove.net https://s7.addthis.com https://secure.perk0mean.com https://static.cloud.coveo.com https://tag.demandbase.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com object-src: https://fonts.gstatic.com connect-src: *.google-analytics.com *.analytics.google.com img-src: *.google-analytics.com *.analytics.google.com; Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT content-security-policy default-src 'self' https: blob: data: 'unsafe-inline' 'unsafe-eval' script-src: https://ajax.googleapis.com https://analytics.kaltura.com https://api.peer5.com https://bat.bing.com https://cdnapisec.kaltura.com https://cookie-cdn.cookiepro.com https://maps.googleapis.com https://players.brightcove.net https://s7.addthis.com https://secure.perk0mean.com https://static.cloud.coveo.com https://tag.demandbase.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com object-src: https://fonts.gstatic.com connect-src: *.google-analytics.com *.analytics.google.com img-src: *.google-analytics.com *.analytics.google.com; x-content-type-options nosniff strict-transport-security max-age=15768000 content-disposition inline; filename="SLB_Logo_RGB_svg.svg" content-length 1336 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Mon, 17 Oct 2022 20:04:53 GMT server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control private, max-age=604800 accept-ranges bytes access-control-allow-headers odata-version, originalcorrelationid, content-type
GET H2	200	Met-Logo-Horizontal-2-rows-e1596826023550.png metrecycle.com/wp-content/uploads/2020/07/	26 KB 27 KB	580ms 207ms	Image image/png	66.147.242.199 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://metrecycle.com/wp-content/uploads/2020/07/Met-Logo-Horizontal-2-rows-e1596826023550.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.147.242.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box599.bluehost.com Software Apache / Resource Hash 052cff01ea6c76b0aa28c0f8a2f2d9fab0633dbcc6817f863dce56aa76f8e841 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT x-nginx-cache WordPress last-modified Fri, 07 Aug 2020 18:47:03 GMT server Apache x-endurance-cache-level 2 content-type image/png cache-control max-age=10368000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 27124 expires max-age=A10368000, public
GET H/1.1	200 OK	b60e0450-b113-4c96-8cab-dc6365b82961.png files.constantcontact.com/06c60b48701/	129 KB 130 KB	497ms 435ms	Image image/png	2600:9000:206f:c600:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/b60e0450-b113-4c96-8cab-dc6365b82961.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c600:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7d718bf36f9de3e22e38daf4d3a10c93e4a454276f4c1d678bcb315a19ae57f2 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers x-amz-version-id UGjNXb9dZKt2Pl7nab6wIsKq0FBaXlTM Date Thu, 27 Oct 2022 14:00:39 GMT Via 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront) Last-Modified Mon, 19 Sep 2022 16:48:08 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-C1 ETag "04313dce6462658f59bcf5babb9caea7" X-Cache RefreshHit from cloudfront Content-Type image/png Content-Disposition filename=S3C-1.png Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex, nofollow Content-Length 132026 X-Amz-Cf-Id 1gKqQAW6OrseZeb3Iyh7N0NLtzNHFh7GaW05bj43hI84bW1q1OWU2w==
GET H/1.1	200 OK	cd73f3dd-652c-456a-adad-fe107dc549f3.jpg files.constantcontact.com/06c60b48701/	37 KB 37 KB	49ms 37ms	Image image/jpeg	2600:9000:206f:c600:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/cd73f3dd-652c-456a-adad-fe107dc549f3.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c600:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9c28c15d407e613b17bd7c20101cb7cceddeef7ee59c9ec09f29d95594d622ac Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Wed, 26 Oct 2022 17:00:38 GMT x-amz-version-id NYKebsnKWzYcum2fFpQuEyijomtIQEjp Via 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA56-C1 Age 75601 X-Cache Hit from cloudfront Content-Disposition filename=Thanks.jpg Connection keep-alive Content-Length 37556 Last-Modified Mon, 19 Sep 2022 18:45:12 GMT Server AmazonS3 ETag "07cf8f99f4662af8066d938c6b88db20" Content-Type image/jpeg Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id ouWnrCBGetl2ltzXFaZ-HkfhWXwoMWnTWJ3NxEqSjKq-G2WapX6TJQ==
GET H/1.1	200 OK	42ec67e6-1c66-424a-86d6-a70b90ab89b3.png files.constantcontact.com/06c60b48701/	11 KB 12 KB	460ms 435ms	Image image/png	2600:9000:206f:c600:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/42ec67e6-1c66-424a-86d6-a70b90ab89b3.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:c600:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1fcae6ecf9ebf5d1cf826a75de543188a76c6821b2f2c88197960198873563e2 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Thu, 27 Oct 2022 14:00:39 GMT x-amz-version-id yUqYR9QWBdKHTJQ1GutiNi7B3gRzDVlZ Via 1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront) Last-Modified Fri, 16 Sep 2022 18:10:08 GMT Server AmazonS3 X-Amz-Cf-Pop FRA56-C1 ETag "53fae5f032b0bfc60d91887fb8f51a77" X-Cache Miss from cloudfront Content-Type image/png Content-Disposition filename=tsa badge 2.png Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex, nofollow Content-Length 11283 X-Amz-Cf-Id AZ-42lsMUXP_jvNtwG0IvisDDqEQsjfcVqPQ76ip5T5x_iRAA4QGWg==
GET H2	200	blue_orange.png imgssl.constantcontact.com/letters/images/templates_team/2020_rebrand/logo/stacked/	5 KB 6 KB	49ms 48ms	Image image/webp	104.18.171.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/templates_team/2020_rebrand/logo/stacked/blue_orange.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.171.33 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02ea3a673c476389be14d4422fc08c66a8d0e053bd3e2d99e718ce85292487d1 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT cf-cache-status HIT age 76511 cf-polished origFmt=png, origSize=5974 content-disposition inline; filename="blue_orange.webp" content-length 5574 cf-bgj imgq:100,h2pri last-modified Mon, 15 Jun 2020 14:09:45 GMT server cloudflare vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 760bf5879eb09a00-FRA expires Fri, 27 Oct 2023 14:00:38 GMT
GET H/1.1	200 OK	email-decode.min.js Show response campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	29ms 29ms	Script application/javascript	172.64.151.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Server 172.64.151.121 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers Date Thu, 27 Oct 2022 14:00:38 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 18 Oct 2022 15:26:52 GMT Server cloudflare ETag W/"634ec5bc-4d7" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Frame-Options DENY Cache-Control max-age=172800, public Connection keep-alive CF-RAY 760bf5878e106919-FRA Expires Sat, 29 Oct 2022 14:00:38 GMT
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	155ms 97ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer http://campaign.r20.constantcontact.com/ Origin http://campaign.r20.constantcontact.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 Response headers date Thu, 27 Oct 2022 14:00:38 GMT content-encoding gzip last-modified Fri, 21 Oct 2022 01:56:09 GMT server cloudflare etag W/2021.12.0 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 760bf587ed499247-FRA
POST H/1.1	204 No Content	rum Show response campaign.r20.constantcontact.com/cdn-cgi/	0 393 B	37ms 36ms	XHR text/plain	172.64.151.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol HTTP/1.1 Server 172.64.151.121 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36 content-type application/json Response headers Date Thu, 27 Oct 2022 14:00:39 GMT X-Content-Type-Options nosniff Server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin http://campaign.r20.constantcontact.com X-Frame-Options DENY access-control-allow-credentials true Connection keep-alive CF-RAY 760bf5909aed6919-FRA

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| __cfBeacon

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			campaign.r20.constantcontact.com/	1969-12-31 23:59:59	Name: BIGipServerProdCampaign Value: !4PAeNat4oaIK3iXktzrR47jR+xRuVXcR4cH+MTQ75vWgYWvoxPpAOQxoArJDYatgdPy/Yt5l6F2p1g==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaign.r20.constantcontact.com
files.constantcontact.com
imgssl.constantcontact.com
metrecycle.com
static.cloudflareinsights.com
tulsazoo.org
www.deq.ok.gov
www.slb.com
www.spiritaero.com
104.18.171.33
141.193.213.11
172.64.151.121
23.213.161.204
2600:9000:206f:c600:5:905f:5740:93a1
2606:4700::6810:3965
66.147.242.199
67.43.9.100
99.83.132.177
02ea3a673c476389be14d4422fc08c66a8d0e053bd3e2d99e718ce85292487d1
052cff01ea6c76b0aa28c0f8a2f2d9fab0633dbcc6817f863dce56aa76f8e841
1fcae6ecf9ebf5d1cf826a75de543188a76c6821b2f2c88197960198873563e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bd3dce8a6b2d8f9400226f88ee6d8a09ef959f6278ea56d9d0a48bc67b20d69
48040df54091d4720fa494240e7333f1e58ab0dcd5f9b834a3ee2bba178b87f7
5d875cdf6f368eb96ef699f71167c37b989694b33ad503758e0425025c2d1fdb
7d718bf36f9de3e22e38daf4d3a10c93e4a454276f4c1d678bcb315a19ae57f2
921a6f0f331d2804da580e85ae03c10682208e0abf0bcbb79ba57ea31702051f
9c28c15d407e613b17bd7c20101cb7cceddeef7ee59c9ec09f29d95594d622ac
9db1684ff9634bca50528a6c89c50ea9422878dd853fefaf7a47ccba72c58cf0
a094fb88627edfe34316a43ff2bbdefb1ebd349c1b6dcf1e49bc81a23b876b4f
c8d7fa7194be7bad49c34dac3212709d920d20b5beeeb8e35cf2ef2d6c7365d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6521a664b98574691d21b6f85500a72fe71263eef8bbd54e0befccbbfe80b90
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505