click1.e.fireflyengage.com Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.e.fireflyengage.com/ViewMessage.do?m=mwtndncbq&r=qnhfwdmnnn&s=svmkszwcfmzszkgcjbzzbzjjlhvwlwmpjkh&q=1645459200&a=view
Effective URL:
http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Submission: On April 25 via manual (April 25th 2022, 6:38:48 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 25 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.e.fireflyengage.com. The Cisco Umbrella rank of the primary domain is 962771.

This is the only time click1.e.fireflyengage.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	96.46.128.252 96.46.128.252	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:71c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 17	2606:4700:10:... 2606:4700:10::6816:274b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	18.64.79.75 18.64.79.75	16509 (AMAZON-02) (AMAZON-02)
1	18.64.79.128 18.64.79.128	16509 (AMAZON-02) (AMAZON-02)
25	7

2 74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)

click1.e.fireflyengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com

bfc887.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71c (United States)

ASN13335 (CLOUDFLARENET, US)

email.network.exchange	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:274b (United States) 7 redirects

ASN13335 (CLOUDFLARENET, US)

www.westernjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.84.54.237 (San Antonio, United States) 6 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stripe.rs-1198-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.64.79.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-75.txl50.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-128.txl50.r.cloudfront.net

branding.rs-1198-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	westernjournal.com 7 redirects www.westernjournal.com — Cisco Umbrella Rank: 61248	1 MB
7	rs-1198-a.com 6 redirects stripe.rs-1198-a.com — Cisco Umbrella Rank: 792430 branding.rs-1198-a.com — Cisco Umbrella Rank: 402781	6 KB
6	powerinboxedge.com images-prod.powerinboxedge.com — Cisco Umbrella Rank: 21197	818 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	169 KB
2	fireflyengage.com click1.e.fireflyengage.com — Cisco Umbrella Rank: 962771	57 KB
1	network.exchange email.network.exchange — Cisco Umbrella Rank: 477145	69 KB
1	efeedbacktrk.com bfc887.efeedbacktrk.com	466 B
25	7

	Domain	Requested by
17	www.westernjournal.com	7 redirects click1.e.fireflyengage.com
6	images-prod.powerinboxedge.com	click1.e.fireflyengage.com
6	stripe.rs-1198-a.com	6 redirects
4	connect.facebook.net	click1.e.fireflyengage.com connect.facebook.net
2	click1.e.fireflyengage.com
1	branding.rs-1198-a.com	click1.e.fireflyengage.com
1	email.network.exchange	click1.e.fireflyengage.com
1	bfc887.efeedbacktrk.com	click1.e.fireflyengage.com
25	8

This site contains links to these domains. Also see Links.

Domain
www.e.fireflyengage.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2021-07-06` - `2022-05-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Frame ID: 67823C21943753EE40CC15A8D4E59E36
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

American Olympians Made to Leave Beijing Without Medals After Infuriating Ruling American Olympians Made to Leave Beijing Without Medals After Infuriating Ruling

Page URL History Show full URLs

http://click1.e.fireflyengage.com/ViewMessage.do?m=mwtndncbq&r=qnhfwdmnnn&s=svmkszwcfmzszkgcjbzzbzjjlhvwlwmpjk... Page URL
http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

25
Requests

16 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

2143 kB
Transfer

2551 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.e.fireflyengage.com/Unsub.do?a=u&e=Dhowie%40ci.charlotte.nc.us&mid=565172&sid=67AB4D5A-7A6E-401A-A1A0-08C3B8B5906C&rid=6291000&lid=204
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.e.fireflyengage.com/ViewMessage.do?m=mwtndncbq&r=qnhfwdmnnn&s=svmkszwcfmzszkgcjbzzbzjjlhvwlwmpjkh&q=1645459200&a=view Page URL
http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 7

http://www.westernjournal.com/wp-content/uploads/2022/02/Silver-Medal-Team.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/Silver-Medal-Team.jpg

Request Chain 8

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=0&cs_stripeid=121812 HTTP 303
http://images-prod.powerinboxedge.com/v3/images/4528/858538

Request Chain 10

http://www.westernjournal.com/wp-content/uploads/2022/02/Melissa-Blair.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/Melissa-Blair.jpg

Request Chain 11

http://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-20T095407.919.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-20T095407.919.jpg

Request Chain 12

http://www.westernjournal.com/wp-content/uploads/2022/02/Lizard-Lick-Towing.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/Lizard-Lick-Towing.jpg

Request Chain 13

http://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-21T085117.459.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-21T085117.459.jpg

Request Chain 14

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=0&cs_stripeid=121811 HTTP 303
http://images-prod.powerinboxedge.com/v3/images/0/780190

Request Chain 15

http://www.westernjournal.com/wp-content/uploads/2022/02/rivera-and-son-times-square-II.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/rivera-and-son-times-square-II.jpg

Request Chain 16

http://www.westernjournal.com/wp-content/uploads/2022/02/Eye.jpg HTTP 301
https://www.westernjournal.com/wp-content/uploads/2022/02/Eye.jpg

Request Chain 17

http://www.westernjournal.com/wp-content/uploads/2022/02/Gernon-Brown.jpg HTTP 307
https://www.westernjournal.com/wp-content/uploads/2022/02/Gernon-Brown.jpg

Request Chain 18

http://www.westernjournal.com/wp-content/uploads/2022/02/ottawa-police-for-feb.-20.jpg HTTP 307
https://www.westernjournal.com/wp-content/uploads/2022/02/ottawa-police-for-feb.-20.jpg

Request Chain 19

http://www.westernjournal.com/wp-content/uploads/2022/02/bunk-beds.jpg HTTP 307
https://www.westernjournal.com/wp-content/uploads/2022/02/bunk-beds.jpg

Request Chain 20

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=0&cs_stripeid=121813 HTTP 303
http://images-prod.powerinboxedge.com/v3/images/4529/757493

Request Chain 21

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=1&cs_stripeid=121813 HTTP 303
http://images-prod.powerinboxedge.com/v3/images/4529/780167

Request Chain 22

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=2&cs_stripeid=121813 HTTP 303
http://images-prod.powerinboxedge.com/v3/images/4529/757492

Request Chain 23

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=3&cs_stripeid=121813 HTTP 303
http://images-prod.powerinboxedge.com/v3/images/4529/757538

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ViewMessage.do Show response
click1.e.fireflyengage.com/ 3 KB
3 KB 1405ms
96ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.e.fireflyengage.com/ViewMessage.do?m=mwtndncbq&r=qnhfwdmnnn&s=svmkszwcfmzszkgcjbzzbzjjlhvwlwmpjkh&q=1645459200&a=view
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 68884a60a24b183f50a2776d2937d674f0735aa81d0d672a151301d3927a1abb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Mon, 25 Apr 2022 18:38:41 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

23ms
8ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do?m=mwtndncbq&r=qnhfwdmnnn&s=svmkszwcfmzszkgcjbzzbzjjlhvwlwmpjkh&q=1645459200&a=view

Protocol

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d92d98ab82e806853ee4fadcf316583b41f920d575033df8714e1d9a050b08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +MOuhZkFgkthhBhQgZ54Og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 5whLVAK/CQOkpvxpJrIIu2D0NdCj+oh9oMDF5iuY3J9U9dVXA2pZWBB6KiqPuLclUFcH6SqP/skRiDj+rmknvg==
x-fb-trip-id: 686109401
x-fb-content-md5: d1f957c3a25f088f6fc39c1155a26041
x-frame-options: DENY
date: Mon, 25 Apr 2022 18:38:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "93830516662b3617df8bab890e2ecff1"
timing-allow-origin: *
expires: Mon, 25 Apr 2022 18:45:47 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 all.js
connect.facebook.net/en_US/ 289 KB
82 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=4d395d7e68dbdafe7207531262490812

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.e.fireflyengage.com/
Origin: http://click1.e.fireflyengage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eyW/wNVmplZEyp2Mr04lGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84316
x-fb-rlafr: 0
x-fb-debug: mDtYdVxJQu6CXlSzf8kf3pfDUQWKxE9a/cfsHp1B2fFK2RTh/BPs9MkIcvwEwT/supRuAfBdaXp3YHAukuz0nA==
x-fb-content-md5: 33e0393f7b7908093f7134dfca8d1aa7
x-frame-options: DENY
date: Mon, 25 Apr 2022 18:38:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "03128f648ea14cb96c266f9adde4ef98"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Apr 2023 17:12:51 GMT

POST
H/1.1 200
OK Primary Request ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22 Show response
click1.e.fireflyengage.com/ 54 KB
54 KB 150ms
149ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 6e820c61f142a5064bf701528547d33860b0a1d8c48e80bc53926d27c7a81b7f

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://click1.e.fireflyengage.com
Referer: http://click1.e.fireflyengage.com/ViewMessage.do?m=mwtndncbq&r=qnhfwdmnnn&s=svmkszwcfmzszkgcjbzzbzjjlhvwlwmpjkh&q=1645459200&a=view
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Mon, 25 Apr 2022 18:38:42 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H3

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

15ms
7ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d92d98ab82e806853ee4fadcf316583b41f920d575033df8714e1d9a050b08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +MOuhZkFgkthhBhQgZ54Og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 5whLVAK/CQOkpvxpJrIIu2D0NdCj+oh9oMDF5iuY3J9U9dVXA2pZWBB6KiqPuLclUFcH6SqP/skRiDj+rmknvg==
x-fb-content-md5: d1f957c3a25f088f6fc39c1155a26041
x-frame-options: DENY
date: Mon, 25 Apr 2022 18:38:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "93830516662b3617df8bab890e2ecff1"
timing-allow-origin: *
priority: u=1
expires: Mon, 25 Apr 2022 18:45:47 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK yklgbpyfrkpnbpgwnfmspnpspmnmctqycykvmgtscklclql_kvvshpltttjlsrvrvphtt.gif
bfc887.efeedbacktrk.com/ 68 B
466 B 1006ms
97ms Image
image/png 96.46.128.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfc887.efeedbacktrk.com/yklgbpyfrkpnbpgwnfmspnpspmnmctqycykvmgtscklclql_kvvshpltttjlsrvrvphtt.gif
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.128.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: www.efeedbacktrk.com
Software: sp /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:43 GMT
Server: sp
Content-Type: image/png;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
imagetoolbar: no
Keep-Alive: timeout=60
Content-Length: 68
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 logo1-liftablePNG.png
email.network.exchange/wp-content/uploads/2020/01/ 68 KB
69 KB 760ms
674ms Image
image/png 2606:4700:20::681a:71c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://email.network.exchange/wp-content/uploads/2020/01/logo1-liftablePNG.png
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f675ed96e293ec4a558c29be7a9d9f9bf836cc6699688bdbad5bb376ab559f55

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Wed, 22 Jan 2020 17:49:03 GMT
server: cloudflare
etag: "5e288b0f-111a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iytezs5jjRmChy%2BsNmpd8HSXAc8XC2xB4IcygbG6ui8MRhmjA%2F4ibV9l6AfpxrpaU7raG81MswmbhAER2xlNqLE%2BBp4lqL10TJdXGxzkfjyYY%2Br%2Fd6ariZzBpdvzJqsmPz4T8J3kN52YATiApfptUK03DvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7019327ccf793744-MXP
content-length: 70049

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=4d395d7e68dbdafe7207531262490812

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01486ef5e5d6f2e2112c7bf1cafa03a9832cae7b53d1a48e5bb630f29be76caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.e.fireflyengage.com/
Origin: http://click1.e.fireflyengage.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: eyW/wNVmplZEyp2Mr04lGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84316
x-fb-rlafr: 0
x-fb-debug: mDtYdVxJQu6CXlSzf8kf3pfDUQWKxE9a/cfsHp1B2fFK2RTh/BPs9MkIcvwEwT/supRuAfBdaXp3YHAukuz0nA==
x-fb-content-md5: 33e0393f7b7908093f7134dfca8d1aa7
x-frame-options: DENY
date: Mon, 25 Apr 2022 18:38:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "03128f648ea14cb96c266f9adde4ef98"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 25 Apr 2023 17:12:51 GMT

GET
H2

200

Silver-Medal-Team.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Silver-Medal-Team.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Silver-Medal-Team.jpg

142 KB
142 KB

728ms
696ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Silver-Medal-Team.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

424ee1f8823f9b5ec676e623d2b879ca61bd69f0c64e191557f27c4ff3b21602

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 18:54:44 GMT
server: cloudflare
etag: "62128e74-23648"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19e401f0-ZRH
content-length: 144968

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Silver-Medal-Team.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327cbd782373-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H/1.1

200
OK

858538
images-prod.powerinboxedge.com/v3/images/4528/
Redirect Chain

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=0&cs_stripeid=121812
http://images-prod.powerinboxedge.com/v3/images/4528/858538

577 KB
577 KB

70ms
33ms

Image
image/gif

18.64.79.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/4528/858538
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-75.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8c2a2162cc39a76e94ac99a5abd1f8f75e8b4383ab7b0601ff7cf1257608054

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 18:38:43 GMT
Via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 14 Mar 2022 18:10:26 GMT
Server: AmazonS3
Age: 743
ETag: "69ff3153dd029017c1fc63750c937095"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 590824
X-Amz-Cf-Id: TyLoIzRQ_tvuQCzgPEsi0blY3xZo4atIZlgYUlrNXhdePWf1uVdbpA==

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:42 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/4528/858538
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK transparent.gif
branding.rs-1198-a.com/recommend/ 3 KB
4 KB 65ms
18ms Image
image/gif 18.64.79.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://branding.rs-1198-a.com/recommend/transparent.gif
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-128.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 114a94d6363058a453f91374a6a17b2b03e2317a426f8578422f7cfac884c06b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Sat, 02 Apr 2022 14:58:40 GMT
Via: 1.1 0f55386ae5e307100f1e7694cff2d5d8.cloudfront.net (CloudFront)
Last-Modified: Fri, 21 Jan 2022 22:16:11 GMT
Server: AmazonS3
Age: 2000403
ETag: "538f857e43ff094071c254a003739ed0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 3213
X-Amz-Cf-Id: _jueGH9Nyck5sjT4YBBHlT6ScPCKrY_s7hr4ml50Ww9vhjm3bv7u7A==

GET
H2

200

Melissa-Blair.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Melissa-Blair.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Melissa-Blair.jpg

54 KB
54 KB

745ms
711ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Melissa-Blair.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

331dc54029009d5c81f7e8b99e5b4f8e128c0bdcba593beb74f4bc48fa297d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 17:44:44 GMT
server: cloudflare
etag: "62127e0c-d69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19e001f0-ZRH
content-length: 54941

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Melissa-Blair.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327cbd27cc42-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H2

200

Untitled-design-2022-02-20T095407.919.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-20T095407.919.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-20T095407.919.jpg

88 KB
88 KB

742ms
710ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-20T095407.919.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92159199ddeb3c960162872f5ec0ea8339bf630554217c0c04ec51699d968a50

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 14:54:22 GMT
server: cloudflare
etag: "6212561e-15ee1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19ec01f0-ZRH
content-length: 89825

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-20T095407.919.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327cbfb80204-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H2

200

Lizard-Lick-Towing.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Lizard-Lick-Towing.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Lizard-Lick-Towing.jpg

136 KB
137 KB

718ms
684ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Lizard-Lick-Towing.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71d70f31bb4f35941972b8a1b53d70112a16f8598c18dfbf2d8e25b144c339f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 19:49:33 GMT
server: cloudflare
etag: "62129b4d-22130"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19e501f0-ZRH
content-length: 139568

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Lizard-Lick-Towing.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327cbd29cc42-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H2

200

Untitled-design-2022-02-21T085117.459.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-21T085117.459.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-21T085117.459.jpg

87 KB
88 KB

740ms
722ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-21T085117.459.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a64062962a056b5d2a183fe3da7673ccf22315c1e014462818ea21a2c920660

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Mon, 21 Feb 2022 13:55:16 GMT
server: cloudflare
etag: "621399c4-15dfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19e701f0-ZRH
content-length: 89598

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Untitled-design-2022-02-21T085117.459.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327ccc9d23df-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H/1.1

200
OK

780190
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=0&cs_stripeid=121811
http://images-prod.powerinboxedge.com/v3/images/0/780190

31 KB
32 KB

58ms
19ms

Image
image/png

18.64.79.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/0/780190
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-75.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b47116d3866493a5957ff671abe1461845ac816f9e69a33a866b9cd4e16c5649

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 18:26:17 GMT
Via: 1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Sep 2021 19:12:16 GMT
Server: AmazonS3
Age: 1240
ETag: "b4d6be7cd744826a805659f280f44e43"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 31974
X-Amz-Cf-Id: r0PVONQFX08OGeSN_DkTtw9pGvXiaj1YijS40jW4-aDRJNs3Ym7qqg==

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:42 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/0/780190
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H2

200

rivera-and-son-times-square-II.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/rivera-and-son-times-square-II.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/rivera-and-son-times-square-II.jpg

133 KB
133 KB

701ms
685ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/rivera-and-son-times-square-II.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9615909746b4266d7bf008df7c842f2a21769c1cd977859d549a60fd7d34b2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 18:46:45 GMT
server: cloudflare
etag: "62128c95-21305"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19e901f0-ZRH
content-length: 135941

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/rivera-and-son-times-square-II.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327ced4dcc42-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H2

200

Eye.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Eye.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Eye.jpg

92 KB
92 KB

792ms
766ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Eye.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6267254cb38e590abeafef82b5e484999c940e88d95dad83a47310d1be9944c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 20:19:37 GMT
server: cloudflare
etag: "6212a259-16ed7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 7019327d19ea01f0-ZRH
content-length: 93911

Redirect headers

Date: Mon, 25 Apr 2022 18:38:42 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Eye.jpg
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 7019327cbb0a020d-ZRH
Expires: Mon, 25 Apr 2022 19:38:42 GMT

GET
H2

200

Gernon-Brown.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/Gernon-Brown.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/Gernon-Brown.jpg

61 KB
61 KB

707ms
706ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/Gernon-Brown.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5968e6ab89cc18b4377355d6adb9cf44670cb22ff01a0f2325a8441b73361c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:44 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 15:31:59 GMT
server: cloudflare
etag: "62125eef-f21e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 70193281aa7401f0-ZRH
content-length: 61982

Redirect headers

Location: https://www.westernjournal.com/wp-content/uploads/2022/02/Gernon-Brown.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

ottawa-police-for-feb.-20.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/ottawa-police-for-feb.-20.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/ottawa-police-for-feb.-20.jpg

145 KB
145 KB

289ms
289ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/ottawa-police-for-feb.-20.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c48a49896810784d256fbc101eecf720b0720aa50946058485b9ede766289607

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 18:11:18 GMT
server: cloudflare
etag: "62128446-243b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 70193281aa8e01f0-ZRH
content-length: 148401

Redirect headers

Location: https://www.westernjournal.com/wp-content/uploads/2022/02/ottawa-police-for-feb.-20.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

bunk-beds.jpg
www.westernjournal.com/wp-content/uploads/2022/02/
Redirect Chain

http://www.westernjournal.com/wp-content/uploads/2022/02/bunk-beds.jpg
https://www.westernjournal.com/wp-content/uploads/2022/02/bunk-beds.jpg

88 KB
88 KB

170ms
170ms

Image
image/jpeg

2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2022/02/bunk-beds.jpg

Requested by

Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22

Protocol

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fab88e51a0b93f4a67b84a20ce302074c5e0ad89bb48e03fcc6ae178be750da

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 18:38:43 GMT
cf-cache-status: MISS
last-modified: Sun, 20 Feb 2022 14:27:31 GMT
server: cloudflare
etag: "62124fd3-1600d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 70193281fb4501f0-ZRH
content-length: 90125

Redirect headers

Location: https://www.westernjournal.com/wp-content/uploads/2022/02/bunk-beds.jpg
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1

200
OK

757493
images-prod.powerinboxedge.com/v3/images/4529/
Redirect Chain

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=0&cs_stripeid=121813
http://images-prod.powerinboxedge.com/v3/images/4529/757493

49 KB
50 KB

34ms
33ms

Image
image/png

18.64.79.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/4529/757493
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-75.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09d9a4ca5f1a86ac69ad8ec23ffb3734b7832fa4037f1ec5dfcd7b57cec2578e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 18:22:44 GMT
Via: 1.1 21b1cb66a6f688e3b4ce88f7c515f844.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 19 Jul 2021 22:00:14 GMT
Server: AmazonS3
Age: 960
ETag: "e29de3e8d9cfd18d8e7588a421c9089b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 50222
X-Amz-Cf-Id: tblsTIRp7pu11t3VEkP8vVKBWwdcKACZyK3-W4iy7csDbs-Uu8ciKQ==

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:42 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/4529/757493
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

780167
images-prod.powerinboxedge.com/v3/images/4529/
Redirect Chain

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=1&cs_stripeid=121813
http://images-prod.powerinboxedge.com/v3/images/4529/780167

49 KB
49 KB

67ms
35ms

Image
image/png

18.64.79.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/4529/780167
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-75.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e1ff263bfe1c15e50642ccb8212fb7c80995bf96dcfdb8c93c0ca151a68033

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 18:24:10 GMT
Via: 1.1 21b1cb66a6f688e3b4ce88f7c515f844.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Sep 2021 19:04:15 GMT
Server: AmazonS3
Age: 874
ETag: "b83b7fa6b73d236f3a0e8847258eff69"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 49879
X-Amz-Cf-Id: 5QPCKLToQ8x4jH-K_MrzWxp7upnSF60bfpAIEtYx7DjkdnGCjhMp6A==

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:42 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/4529/780167
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

757492
images-prod.powerinboxedge.com/v3/images/4529/
Redirect Chain

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=2&cs_stripeid=121813
http://images-prod.powerinboxedge.com/v3/images/4529/757492

59 KB
60 KB

65ms
35ms

Image
image/png

18.64.79.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/4529/757492
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-75.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad01610e51a74ad5e77f667891ba6cd86c0e903d124ab376c34e659188b15290

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 18:22:44 GMT
Via: 1.1 89cfaf7130b791496ae5b9cd16f7eb0a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 19 Jul 2021 22:00:37 GMT
Server: AmazonS3
Age: 960
ETag: "5c8e6fd2ef4ab0567999cd57a64af98b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 60605
X-Amz-Cf-Id: QauQd9vuI2JvmFIFDaGjB8uB07-SNX_o4Rce_eSILpB7Y_la3VAEZQ==

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:42 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/4529/757492
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

757538
images-prod.powerinboxedge.com/v3/images/4529/
Redirect Chain

http://stripe.rs-1198-a.com/stripe/image?cs_email=Dhowie@ci.charlotte.nc.us&cs_sendid=565172&cs_esp=postup&cs_offset=3&cs_stripeid=121813
http://images-prod.powerinboxedge.com/v3/images/4529/757538

50 KB
50 KB

51ms
32ms

Image
image/png

18.64.79.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/4529/757538
Requested by: Host: click1.e.fireflyengage.com
URL: http://click1.e.fireflyengage.com/ViewMessage.do;jsessionid=667CF0B74EEB6A40288601BCE4FE2F22
Protocol: HTTP/1.1
Server: 18.64.79.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-75.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 13a72117b0be9b5730170a568dae369daeed23f18091f6f73b76f2895e91e712

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.e.fireflyengage.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 18:22:44 GMT
Via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 19 Jul 2021 22:00:24 GMT
Server: AmazonS3
Age: 960
ETag: "11a6b6ff111a9c1fa071f86f94f8f1dc"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: TXL50-P2
Accept-Ranges: bytes
Content-Length: 51068
X-Amz-Cf-Id: 02Skt3iu4o7AClv4Yq9uGVFl_KrFxRl2pc3rUvwHs6EcKTsuVu1KXw==

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 18:38:42 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/4529/757538
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| FB

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.e.fireflyengage.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: A361C09831AE3BA0496E6FCF50931E28

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bfc887.efeedbacktrk.com
branding.rs-1198-a.com
click1.e.fireflyengage.com
connect.facebook.net
email.network.exchange
images-prod.powerinboxedge.com
stripe.rs-1198-a.com
www.westernjournal.com
13.84.54.237
18.64.79.128
18.64.79.75
2606:4700:10::6816:274b
2606:4700:20::681a:71c
2a03:2880:f01c:216:face:b00c:0:3
74.214.203.11
96.46.128.252
01486ef5e5d6f2e2112c7bf1cafa03a9832cae7b53d1a48e5bb630f29be76caf
09d9a4ca5f1a86ac69ad8ec23ffb3734b7832fa4037f1ec5dfcd7b57cec2578e
114a94d6363058a453f91374a6a17b2b03e2317a426f8578422f7cfac884c06b
13a72117b0be9b5730170a568dae369daeed23f18091f6f73b76f2895e91e712
1a64062962a056b5d2a183fe3da7673ccf22315c1e014462818ea21a2c920660
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
331dc54029009d5c81f7e8b99e5b4f8e128c0bdcba593beb74f4bc48fa297d1a
3d92d98ab82e806853ee4fadcf316583b41f920d575033df8714e1d9a050b08c
424ee1f8823f9b5ec676e623d2b879ca61bd69f0c64e191557f27c4ff3b21602
5968e6ab89cc18b4377355d6adb9cf44670cb22ff01a0f2325a8441b73361c1d
5fab88e51a0b93f4a67b84a20ce302074c5e0ad89bb48e03fcc6ae178be750da
6267254cb38e590abeafef82b5e484999c940e88d95dad83a47310d1be9944c4
68884a60a24b183f50a2776d2937d674f0735aa81d0d672a151301d3927a1abb
6e820c61f142a5064bf701528547d33860b0a1d8c48e80bc53926d27c7a81b7f
71d70f31bb4f35941972b8a1b53d70112a16f8598c18dfbf2d8e25b144c339f0
92159199ddeb3c960162872f5ec0ea8339bf630554217c0c04ec51699d968a50
9615909746b4266d7bf008df7c842f2a21769c1cd977859d549a60fd7d34b2f5
97e1ff263bfe1c15e50642ccb8212fb7c80995bf96dcfdb8c93c0ca151a68033
ad01610e51a74ad5e77f667891ba6cd86c0e903d124ab376c34e659188b15290
b47116d3866493a5957ff671abe1461845ac816f9e69a33a866b9cd4e16c5649
c48a49896810784d256fbc101eecf720b0720aa50946058485b9ede766289607
c8c2a2162cc39a76e94ac99a5abd1f8f75e8b4383ab7b0601ff7cf1257608054
f675ed96e293ec4a558c29be7a9d9f9bf836cc6699688bdbad5bb376ab559f55

click1.e.fireflyengage.com Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

16 %HTTPS

38 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

2143 kBTransfer

2551 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

click1.e.fireflyengage.com Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

16 %
HTTPS

38 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

2143 kB
Transfer

2551 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions