campaign.r20.constantcontact.com Open in urlscan Pro
172.64.151.121  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request render Show response campaign.r20.constantcontact.com/	37 KB 7 KB	370ms 299ms	Document text/html	172.64.151.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Server 172.64.151.121 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93342eec9faf3922ea38716cfeef1e9aa143cb4c40f4fff6086ce6c004c8f3c2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 76352833e8c86967-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Tue, 01 Nov 2022 14:00:30 GMT Server cloudflare Server-Timing cf-q-config;dur=7.0000023697503e-06 Transfer-Encoding chunked
GET H2	200	S.gif imgssl.constantcontact.com/letters/images/sys/	98 B 393 B	115ms 50ms	Image image/webp	104.18.171.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/sys/S.gif Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.171.33 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c5dd64fc862a2dbfc1d6d443b8b52277bcb2edb970a1197519e9a59c317c56 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 14:00:30 GMT cf-cache-status HIT age 301555 cf-polished origFmt=gif, origSize=271 content-disposition inline; filename="S.webp" content-length 98 cf-bgj imgq:100,h2pri last-modified Thu, 05 May 2016 16:01:59 GMT server cloudflare vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 763528363d729a24-FRA expires Wed, 01 Nov 2023 14:00:30 GMT
GET H/1.1	200 OK	9a95738b-3f88-439f-9394-984fb1e9eeac.jpg files.constantcontact.com/06c60b48701/	50 KB 51 KB	112ms 25ms	Image image/jpeg	2600:9000:21f3:2800:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/9a95738b-3f88-439f-9394-984fb1e9eeac.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2800:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6521a664b98574691d21b6f85500a72fe71263eef8bbd54e0befccbbfe80b90 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 14:00:43 GMT x-amz-version-id xqVETqIX2A6BpRVN_02f3x515iykshwN Via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Age 86388 X-Cache Hit from cloudfront Content-Disposition filename=B2B_Cover_v5.jpg Connection keep-alive Content-Length 51181 Last-Modified Mon, 24 Oct 2022 21:15:39 GMT Server AmazonS3 ETag "96f9749ee3c3562c778e3193f2147845" Content-Type image/jpeg Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id PT_FBB_JtM2a64mIThtWLi7IQFT56CbYkOGQDZfMi4sCo3fkNacrIA==
GET H/1.1	200 OK	ff10125b-02f3-402b-b42c-fd5cbf068550.png files.constantcontact.com/06c60b48701/	89 KB 89 KB	592ms 498ms	Image image/png	2600:9000:21f3:2800:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/ff10125b-02f3-402b-b42c-fd5cbf068550.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2800:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a094fb88627edfe34316a43ff2bbdefb1ebd349c1b6dcf1e49bc81a23b876b4f Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Tue, 01 Nov 2022 14:00:31 GMT x-amz-version-id cdxvNgTD8f4cCffzhLHI0VHEAtqPO.Vu Via 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront) Last-Modified Mon, 17 Oct 2022 22:02:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA2-C2 ETag "4774ffdb15be9c042bea3fc291c67145" X-Cache Miss from cloudfront Content-Type image/png Content-Disposition filename=Untitled design _3_.png Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex, nofollow Content-Length 90852 X-Amz-Cf-Id 2OeeYyHJIKHGwmWzovmcLdKJtY2Ag1RFJjYV5Caz5f4zjRBnzzFmSA==
GET H2	200	spirit-full.png www.spiritaero.com/images/	13 KB 14 KB	235ms 74ms	Image image/png	2.16.186.209 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.spiritaero.com/images/spirit-full.png?v=1568350800 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c8d7fa7194be7bad49c34dac3212709d920d20b5beeeb8e35cf2ef2d6c7365d5 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers unused62 8096267 date Tue, 01 Nov 2022 14:00:30 GMT last-modified Fri, 10 Jul 2020 17:03:49 GMT server nginx etag "3544-5aa195329b90c" x-cache-nxaccel HIT content-type image/png cache-control max-age=72546 server-timing cdn-cache; desc=HIT, edge; dur=48 accept-ranges bytes content-length 13636 expires Wed, 02 Nov 2022 10:09:36 GMT
GET H2	200	deq-logo-2022.jpg www.deq.ok.gov/wp-content/uploads/deqmainresources/	10 KB 10 KB	915ms 500ms	Image image/jpeg	141.193.213.11 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.deq.ok.gov/wp-content/uploads/deqmainresources/deq-logo-2022.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash a62ed10d377515e05c3fe839cc389109223845100513834b694b14666c53beab Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 14:00:31 GMT cf-cache-status MISS last-modified Mon, 04 Apr 2022 11:46:45 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "624adaa5-2743" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aEhmEmsOWhFc%2BixQpvJ87o9%2Bv3FJR1Mt2MCZl%2FxWg5JgLoNsVPN4v%2ByKF6FvHq8WY9aLihIlgrb%2FeiM0V2LbQSZxidgTfo6vj1qoHjTUfvnhKUxnFK%2Fs6WqefI3QZBG"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 763528398dc990ba-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10051
GET H/1.1	200 OK	tzoo-logo-horiz-color.png tulsazoo.org/wp-content/themes/tzoo2017/img/	8 KB 8 KB	1052ms 129ms	Image image/png	67.43.9.100 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://tulsazoo.org/wp-content/themes/tzoo2017/img/tzoo-logo-horiz-color.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.43.9.100 Grandville, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache / Resource Hash 5d875cdf6f368eb96ef699f71167c37b989694b33ad503758e0425025c2d1fdb Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Tue, 01 Nov 2022 14:00:30 GMT Last-Modified Wed, 08 Nov 2017 20:54:18 GMT Server Apache Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 7780 Expires Thu, 01 Dec 2022 14:00:30 GMT
GET H2	200	slb_logo_rgb_svg.ashx www.slb.com/-/media/images/logo/	1 KB 2 KB	339ms 114ms	Image image/svg+xml	75.2.95.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.slb.com/-/media/images/logo/slb_logo_rgb_svg.ashx Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.95.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a105596a4cefbdd47.awsglobalaccelerator.com Software Microsoft-IIS/10.0 / Resource Hash 9db1684ff9634bca50528a6c89c50ea9422878dd853fefaf7a47ccba72c58cf0 Security Headers Name Value Content-Security-Policy default-src 'self' https: blob: data: 'unsafe-inline' 'unsafe-eval' script-src: https://ajax.googleapis.com https://analytics.kaltura.com https://api.peer5.com https://bat.bing.com https://cdnapisec.kaltura.com https://cookie-cdn.cookiepro.com https://maps.googleapis.com https://players.brightcove.net https://s7.addthis.com https://secure.perk0mean.com https://static.cloud.coveo.com https://tag.demandbase.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com object-src: https://fonts.gstatic.com connect-src: *.google-analytics.com *.analytics.google.com img-src: *.google-analytics.com *.analytics.google.com; Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 14:00:30 GMT content-security-policy default-src 'self' https: blob: data: 'unsafe-inline' 'unsafe-eval' script-src: https://ajax.googleapis.com https://analytics.kaltura.com https://api.peer5.com https://bat.bing.com https://cdnapisec.kaltura.com https://cookie-cdn.cookiepro.com https://maps.googleapis.com https://players.brightcove.net https://s7.addthis.com https://secure.perk0mean.com https://static.cloud.coveo.com https://tag.demandbase.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com object-src: https://fonts.gstatic.com connect-src: *.google-analytics.com *.analytics.google.com img-src: *.google-analytics.com *.analytics.google.com; x-content-type-options nosniff strict-transport-security max-age=15768000 content-disposition inline; filename="SLB_Logo_RGB_svg.svg" content-length 1336 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Mon, 17 Oct 2022 20:04:53 GMT server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control private, max-age=604800 accept-ranges bytes access-control-allow-headers odata-version, originalcorrelationid, content-type
GET H2	200	Met-Logo-Horizontal-2-rows-e1596826023550.png metrecycle.com/wp-content/uploads/2020/07/	26 KB 27 KB	548ms 189ms	Image image/png	66.147.242.199 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://metrecycle.com/wp-content/uploads/2020/07/Met-Logo-Horizontal-2-rows-e1596826023550.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.147.242.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box599.bluehost.com Software Apache / Resource Hash 052cff01ea6c76b0aa28c0f8a2f2d9fab0633dbcc6817f863dce56aa76f8e841 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 14:00:30 GMT x-nginx-cache WordPress last-modified Fri, 07 Aug 2020 18:47:03 GMT server Apache x-endurance-cache-level 2 content-type image/png cache-control max-age=10368000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 27124 expires max-age=A10368000, public
GET H/1.1	200 OK	b60e0450-b113-4c96-8cab-dc6365b82961.png files.constantcontact.com/06c60b48701/	129 KB 130 KB	74ms 28ms	Image image/png	2600:9000:21f3:2800:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/b60e0450-b113-4c96-8cab-dc6365b82961.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2800:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7d718bf36f9de3e22e38daf4d3a10c93e4a454276f4c1d678bcb315a19ae57f2 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 14:00:43 GMT x-amz-version-id UGjNXb9dZKt2Pl7nab6wIsKq0FBaXlTM Via 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Age 86388 X-Cache Hit from cloudfront Content-Disposition filename=S3C-1.png Connection keep-alive Content-Length 132026 Last-Modified Mon, 19 Sep 2022 16:48:08 GMT Server AmazonS3 ETag "04313dce6462658f59bcf5babb9caea7" Content-Type image/png Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id 23fkem0sFOBzeWHjoHpbksT3MlB0E3JNPtlzslI1Gku4w4Ir5k5Lmg==
GET H/1.1	200 OK	cd73f3dd-652c-456a-adad-fe107dc549f3.jpg files.constantcontact.com/06c60b48701/	37 KB 37 KB	29ms 28ms	Image image/jpeg	2600:9000:21f3:2800:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/cd73f3dd-652c-456a-adad-fe107dc549f3.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2800:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9c28c15d407e613b17bd7c20101cb7cceddeef7ee59c9ec09f29d95594d622ac Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 14:00:43 GMT x-amz-version-id NYKebsnKWzYcum2fFpQuEyijomtIQEjp Via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Age 86388 X-Cache Hit from cloudfront Content-Disposition filename=Thanks.jpg Connection keep-alive Content-Length 37556 Last-Modified Mon, 19 Sep 2022 18:45:12 GMT Server AmazonS3 ETag "07cf8f99f4662af8066d938c6b88db20" Content-Type image/jpeg Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id IdQpn9uSQGlLuR3kRm730ZQSMZFQjYg9KUMIqLvaOHV-cJIR-BwrAQ==
GET H/1.1	200 OK	42ec67e6-1c66-424a-86d6-a70b90ab89b3.png files.constantcontact.com/06c60b48701/	11 KB 12 KB	62ms 28ms	Image image/png	2600:9000:21f3:2800:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/42ec67e6-1c66-424a-86d6-a70b90ab89b3.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:2800:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1fcae6ecf9ebf5d1cf826a75de543188a76c6821b2f2c88197960198873563e2 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Mon, 31 Oct 2022 14:00:43 GMT x-amz-version-id yUqYR9QWBdKHTJQ1GutiNi7B3gRzDVlZ Via 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA2-C2 Age 86388 X-Cache Hit from cloudfront Content-Disposition filename=tsa badge 2.png Connection keep-alive Content-Length 11283 Last-Modified Fri, 16 Sep 2022 18:10:08 GMT Server AmazonS3 ETag "53fae5f032b0bfc60d91887fb8f51a77" Content-Type image/png Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id DqiL0h-pm8EGDgOgRjycVpMsI8j0SrsaoR5lO2GGxH1mrMPTDCxRNg==
GET H2	200	blue_orange.png imgssl.constantcontact.com/letters/images/templates_team/2020_rebrand/logo/stacked/	5 KB 6 KB	37ms 36ms	Image image/webp	104.18.171.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/templates_team/2020_rebrand/logo/stacked/blue_orange.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.171.33 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02ea3a673c476389be14d4422fc08c66a8d0e053bd3e2d99e718ce85292487d1 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 14:00:30 GMT cf-cache-status HIT age 508503 cf-polished origFmt=png, origSize=5974 content-disposition inline; filename="blue_orange.webp" content-length 5574 cf-bgj imgq:100,h2pri last-modified Mon, 15 Jun 2020 14:09:45 GMT server cloudflare vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 76352837f9a59a24-FRA expires Wed, 01 Nov 2023 14:00:30 GMT
GET H/1.1	200 OK	email-decode.min.js Show response campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	43ms 43ms	Script application/javascript	172.64.151.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Server 172.64.151.121 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Tue, 01 Nov 2022 14:00:30 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 26 Oct 2022 23:39:35 GMT Server cloudflare ETag W/"6359c537-4d7" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Frame-Options DENY Cache-Control max-age=172800, public Connection keep-alive CF-RAY 76352837e9bb6967-FRA Expires Thu, 03 Nov 2022 14:00:30 GMT
GET H2	200	vaafb692b2aea4879b33c060e79fe94621666317369993 Show response static.cloudflareinsights.com/beacon.min.js/	17 KB 6 KB	153ms 98ms	Script text/javascript	2606:4700::6810:3965 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Request headers Referer http://campaign.r20.constantcontact.com/ Origin http://campaign.r20.constantcontact.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Tue, 01 Nov 2022 14:00:30 GMT content-encoding gzip last-modified Fri, 21 Oct 2022 01:56:09 GMT server cloudflare etag W/2022.10.1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 763528384de49b22-FRA
POST H/1.1	204 No Content	rum Show response campaign.r20.constantcontact.com/cdn-cgi/	0 393 B	25ms 24ms	XHR text/plain	172.64.151.121 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 Protocol HTTP/1.1 Server 172.64.151.121 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type application/json Response headers Date Tue, 01 Nov 2022 14:00:31 GMT X-Content-Type-Options nosniff Server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin http://campaign.r20.constantcontact.com X-Frame-Options DENY access-control-allow-credentials true Connection keep-alive CF-RAY 7635283d8e016967-FRA

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| __cfBeacon

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			campaign.r20.constantcontact.com/	1969-12-31 23:59:59	Name: BIGipServerProdCampaign Value: !d0Mq17/SfbFfcL3ktzrR47jR+xRuVYCF5ArQxiQbpTC+rgUt312ch4Un9tbwnHRH8vEigl9+4FX/NtY=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaign.r20.constantcontact.com
files.constantcontact.com
imgssl.constantcontact.com
metrecycle.com
static.cloudflareinsights.com
tulsazoo.org
www.deq.ok.gov
www.slb.com
www.spiritaero.com
104.18.171.33
141.193.213.11
172.64.151.121
2.16.186.209
2600:9000:21f3:2800:5:905f:5740:93a1
2606:4700::6810:3965
66.147.242.199
67.43.9.100
75.2.95.61
02ea3a673c476389be14d4422fc08c66a8d0e053bd3e2d99e718ce85292487d1
052cff01ea6c76b0aa28c0f8a2f2d9fab0633dbcc6817f863dce56aa76f8e841
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1fcae6ecf9ebf5d1cf826a75de543188a76c6821b2f2c88197960198873563e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
5d875cdf6f368eb96ef699f71167c37b989694b33ad503758e0425025c2d1fdb
61c5dd64fc862a2dbfc1d6d443b8b52277bcb2edb970a1197519e9a59c317c56
7d718bf36f9de3e22e38daf4d3a10c93e4a454276f4c1d678bcb315a19ae57f2
93342eec9faf3922ea38716cfeef1e9aa143cb4c40f4fff6086ce6c004c8f3c2
9c28c15d407e613b17bd7c20101cb7cceddeef7ee59c9ec09f29d95594d622ac
9db1684ff9634bca50528a6c89c50ea9422878dd853fefaf7a47ccba72c58cf0
a094fb88627edfe34316a43ff2bbdefb1ebd349c1b6dcf1e49bc81a23b876b4f
a62ed10d377515e05c3fe839cc389109223845100513834b694b14666c53beab
c8d7fa7194be7bad49c34dac3212709d920d20b5beeeb8e35cf2ef2d6c7365d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6521a664b98574691d21b6f85500a72fe71263eef8bbd54e0befccbbfe80b90