campaign.r20.constantcontact.com Open in urlscan Pro
104.18.36.135  Public Scan

27 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request render Show response campaign.r20.constantcontact.com/	37 KB 7 KB	399ms 353ms	Document text/html	104.18.36.135 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Server 104.18.36.135 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a5df6e8305384ebb7e06ad7c03026009b8d1862a4dd31c518acfad673ddf026 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 761432b75a159bca-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Fri, 28 Oct 2022 14:00:30 GMT Server cloudflare Server-Timing cf-q-config;dur=7.9999999798019e-06 Transfer-Encoding chunked
GET H2	200	S.gif imgssl.constantcontact.com/letters/images/sys/	98 B 392 B	94ms 34ms	Image image/webp	104.18.170.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/sys/S.gif Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.170.33 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61c5dd64fc862a2dbfc1d6d443b8b52277bcb2edb970a1197519e9a59c317c56 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 14:00:31 GMT cf-cache-status HIT age 76364 cf-polished origFmt=gif, origSize=271 content-disposition inline; filename="S.webp" content-length 98 cf-bgj imgq:100,h2pri last-modified Thu, 05 May 2016 16:01:59 GMT server cloudflare vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 761432b9fd169960-FRA expires Sat, 28 Oct 2023 14:00:31 GMT
GET H/1.1	200 OK	9a95738b-3f88-439f-9394-984fb1e9eeac.jpg files.constantcontact.com/06c60b48701/	50 KB 51 KB	77ms 13ms	Image image/jpeg	2600:9000:2156:4200:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/9a95738b-3f88-439f-9394-984fb1e9eeac.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4200:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6521a664b98574691d21b6f85500a72fe71263eef8bbd54e0befccbbfe80b90 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id xqVETqIX2A6BpRVN_02f3x515iykshwN Date Fri, 28 Oct 2022 14:00:31 GMT Via 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 Age 4034 X-Cache Hit from cloudfront Content-Disposition filename=B2B_Cover_v5.jpg Connection keep-alive Content-Length 51181 Last-Modified Mon, 24 Oct 2022 21:15:39 GMT Server AmazonS3 ETag "96f9749ee3c3562c778e3193f2147845" Content-Type image/jpeg Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id Fr4fCimRAIwxbKzKCyEHz9EJzBttve2tTaTd3LkQjIomH3tV-cPbfw==
GET H/1.1	200 OK	ff10125b-02f3-402b-b42c-fd5cbf068550.png files.constantcontact.com/06c60b48701/	89 KB 89 KB	494ms 430ms	Image image/png	2600:9000:2156:4200:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/ff10125b-02f3-402b-b42c-fd5cbf068550.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4200:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a094fb88627edfe34316a43ff2bbdefb1ebd349c1b6dcf1e49bc81a23b876b4f Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id cdxvNgTD8f4cCffzhLHI0VHEAtqPO.Vu Date Fri, 28 Oct 2022 14:00:32 GMT Via 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront) Last-Modified Mon, 17 Oct 2022 22:02:14 GMT Server AmazonS3 X-Amz-Cf-Pop FRA50-C1 ETag "4774ffdb15be9c042bea3fc291c67145" X-Cache RefreshHit from cloudfront Content-Type image/png Content-Disposition filename=Untitled design _3_.png Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex, nofollow Content-Length 90852 X-Amz-Cf-Id ogRgB4Lp0bTWM6LeDWe1ajqPnn_yK6sBTRMCEbjhcNSKqN7GrSqHdw==
GET H2	200	spirit-full.png www.spiritaero.com/images/	13 KB 14 KB	122ms 29ms	Image image/png	2.16.186.209 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.spiritaero.com/images/spirit-full.png?v=1568350800 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.16.186.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-186-209.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c8d7fa7194be7bad49c34dac3212709d920d20b5beeeb8e35cf2ef2d6c7365d5 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers unused62 8096267 date Fri, 28 Oct 2022 14:00:31 GMT last-modified Fri, 10 Jul 2020 17:03:49 GMT server nginx etag "3544-5aa195329b90c" x-cache-nxaccel HIT content-type image/png cache-control max-age=79617 server-timing cdn-cache; desc=HIT, edge; dur=17 accept-ranges bytes content-length 13636 expires Sat, 29 Oct 2022 12:07:28 GMT
GET H2	200	deq-logo-2022.jpg www.deq.ok.gov/wp-content/uploads/deqmainresources/	9 KB 10 KB	663ms 74ms	Image image/jpeg	141.193.213.10 CLOUDFLARESPECTRU...
General Check archive.org Show headers Download Go to Show image Full URL https://www.deq.ok.gov/wp-content/uploads/deqmainresources/deq-logo-2022.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 921a6f0f331d2804da580e85ae03c10682208e0abf0bcbb79ba57ea31702051f Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 14:00:31 GMT cf-cache-status HIT age 161818 cf-polished origSize=10051, status=webp_bigger alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9556 cf-bgj imgq:100,h2pri last-modified Mon, 04 Apr 2022 11:46:45 GMT server cloudflare etag "624adaa5-2743" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 761432be4fe89951-FRA
GET H/1.1	200 OK	tzoo-logo-horiz-color.png tulsazoo.org/wp-content/themes/tzoo2017/img/	8 KB 8 KB	1061ms 117ms	Image image/png	67.43.9.100 LIQUIDWEB
General Check archive.org Show headers Download Go to Show image Full URL https://tulsazoo.org/wp-content/themes/tzoo2017/img/tzoo-logo-horiz-color.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.43.9.100 Grandville, United States, ASN32244 (LIQUIDWEB, US), Reverse DNS Software Apache / Resource Hash 5d875cdf6f368eb96ef699f71167c37b989694b33ad503758e0425025c2d1fdb Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Fri, 28 Oct 2022 14:00:31 GMT Last-Modified Wed, 08 Nov 2017 20:54:18 GMT Server Apache Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=100 Content-Length 7780 Expires Sun, 27 Nov 2022 14:00:31 GMT
GET H2	200	slb_logo_rgb_svg.ashx www.slb.com/-/media/images/logo/	1 KB 2 KB	329ms 101ms	Image image/svg+xml	75.2.95.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://www.slb.com/-/media/images/logo/slb_logo_rgb_svg.ashx Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.95.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a105596a4cefbdd47.awsglobalaccelerator.com Software Microsoft-IIS/10.0 / Resource Hash 9db1684ff9634bca50528a6c89c50ea9422878dd853fefaf7a47ccba72c58cf0 Security Headers Name Value Content-Security-Policy default-src 'self' https: blob: data: 'unsafe-inline' 'unsafe-eval' script-src: https://ajax.googleapis.com https://analytics.kaltura.com https://api.peer5.com https://bat.bing.com https://cdnapisec.kaltura.com https://cookie-cdn.cookiepro.com https://maps.googleapis.com https://players.brightcove.net https://s7.addthis.com https://secure.perk0mean.com https://static.cloud.coveo.com https://tag.demandbase.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com object-src: https://fonts.gstatic.com connect-src: *.google-analytics.com *.analytics.google.com img-src: *.google-analytics.com *.analytics.google.com; Strict-Transport-Security max-age=15768000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 14:00:31 GMT content-security-policy default-src 'self' https: blob: data: 'unsafe-inline' 'unsafe-eval' script-src: https://ajax.googleapis.com https://analytics.kaltura.com https://api.peer5.com https://bat.bing.com https://cdnapisec.kaltura.com https://cookie-cdn.cookiepro.com https://maps.googleapis.com https://players.brightcove.net https://s7.addthis.com https://secure.perk0mean.com https://static.cloud.coveo.com https://tag.demandbase.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.gstatic.com object-src: https://fonts.gstatic.com connect-src: *.google-analytics.com *.analytics.google.com img-src: *.google-analytics.com *.analytics.google.com; x-content-type-options nosniff strict-transport-security max-age=15768000 content-disposition inline; filename="SLB_Logo_RGB_svg.svg" content-length 1336 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Mon, 17 Oct 2022 20:04:53 GMT server Microsoft-IIS/10.0 x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * cache-control private, max-age=604800 accept-ranges bytes access-control-allow-headers odata-version, originalcorrelationid, content-type
GET H2	200	Met-Logo-Horizontal-2-rows-e1596826023550.png metrecycle.com/wp-content/uploads/2020/07/	26 KB 27 KB	467ms 152ms	Image image/png	66.147.242.199 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://metrecycle.com/wp-content/uploads/2020/07/Met-Logo-Horizontal-2-rows-e1596826023550.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 66.147.242.199 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS box599.bluehost.com Software Apache / Resource Hash 052cff01ea6c76b0aa28c0f8a2f2d9fab0633dbcc6817f863dce56aa76f8e841 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 14:00:31 GMT x-nginx-cache WordPress last-modified Fri, 07 Aug 2020 18:47:03 GMT server Apache x-endurance-cache-level 2 content-type image/png cache-control max-age=10368000 accept-ranges bytes host-header c2hhcmVkLmJsdWVob3N0LmNvbQ== content-length 27124 expires max-age=A10368000, public
GET H/1.1	200 OK	b60e0450-b113-4c96-8cab-dc6365b82961.png files.constantcontact.com/06c60b48701/	129 KB 130 KB	409ms 406ms	Image image/png	2600:9000:2156:4200:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/b60e0450-b113-4c96-8cab-dc6365b82961.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4200:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7d718bf36f9de3e22e38daf4d3a10c93e4a454276f4c1d678bcb315a19ae57f2 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id UGjNXb9dZKt2Pl7nab6wIsKq0FBaXlTM Date Fri, 28 Oct 2022 14:00:32 GMT Via 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront) Last-Modified Mon, 19 Sep 2022 16:48:08 GMT Server AmazonS3 X-Amz-Cf-Pop FRA50-C1 ETag "04313dce6462658f59bcf5babb9caea7" X-Cache RefreshHit from cloudfront Content-Type image/png Content-Disposition filename=S3C-1.png Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex, nofollow Content-Length 132026 X-Amz-Cf-Id WaPXVr6qtOdu0Zu4F-R9kG10wg7L5NPBiuX0uAytt4pWfLnDlpf9RA==
GET H/1.1	200 OK	cd73f3dd-652c-456a-adad-fe107dc549f3.jpg files.constantcontact.com/06c60b48701/	37 KB 37 KB	112ms 112ms	Image image/jpeg	2600:9000:2156:4200:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/cd73f3dd-652c-456a-adad-fe107dc549f3.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4200:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9c28c15d407e613b17bd7c20101cb7cceddeef7ee59c9ec09f29d95594d622ac Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers x-amz-version-id NYKebsnKWzYcum2fFpQuEyijomtIQEjp Date Fri, 28 Oct 2022 14:00:32 GMT Via 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront) Last-Modified Mon, 19 Sep 2022 18:45:12 GMT Server AmazonS3 X-Amz-Cf-Pop FRA50-C1 ETag "07cf8f99f4662af8066d938c6b88db20" X-Cache RefreshHit from cloudfront Content-Type image/jpeg Content-Disposition filename=Thanks.jpg Connection keep-alive Accept-Ranges bytes X-Robots-Tag noindex, nofollow Content-Length 37556 X-Amz-Cf-Id ---aKy5B94lVNBPEKD7OjY5eHJs5mjwEYWR5ID_r8UyRdiSTJ7lZWQ==
GET H/1.1	200 OK	42ec67e6-1c66-424a-86d6-a70b90ab89b3.png files.constantcontact.com/06c60b48701/	11 KB 12 KB	27ms 12ms	Image image/png	2600:9000:2156:4200:5:905f:5740:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://files.constantcontact.com/06c60b48701/42ec67e6-1c66-424a-86d6-a70b90ab89b3.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:4200:5:905f:5740:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1fcae6ecf9ebf5d1cf826a75de543188a76c6821b2f2c88197960198873563e2 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Thu, 27 Oct 2022 14:00:39 GMT x-amz-version-id yUqYR9QWBdKHTJQ1GutiNi7B3gRzDVlZ Via 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA50-C1 Age 86393 X-Cache Hit from cloudfront Content-Disposition filename=tsa badge 2.png Connection keep-alive Content-Length 11283 Last-Modified Fri, 16 Sep 2022 18:10:08 GMT Server AmazonS3 ETag "53fae5f032b0bfc60d91887fb8f51a77" Content-Type image/png Accept-Ranges bytes X-Robots-Tag noindex, nofollow X-Amz-Cf-Id nAQhQF7pWsRK-X-lovyiEbvnSsz--4vp2fbrpL_2RgpLshy91kWDow==
GET H2	200	blue_orange.png imgssl.constantcontact.com/letters/images/templates_team/2020_rebrand/logo/stacked/	5 KB 6 KB	25ms 24ms	Image image/webp	104.18.170.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/templates_team/2020_rebrand/logo/stacked/blue_orange.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.170.33 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02ea3a673c476389be14d4422fc08c66a8d0e053bd3e2d99e718ce85292487d1 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 14:00:31 GMT cf-cache-status HIT age 162904 cf-polished origFmt=png, origSize=5974 content-disposition inline; filename="blue_orange.webp" content-length 5574 cf-bgj imgq:100,h2pri last-modified Mon, 15 Jun 2020 14:09:45 GMT server cloudflare vary Accept content-type image/webp access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-robots-tag noindex cf-ray 761432bbb99d9960-FRA expires Sat, 28 Oct 2023 14:00:31 GMT
GET H/1.1	200 OK	email-decode.min.js Show response campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	11ms 11ms	Script application/javascript	104.18.36.135 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol HTTP/1.1 Server 104.18.36.135 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers Date Fri, 28 Oct 2022 14:00:31 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 26 Oct 2022 23:39:35 GMT Server cloudflare ETag W/"6359c537-4d7" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript X-Frame-Options DENY Cache-Control max-age=172800, public Connection keep-alive CF-RAY 761432bbbeec9bca-FRA Expires Sun, 30 Oct 2022 14:00:31 GMT
GET H2	200	vaafb692b2aea4879b33c060e79fe94621666317369993 Show response static.cloudflareinsights.com/beacon.min.js/	17 KB 6 KB	105ms 73ms	Script text/javascript	2606:4700::6810:3865 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3 Request headers Referer http://campaign.r20.constantcontact.com/ Origin http://campaign.r20.constantcontact.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 Response headers date Fri, 28 Oct 2022 14:00:31 GMT content-encoding gzip last-modified Fri, 21 Oct 2022 01:56:09 GMT server cloudflare etag W/2022.10.1 vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 761432bbff3e9a23-FRA
POST H/1.1	204 No Content	rum Show response campaign.r20.constantcontact.com/cdn-cgi/	0 393 B	23ms 22ms	XHR text/plain	104.18.36.135 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 Protocol HTTP/1.1 Server 104.18.36.135 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://campaign.r20.constantcontact.com/render?ca=8fca72b8-6210-47ba-b047-7e3369a2f99f&m=1131802553440 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36 content-type application/json Response headers Date Fri, 28 Oct 2022 14:00:32 GMT X-Content-Type-Options nosniff Server cloudflare vary Origin access-control-max-age 86400 access-control-allow-methods POST,OPTIONS access-control-allow-origin http://campaign.r20.constantcontact.com X-Frame-Options DENY access-control-allow-credentials true Connection keep-alive CF-RAY 761432c14eb99bca-FRA

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| __cfBeacon

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			campaign.r20.constantcontact.com/	1969-12-31 23:59:59	Name: BIGipServerProdCampaign Value: !HCFv4DVYxIi3j+DktzrR47jR+xRuVVLLEzEW1WZoUymXhBNQmrQZT0uARkGG7jP7eIB803tS2XMnfyk=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaign.r20.constantcontact.com
files.constantcontact.com
imgssl.constantcontact.com
metrecycle.com
static.cloudflareinsights.com
tulsazoo.org
www.deq.ok.gov
www.slb.com
www.spiritaero.com
104.18.170.33
104.18.36.135
141.193.213.10
2.16.186.209
2600:9000:2156:4200:5:905f:5740:93a1
2606:4700::6810:3865
66.147.242.199
67.43.9.100
75.2.95.61
02ea3a673c476389be14d4422fc08c66a8d0e053bd3e2d99e718ce85292487d1
052cff01ea6c76b0aa28c0f8a2f2d9fab0633dbcc6817f863dce56aa76f8e841
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
1fcae6ecf9ebf5d1cf826a75de543188a76c6821b2f2c88197960198873563e2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
5d875cdf6f368eb96ef699f71167c37b989694b33ad503758e0425025c2d1fdb
61c5dd64fc862a2dbfc1d6d443b8b52277bcb2edb970a1197519e9a59c317c56
7d718bf36f9de3e22e38daf4d3a10c93e4a454276f4c1d678bcb315a19ae57f2
8a5df6e8305384ebb7e06ad7c03026009b8d1862a4dd31c518acfad673ddf026
921a6f0f331d2804da580e85ae03c10682208e0abf0bcbb79ba57ea31702051f
9c28c15d407e613b17bd7c20101cb7cceddeef7ee59c9ec09f29d95594d622ac
9db1684ff9634bca50528a6c89c50ea9422878dd853fefaf7a47ccba72c58cf0
a094fb88627edfe34316a43ff2bbdefb1ebd349c1b6dcf1e49bc81a23b876b4f
c8d7fa7194be7bad49c34dac3212709d920d20b5beeeb8e35cf2ef2d6c7365d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6521a664b98574691d21b6f85500a72fe71263eef8bbd54e0befccbbfe80b90