mailz.leafybranch.com Open in urlscan Pro
2600:3c00::f03c:93ff:fe39:3408 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Effective URL:
https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Submission: On February 08 via api (February 8th 2024, 10:06:38 pm UTC) from US — Scanned from US

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 34 HTTP transactions. The main IP is 2600:3c00::f03c:93ff:fe39:3408, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is mailz.leafybranch.com.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.

This is the only time mailz.leafybranch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	2600:3c00::f0... 2600:3c00::f03c:93ff:fe39:3408	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
7	2606:4700:303... 2606:4700:3030::6815:2278	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15 15	20.225.97.235 20.225.97.235	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
13	13.225.63.59 13.225.63.59	16509 (AMAZON-02) (AMAZON-02)
2	13.225.214.43 13.225.214.43	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
34	7

3 2600:3c00::f03c:93ff:fe39:3408 (Richardson, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

mailz.leafybranch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3030::6815:2278 (United States)

ASN13335 (CLOUDFLARENET, US)

freedomheadlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 20.225.97.235 (San Antonio, United States) 15 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.freedomheadlines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.225.63.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-59.ewr53.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-43.ewr50.r.cloudfront.net

branding.revenuestripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	freedomheadlines.com 15 redirects freedomheadlines.com rs-stripe.freedomheadlines.com	519 KB
13	powerinboxedge.com images-prod.powerinboxedge.com — Cisco Umbrella Rank: 26049	391 KB
3	leafybranch.com 1 redirects mailz.leafybranch.com	7 KB
2	gstatic.com fonts.gstatic.com	56 KB
2	revenuestripe.com branding.revenuestripe.com — Cisco Umbrella Rank: 49198	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
0	Failed function sub() { [native code] }. Failed
34	7

	Domain	Requested by
15	rs-stripe.freedomheadlines.com	15 redirects
13	images-prod.powerinboxedge.com	mailz.leafybranch.com
7	freedomheadlines.com	mailz.leafybranch.com
3	mailz.leafybranch.com	1 redirects mailz.leafybranch.com
2	fonts.gstatic.com	fonts.googleapis.com
2	branding.revenuestripe.com	mailz.leafybranch.com
1	fonts.googleapis.com	mailz.leafybranch.com
0	eppiocemhmnlbhjplcgkofciiegomcon Failed	mailz.leafybranch.com
34	8

This site contains no links.

Subject Issuer	Validity	Valid
mailz.leafybranch.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
freedomheadlines.com GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Frame ID: 2794C8AD9C5D8E61341DBA97BC7356B0
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Is Snoop Dogg’s ‘Nothing but Love and Respect’ for Trump Genuine or Just for Show?

Page URL History Show full URLs

http://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad HTTP 301
https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

34
Requests

35 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

976 kB
Transfer

1020 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad HTTP 301
https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125095&cs_sendid=1706690392&cs_offset=0&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/962473

Request Chain 4

https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png HTTP 301
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png

Request Chain 8

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=0&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/961978

Request Chain 9

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=1&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/963500

Request Chain 10

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=2&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/961657

Request Chain 11

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=3&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/953654

Request Chain 15

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=0&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/962142

Request Chain 16

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=1&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/960713

Request Chain 17

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=2&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/945667

Request Chain 18

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=3&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/963581

Request Chain 19

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=4&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/962250

Request Chain 20

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=5&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/957641

Request Chain 21

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=6&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/961447

Request Chain 22

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=7&cs_esp=amazonses HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8661/952900

Request Chain 30

https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png HTTP 301
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request nz083qv24r3ad Show response
mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/
Redirect Chain

http://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

56 KB
6 KB

312ms
172ms

Document
text/html

2600:3c00::f03c:93ff:fe39:3408
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

Apache/2.4.56 (Debian) /

Resource Hash

a616810a049461920c5ab77b7d361794714132ad89e4425c8bc1a0c7afac77b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6037
Content-Type: text/html; charset=UTF-8
Date: Thu, 08 Feb 2024 22:06:31 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Referrer-Policy: no-referrer
Server: Apache/2.4.56 (Debian)
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Robots-Tag: noindex
X-XSS-Protection: 1; mode=block

Redirect headers

Connection: Keep-Alive
Content-Length: 297
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 08 Feb 2024 22:06:31 GMT
Keep-Alive: timeout=5, max=100
Location: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Server: Apache/2.4.56 (Debian)

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 219ms
81ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59c3c9963b7c256d794e29b1ed359ddcfe4cd0a52639fe5d0c0c1c08547c640f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Feb 2024 22:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 22:06:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Feb 2024 22:06:32 GMT

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET
H2 200 FH-2021-sized-1.jpg
freedomheadlines.com/wp-content/uploads/2021/01/ 28 KB
29 KB 166ms
45ms Image
image/jpeg 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2021/01/FH-2021-sized-1.jpg

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6098117
alt-svc: h3=":443"; ma=86400
content-length: 28587
x-xss-protection: 1; mode=block
last-modified: Fri, 21 Oct 2022 01:55:25 GMT
server: cloudflare
etag: "6351fc0d-6fab"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQl7JeIj%2FTLN8ibKysTd83wpzVJeU7NVVNh0pRzuK4XeSF5024q1%2FA4HFaLYutzeC3MPdwD%2Bls%2FsC3Up%2FvjwFpNes5mWizryTe79UeZsTe8B49nc7qUUYm2W%2FsLNdE2%2B93uHgAgr7Z3J2cv%2FFYQC7jWMbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2b6fa87425-MIA
expires: Tue, 12 Nov 2024 11:19:06 GMT

GET
H2

200

962473
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125095&cs_sendid=1706690392&cs_offset=0&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/0/962473

58 KB
58 KB

228ms
71ms

Image
image/jpeg

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/962473
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c92d6bfedb5ad29be7760d11cac564c60ee61e44f57f348c3f5444691a08e3c5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 21:27:15 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Mon, 22 Jan 2024 19:34:52 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 2358
x-amz-server-side-encryption: AES256
etag: "3ff8cc057f2312f185d9281211e11e9d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 58980
x-amz-cf-id: g7lswHM8xmdDqZIo9Xo4F5NDC7A6R7GuEGjs49Z5DVA4NSiSu-tC5w==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/962473
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

powerinbox-rec-reg.png
branding.revenuestripe.com/recommend/
Redirect Chain

https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png

2 KB
2 KB

222ms
62ms

Image
image/png

13.225.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-43.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:53:45 GMT
via: 1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jan 2022 22:16:11 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
age: 2351568
etag: "466795436b37f96c671ae07757810750"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1707
x-amz-cf-id: X6NVzW0mAxR6rlYMW1qpDTonvAvx48gVtsgVz7XKNL-mis0uHoMmcw==

Redirect headers

location: https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
access-control-expose-headers: Request-Context
cache-control: private
date: Thu, 08 Feb 2024 22:06:31 GMT
request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length: 184
content-type: text/html; charset=utf-8

GET
H2 200 Screenshot-88-1-300x175.png
freedomheadlines.com/wp-content/uploads/2024/01/ 45 KB
45 KB 107ms
105ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/01/Screenshot-88-1-300x175.png

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d3cf1ec16e639ca9267bbdd7ea739f3fc73c6a6309ef8eabb8a1f3cabd7e167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 45656
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Jan 2024 18:28:02 GMT
server: cloudflare
etag: "65b93fb2-b258"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fx8OtxJZeyTPSlTd%2Bi75SbL4UjBNG8u0YI%2FQfGfK7oXxB2dR0XoydWAkZ6fTAUad7KgaUYmqaK1ZDrgl0LFQEpqOXq0zGV9Nc0n6MOik3hsH0hOrI9eUcSZYnMvLRFVWmQAhGLtNj1UOek4fsOhw1YBOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2bb8567425-MIA
expires: Thu, 30 Jan 2025 08:38:44 GMT

GET
H2 200 Screenshot-101-1-300x175.png
freedomheadlines.com/wp-content/uploads/2024/01/ 85 KB
86 KB 127ms
112ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/01/Screenshot-101-1-300x175.png

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892f19ac18106a8df00de297106c9a1ac3e5c06bb9aa210ae291af4891fc0d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 87345
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 08:36:34 GMT
server: cloudflare
etag: "65ba0692-15531"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQUiJzCrXlIjmoS5iu5kFgM2qZm2%2B%2FxQZbskqov3oEPvC2D4tAV8KUicYTR9%2BbByV0%2FSyKWS8HMmwniAy6E1lJW%2B2F1k37PEfiCakwPrQe7vaLI%2BiVNQ%2Bfg5hncwjTghIfrDMhfKqEn1ep%2FM1BJjEcXSNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2c29467425-MIA
expires: Thu, 30 Jan 2025 08:38:44 GMT

GET
H2 200 Screenshot-92-300x175.png
freedomheadlines.com/wp-content/uploads/2024/01/ 109 KB
109 KB 62ms
48ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/01/Screenshot-92-300x175.png

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

968049b239f4165adbbc3efd22dac77765e00e264f3bcb0c470da44cc833e475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 792215
alt-svc: h3=":443"; ma=86400
content-length: 111297
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jan 2024 17:31:12 GMT
server: cloudflare
etag: "65b7e0e0-1b2c1"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXt1gLcFMz7twy%2Fch6Y9KFBfhRyEy6gyMp9xML6pwh5RtXLVD0fauOhbVZvdTNmdbgOVuRoV5zrOU%2F4hj%2Bksl%2B5dIyJFfYnUbKwpEpR2OWLQM%2B6RdKzdC4fWCvLfoNGzZYxOrDG%2B6DEbi3b5%2FBtQ%2FGVHRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2c29487425-MIA
expires: Wed, 29 Jan 2025 08:34:00 GMT

GET
H2

200

961978
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=0&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/961978

26 KB
26 KB

305ms
142ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/961978
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ad1609fda71e5933b43bcd78f01cdf0ca1c8ee4c8e2f2be5ea35e464873d4063

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:58:23 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 19:54:42 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 29290
x-amz-server-side-encryption: AES256
etag: "1474766d2f12b266d3843b9b8bf8d30b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 26353
x-amz-cf-id: I7zohx3-r0Qtc1tdJ--oXPCfgnw59YSiIOU7leS9D1omC1yEoXqM1w==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/961978
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

963500
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=1&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/963500

27 KB
28 KB

366ms
202ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/963500
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 570378d248cee46920262de6384df4ad3873b4dfc43b7ea28385a41e0954bb9c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:31:30 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 11:45:56 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 30903
etag: "1ffc23f3310380c63cf9715206ef72bd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 28049
x-amz-cf-id: xRDYtU3aetcxtcfPZ2a1fp-Pg44Omia8Lqa-Ln9AWqPlD8EN7SoGzQ==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/963500
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

961657
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=2&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/961657

27 KB
28 KB

353ms
196ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/961657
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb4d22456f5e3289f3b290658fbd33cfd4393ca436661ff5eaac0de97ce08b42

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 16:54:53 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 11:14:39 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 18700
x-amz-server-side-encryption: AES256
etag: "e001b9f56a7c9bdf6305b7952cc921f2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 28062
x-amz-cf-id: 698FmEWBgY8v0zuaK2FRwWEZx6EUHpoqd8UVTfidH8F0EV6mz9QqLw==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/961657
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

953654
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125096&cs_sendid=1706690392&cs_offset=3&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/953654

33 KB
33 KB

342ms
178ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/953654
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f42475de1eb90522d5284050df0c50c8219b8e12cd06fe752b7089ea5e21714f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:08:37 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 19:15:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 71876
x-amz-server-side-encryption: AES256
etag: "4bdeffcad62b26367f5e89591c60f596"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 33529
x-amz-cf-id: _aqI9PRreAMcIZI1sXlQE8I6pCuPGgBUBkL0Hi9AAedrImjNfpKy5g==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/953654
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2 200 Untitled-38-300x175.png
freedomheadlines.com/wp-content/uploads/2024/01/ 84 KB
84 KB 125ms
113ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/01/Untitled-38-300x175.png

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ba95ab183708712eea8fe4b082214c5c33b6b389542231e8996c81586be6c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 85709
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jan 2024 18:21:25 GMT
server: cloudflare
etag: "65b7eca5-14ecd"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlEmVmX2n09qmnr4DE4cx950rffZu%2BbRP%2B6LgYGQ4%2FHXWUBvLnEn5gQRE%2F7SyoXv3pEdncmH8AyNqjXqEVnuMm5NH5qfiBPZRQOEyw%2FIB30GX4ce0E3HkPLmH9pN0RlSk4pEJWD53cVKBw0yfMO31eFasg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2c294a7425-MIA
expires: Wed, 29 Jan 2025 08:34:00 GMT

GET
H2 200 Screenshot-96-1-300x175.png
freedomheadlines.com/wp-content/uploads/2024/01/ 80 KB
81 KB 81ms
70ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/01/Screenshot-96-1-300x175.png

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

452ab066e2d9caf1d35d24f72d7935f0263bcd6784868a8fe4cf8e14de555af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 492748
alt-svc: h3=":443"; ma=86400
content-length: 82085
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jan 2024 20:16:32 GMT
server: cloudflare
etag: "65b807a0-140a5"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1jd2rfkbJDwNBLxnGqZ4O3wIFDZMmyMreK5oHL4zsvZen5oypXopxEJ6DTPXDJma9OJdsunHGNH8iPu3lRAk4BZjGFSGiLfUkRYDOFa8q5RAbvOPxW2a7ivH1aKf4kIhl00nUZoMvZwD5pd8%2F9bV4IUAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2c294d7425-MIA
expires: Wed, 29 Jan 2025 08:26:16 GMT

GET
H2 200 Untitled-design-8-300x175.png
freedomheadlines.com/wp-content/uploads/2024/01/ 84 KB
84 KB 78ms
71ms Image
image/png 2606:4700:3030::6815:2278
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomheadlines.com/wp-content/uploads/2024/01/Untitled-design-8-300x175.png

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50ed4af28741d446514a0c5bdc5e20800bdf398f279873576bb068f88f88492

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 22:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 822804
alt-svc: h3=":443"; ma=86400
content-length: 85884
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jan 2024 17:23:52 GMT
server: cloudflare
etag: "65b7df28-14f7c"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gP9qrkfHfIOXdZQ25LB4978iIWCoYyQza1w%2Fkgv8P1YHAhoVzklleZMtlpVy8d2Et0UYXojGCFPJoYTPytZ57G22WvqG8fpM89puf%2FldyKgcn1J6N1YwZZ%2BdoOjdoWGyp%2FAHo%2F5iCIlXtRqlfyQxVdPPFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 85272e2c29507425-MIA
expires: Wed, 29 Jan 2025 08:26:16 GMT

GET
H2

200

962142
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=0&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/962142

33 KB
33 KB

313ms
254ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/962142
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d361c6185475fb6fc8503a1eb621ce37356b945bf7dcce16dc3a2dba7857e3dd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:38:09 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2024 15:25:04 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 26904
etag: "6e7a64c0c8f6f26dd9b86678e0327559"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 33659
x-amz-cf-id: 9MSMuusbWGEBfFP2Fgd32iCk6G7qBZ0lava_78Gco7mIkva6PHj30w==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/962142
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

960713
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=1&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/960713

26 KB
26 KB

314ms
254ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/960713
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: adb0e91756e5566e2bd9fe569570c8f68eaaeb6a6f9a363de645f0edb25b03a9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 13:38:34 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Fri, 05 Jan 2024 18:54:05 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 30479
etag: "eab833eadcf8bdd66a540ed4828544fb"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 26611
x-amz-cf-id: mIhxODcRaBl_ztLarhArlXs2-0L85jbj15Csw2_sBOZC9Y8gx-qmyQ==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/960713
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

945667
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=2&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/945667

24 KB
25 KB

283ms
225ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/945667
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8163c16e8af3d227f6bcd2ffc0a6b6d2eb276180914a0cbb8a9b5abbc32015d7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 01:57:39 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 17:23:32 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 72534
x-amz-server-side-encryption: AES256
etag: "f91a536f05e8cbd23cbb5b5d1fd415d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24787
x-amz-cf-id: 8glGdTFvi4Awm1_7KweadgAbU1GBEOVQRds8hRAg8_5dg7MOfifn3A==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/945667
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

963581
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=3&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/963581

27 KB
28 KB

320ms
260ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/963581
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d1562e68f4195dfa4435eb885efb0ee79ee869eb603f118d6c8fe88f0114ff6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:36:50 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Fri, 02 Feb 2024 21:45:48 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 26983
etag: "119a16370e059914ab282b7916567b96"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 27802
x-amz-cf-id: clw6W1QlNPC1bnRvwPeX8NszqCPpf7cUKjQqi3rzFEN2qN5JuaHtBQ==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/963581
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

962250
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=4&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/962250

24 KB
24 KB

324ms
264ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/962250
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 339ac64f0a0ac0b565292d6c4705310a9356dd6dd9d74bda14a97c5fcea94299

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 19:13:48 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2024 22:25:12 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 10365
x-amz-server-side-encryption: AES256
etag: "464469b9c1df5812dacdc47f523d1ca7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24584
x-amz-cf-id: OSmHQPxx-x35vqwDbPe_YDJStOzlFz9dRWzM0eIwtfzEsT47MuMhoQ==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/962250
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

957641
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=5&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/957641

30 KB
31 KB

269ms
211ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/957641
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8029c9d5854972c6b678d0d09d800350155d41e435b237904dadbef31a9333ad

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:38:13 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Wed, 06 Dec 2023 16:01:51 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 26900
etag: "d612de2fe007548f8ddf38f5d3bfef63"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 31184
x-amz-cf-id: cdmrs6AccRHoZxjVhPZPIJx7MVMB1AGoC1HAT8Se0AtAp4LkFdtp3g==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/957641
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

961447
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=6&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/961447

23 KB
23 KB

319ms
259ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/961447
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a20b853666dd5888da3101b8f70934c4e9c0ab6ab55c78deec74e4cbab90b148

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 14:37:02 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Thu, 18 Jan 2024 11:34:45 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 26971
x-amz-server-side-encryption: AES256
etag: "4c19771d0375784d665eb718e8c83a18"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 23659
x-amz-cf-id: wX6VTBdD3lpgvANO6XPRq_xmmbwymEAsDHxSyfFcr9oikHrRl_E-IA==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/961447
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

952900
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain

https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=dbrooks@criswell.edu&cs_stripeid=125097&cs_sendid=1706690392&cs_offset=7&cs_esp=amazonses
https://images-prod.powerinboxedge.com/v3/images/8661/952900

27 KB
27 KB

292ms
234ms

Image
image/png

13.225.63.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8661/952900
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-59.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d90a6a36289250281f2ec38640b6cd7f1ad1b1fa5d717602bd5ab9459fdaeed

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 02:38:43 GMT
via: 1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
last-modified: Mon, 06 Nov 2023 20:40:58 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C1
age: 70070
x-amz-server-side-encryption: AES256
etag: "4335692defd0204c797aea1d81779994"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 27562
x-amz-cf-id: GM8IbyV7rTrjeiZXBTw_wp-1Gx5IQoUES-4QCe-qurbOvHqmIRrO8A==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Thu, 08 Feb 2024 22:06:31 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8661/952900
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H/1.1 200
OK nz083qv24r3ad
mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/track-opening/ 0
595 B 111ms
108ms Image
application/json 2600:3c00::f03c:93ff:fe39:3408
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/track-opening/nz083qv24r3ad

Requested by

Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

Software

Apache/2.4.56 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 08 Feb 2024 22:06:32 GMT
X-Content-Type-Options: nosniff
P3P: CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection: Keep-Alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: no-referrer
Last-Modified: Thu, 08 Feb 2024 22:06:32 GMT
Server: Apache/2.4.56 (Debian)
X-Frame-Options: deny
Content-Type: application/json
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=99
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET vi-tr.js
eppiocemhmnlbhjplcgkofciiegomcon/executers/ 0
0

GET
H2

200

powerinbox-rec-reg.png
branding.revenuestripe.com/recommend/
Redirect Chain

https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png

2 KB
2 KB

223ms
62ms

Image
image/png

13.225.214.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Requested by: Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/cd510ea61c89b/web-version/nz083qv24r3ad
Protocol: H2
Server: 13.225.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-43.ewr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:53:45 GMT
via: 1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jan 2022 22:16:11 GMT
server: AmazonS3
x-amz-cf-pop: EWR50-C1
age: 2351568
etag: "466795436b37f96c671ae07757810750"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 1707
x-amz-cf-id: 1s7qCArzmU82jcO80mmI2L7M7GWteDpKL0WgbXEuDOuKBJgWremxdQ==

Redirect headers

location: https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
access-control-expose-headers: Request-Context
cache-control: private
date: Thu, 08 Feb 2024 22:06:31 GMT
request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length: 184
content-type: text/html; charset=utf-8

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 205ms
64ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mailz.leafybranch.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:11:31 GMT
x-content-type-options: nosniff
age: 46501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:11:31 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 282ms
141ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mailz.leafybranch.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 09:20:25 GMT
x-content-type-options: nosniff
age: 45967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Feb 2025 09:20:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Domain: eppiocemhmnlbhjplcgkofciiegomcon
URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mailz.leafybranch.com/	1969-12-31 23:59:59	Name: mwsid Value: bc7au23lqdvk0mifqio1ftmppf

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/../executers/vi-tr.js Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
eppiocemhmnlbhjplcgkofciiegomcon
fonts.googleapis.com
fonts.gstatic.com
freedomheadlines.com
images-prod.powerinboxedge.com
mailz.leafybranch.com
rs-stripe.freedomheadlines.com
eppiocemhmnlbhjplcgkofciiegomcon
13.225.214.43
13.225.63.59
20.225.97.235
2600:3c00::f03c:93ff:fe39:3408
2606:4700:3030::6815:2278
2607:f8b0:4006:81d::2003
2607:f8b0:4006:822::200a
339ac64f0a0ac0b565292d6c4705310a9356dd6dd9d74bda14a97c5fcea94299
452ab066e2d9caf1d35d24f72d7935f0263bcd6784868a8fe4cf8e14de555af8
570378d248cee46920262de6384df4ad3873b4dfc43b7ea28385a41e0954bb9c
59c3c9963b7c256d794e29b1ed359ddcfe4cd0a52639fe5d0c0c1c08547c640f
5d1562e68f4195dfa4435eb885efb0ee79ee869eb603f118d6c8fe88f0114ff6
8029c9d5854972c6b678d0d09d800350155d41e435b237904dadbef31a9333ad
8163c16e8af3d227f6bcd2ffc0a6b6d2eb276180914a0cbb8a9b5abbc32015d7
892f19ac18106a8df00de297106c9a1ac3e5c06bb9aa210ae291af4891fc0d9e
8d90a6a36289250281f2ec38640b6cd7f1ad1b1fa5d717602bd5ab9459fdaeed
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
968049b239f4165adbbc3efd22dac77765e00e264f3bcb0c470da44cc833e475
99ba95ab183708712eea8fe4b082214c5c33b6b389542231e8996c81586be6c7
9d3cf1ec16e639ca9267bbdd7ea739f3fc73c6a6309ef8eabb8a1f3cabd7e167
a20b853666dd5888da3101b8f70934c4e9c0ab6ab55c78deec74e4cbab90b148
a616810a049461920c5ab77b7d361794714132ad89e4425c8bc1a0c7afac77b1
ad1609fda71e5933b43bcd78f01cdf0ca1c8ee4c8e2f2be5ea35e464873d4063
adb0e91756e5566e2bd9fe569570c8f68eaaeb6a6f9a363de645f0edb25b03a9
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4
c92d6bfedb5ad29be7760d11cac564c60ee61e44f57f348c3f5444691a08e3c5
d361c6185475fb6fc8503a1eb621ce37356b945bf7dcce16dc3a2dba7857e3dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50ed4af28741d446514a0c5bdc5e20800bdf398f279873576bb068f88f88492
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
f42475de1eb90522d5284050df0c50c8219b8e12cd06fe752b7089ea5e21714f
fb4d22456f5e3289f3b290658fbd33cfd4393ca436661ff5eaac0de97ce08b42

mailz.leafybranch.com Open in urlscan Pro 2600:3c00::f03c:93ff:fe39:3408 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

35 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

7 IPs

1 Countries

976 kBTransfer

1020 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

mailz.leafybranch.com Open in urlscan Pro
2600:3c00::f03c:93ff:fe39:3408 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

35 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

976 kB
Transfer

1020 kB
Size

1
Cookies

34 HTTP transactions
0 data transactions