urlscan.io logo urlscan.io
SecurityTrails logo

mailz.leafybranch.com Open in urlscan Pro
2600:3c00::f03c:93ff:fe39:3408  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpos...
Effective URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpos...
Submission: On January 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 26 HTTP transactions. The main IP is 2600:3c00::f03c:93ff:fe39:3408, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is mailz.leafybranch.com.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time mailz.leafybranch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2600:3c00::f0... 63949 (AKAMAI-LI...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
14 14 20.225.97.235 8075 (MICROSOFT...)
13 13.225.63.23 16509 (AMAZON-02)
1 13.225.214.43 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
26 6
3    2600:3c00::f03c:93ff:fe39:3408 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
mailz.leafybranch.com
1    2607:f8b0:4004:c19::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:4700:3031::ac43:a0b9 (United States)

ASN13335 (CLOUDFLARENET, US)
freedomheadlines.com
14    20.225.97.235 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rs-stripe.freedomheadlines.com
13    13.225.63.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-23.ewr53.r.cloudfront.net
images-prod.powerinboxedge.com
1    13.225.214.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-43.ewr50.r.cloudfront.net
branding.revenuestripe.com
2    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
21 freedomheadlines.com
freedomheadlines.com
rs-stripe.freedomheadlines.com
98 KB
13 powerinboxedge.com
images-prod.powerinboxedge.com — Cisco Umbrella Rank: 25927
375 KB
3 leafybranch.com
mailz.leafybranch.com
8 KB
2 gstatic.com
fonts.gstatic.com
56 KB
1 revenuestripe.com
branding.revenuestripe.com — Cisco Umbrella Rank: 49189
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
26 6
Domain Requested by
14 rs-stripe.freedomheadlines.com 14 redirects
13 images-prod.powerinboxedge.com mailz.leafybranch.com
7 freedomheadlines.com mailz.leafybranch.com
3 mailz.leafybranch.com 1 redirects mailz.leafybranch.com
2 fonts.gstatic.com fonts.googleapis.com
1 branding.revenuestripe.com mailz.leafybranch.com
1 fonts.googleapis.com mailz.leafybranch.com
26 7

This site contains no links.

Subject Issuer Validity Valid
mailz.leafybranch.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
freedomheadlines.com
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Frame ID: A1580263D0FF82DF7422925BA056DAE3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Teacher Makes Excellent Point, “If Educators Can Teach Children About Gender, I Can…”

Page URL History Show full URLs

  1. http://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email... HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

46 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

539 kB
Transfer

602 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125095&cs_sendid=1697802680&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/0/961020
Request Chain 3
  • https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png HTTP 301
  • https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Request Chain 7
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/960720
Request Chain 8
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=1&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/953654
Request Chain 9
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=2&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961366
Request Chain 10
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=3&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/962141
Request Chain 14
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/960245
Request Chain 15
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=1&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/962904
Request Chain 16
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=2&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/957641
Request Chain 17
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=3&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961912
Request Chain 18
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=4&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961659
Request Chain 19
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=5&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961310
Request Chain 20
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=6&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/919289
Request Chain 21
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=7&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/946487

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bg511aro0wbe1
mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/
Redirect Chain
  • http://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
  • https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
76 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
5ec4e88e121e5e08a4c02bf8683a75622a465226dcb0ca344fd647d92d917409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7114
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 21:28:24 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Referrer-Policy
no-referrer
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 27 Jan 2024 21:28:23 GMT
Keep-Alive
timeout=5, max=100
Location
https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Server
Apache/2.4.56 (Debian)
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ad7f0c5d5a0d599ffffdce4351226b6cc782b14f9e8d33d31373f416ba7dffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 21:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 21:28:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 21:28:25 GMT
FH-2021-sized-1.jpg
freedomheadlines.com/wp-content/uploads/2021/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2021/01/FH-2021-sized-1.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5925779
alt-svc
h3=":443"; ma=86400
content-length
28587
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 01:55:25 GMT
server
cloudflare
etag
"6351fc0d-6fab"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02gsrvYncIyymuccIqodBbwgFXa9Qvxq30LyBisai3Fu0b2%2F0SHkhM6gZpAe%2FlBTTz2%2BRnjfBc3th%2BvTjPMmmlT5e0BGtIuube9rykJ7w3HMNonNyTY2G7IYAWq8omH4rdTx3WqGe3cDDzXNOZ20%2BZNuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d598118c5d-EWR
expires
Tue, 12 Nov 2024 11:19:06 GMT
961020
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125095&cs_sendid=1697802680&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/0/961020
49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/0/961020
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7cda1ac8b46f2559d035e66ee34926e0528a51158717ebec0b16e743859d2f34

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:31:54 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Wed, 03 Jan 2024 19:23:41 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
3392
x-amz-server-side-encryption
AES256
etag
"6008d5d6d30047764921729c79003a28"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
50404
x-amz-cf-id
FZOEUXHouNBz2cQaFEbgderXF-u4U-qP5Q-BaqVJ09txZBjVpjkCZA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/0/961020
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
powerinbox-rec-reg.png
branding.revenuestripe.com/recommend/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png
  • https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.214.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-43.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 16:53:45 GMT
via
1.1 c267e55887d5d0922d95439137f937dc.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 22:16:11 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
1312481
etag
"466795436b37f96c671ae07757810750"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1707
x-amz-cf-id
olVIeHyUwY1L0znKrclb4KPUTcrFlRt9MthDyYHrtBZO-6_ueSYpHg==

Redirect headers

location
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
access-control-expose-headers
Request-Context
cache-control
private
date
Sat, 27 Jan 2024 21:28:25 GMT
request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length
184
content-type
text/html; charset=utf-8
embassy-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/embassy-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f4815d674f1597ac47b322e9bfbfc7bc7abb42a410b3b4f45da3d372d0d77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103191
alt-svc
h3=":443"; ma=86400
content-length
14276
x-xss-protection
1; mode=block
last-modified
Thu, 19 Oct 2023 15:45:22 GMT
server
cloudflare
etag
"65314f12-37c4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgzCq25rLEIR4Hv6XpOvK1uLERh3SakG6c91EwL78LFqmpZF4vriqz5LsvxaUa%2BWYg058eaqWiI3ZxoHvDyJFz2YGHMZ0t3Me89nx04TR0%2BU3ZIeZac71abS0F1WJxlZqhlUOnWdfbRP9RbZa1RKVwSzCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d608ec8c5d-EWR
expires
Wed, 27 Nov 2024 11:53:15 GMT
sidney-powell3-300x175.jpg
freedomheadlines.com/wp-content/uploads/2021/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2021/02/sidney-powell3-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb138a79e95910d1ed65fe8ea9bee8530a8e6927dd0beab188bdee47a0912fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103191
alt-svc
h3=":443"; ma=86400
content-length
4955
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 02:08:19 GMT
server
cloudflare
etag
"6351ff13-135b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H9zy%2BpMWL2WZGD3Ygtd7FsXAauvNQxrHO8qI1DBmfhziVQWQNwvWYAoFV7DXpKYv0iCB1YQOlrCJDq6OhRnrNUmK2vNndTlWpolUyJ5ugjYIKE3iqJOKyRiDpDxTs4PDteitY7z5yN43wpFhb%2BiiFqM%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d608ef8c5d-EWR
expires
Sat, 25 Jan 2025 16:48:34 GMT
trump-army-300x175.jpg
freedomheadlines.com/wp-content/uploads/2019/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2019/09/trump-army-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad42b414b617f6c0eb721b8ac143882998399b0c4b8688e8371c4150b73c477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7568
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 02:01:30 GMT
server
cloudflare
etag
"6351fd7a-1d90"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8A139MW74ShQW4LTFAfMn7oLFwHKFUzs6HYu5lFsTsmWzzQW7aaco%2BmVPCwjoSMeL5AyVngQpBgDi%2B97jKz4HuHm611KvVZVtZKlxGT%2FtvkvRl%2BH1XGSvDTVDf41neo4Czp2so3LHdDr8l%2BsErVeS3w%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d608f38c5d-EWR
expires
Fri, 24 Jan 2025 00:28:50 GMT
960720
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/960720
31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/960720
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b31d63a6589d9bc3c1957f104f9791c5295223d12dc0733724230a06b5b83057

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:37:26 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jan 2024 19:13:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
31860
x-amz-server-side-encryption
AES256
etag
"0639918ad0884e56691e647c56042218"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
31801
x-amz-cf-id
yql3--hsDahMGdOcYnQb1zZ2ciJACMbTTjfxKuqmx9V60TtK1NUpgQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/960720
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
953654
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=1&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/953654
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/953654
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f42475de1eb90522d5284050df0c50c8219b8e12cd06fe752b7089ea5e21714f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:41:07 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 19:15:10 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
35239
x-amz-server-side-encryption
AES256
etag
"4bdeffcad62b26367f5e89591c60f596"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
33529
x-amz-cf-id
tKv_uYm0z9M4OtqTo6VlR2iFF0qL7ktrxizQSAsRfYHhdyZQVBm1PA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/953654
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961366
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=2&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961366
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961366
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cd68a0dd427d080601b241dbcf75859fcec9f59cd16ecde6bf85f1dbc5d410c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:23:07 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 11:14:19 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
32719
x-amz-server-side-encryption
AES256
etag
"b3f3e930f70f19b60fe565b4877febcc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
16474
x-amz-cf-id
aTupsM_aRo37vM8WzOEZCnS1NqW4bpY6nMxmQBvrNoIq2deB1Ds-Bg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961366
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
962141
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697802680&cs_offset=3&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/962141
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/962141
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77436b03fb5bb2de85dc9ce7e3b4a6bded7005100c638675c745b30efaed86ac

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 03:28:13 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2024 15:24:53 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
64813
x-amz-server-side-encryption
AES256
etag
"53807aeb3e9f48cce606c22d50ecfb0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
22157
x-amz-cf-id
XbkLPjbzDW1j8dQ3KW2nunK7FUdoWqWlUX_UEuZvjOQjgM9WXikv6g==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/962141
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
gop-candidates2-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/gop-candidates2-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1198f03b0ec244684c5303eb4c8b5b612f809c7e2f3fb1c0c23e6b1031e55ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103191
alt-svc
h3=":443"; ma=86400
content-length
15452
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 18:30:19 GMT
server
cloudflare
etag
"652ed2bb-3c5c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSBNpKXyRejJZPWEixvLk6TjpMNvZI4p7HTfAgZu%2BbNyQZqiv5rqVZl9omq%2FZNoFIkSejYON93yNtHQQgofanxyCKyUHqrV1udokeJjMj0iljvs3TgC7bH9IjvnZTsPiAGSs20SpvvzSQGVLLRxmcmeCWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d608f58c5d-EWR
expires
Sat, 30 Nov 2024 11:11:34 GMT
joran-van-der-sloot1-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/joran-van-der-sloot1-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
505cbf50baa8a61ccb5e7acaa347d07e729a61623d9dd1f5ca59e600d5666cea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103191
alt-svc
h3=":443"; ma=86400
content-length
8215
x-xss-protection
1; mode=block
last-modified
Thu, 19 Oct 2023 03:21:01 GMT
server
cloudflare
etag
"6530a09d-2017"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qjWpZ560oiXqtnP1sBIK2WEDB3BwrNh%2F2qKbvrlrkoP%2FukLeh9REsxAUyUS5DJmYw4Mo4Jt5a9Lc8eoQPRi4HJ75EDT2cZaoK83%2FXuk4BPdM8iAko897S6qEAc5yipeoLxDfqZ4pUk5cvexDMv%2BVDTzxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d608f68c5d-EWR
expires
Sun, 10 Nov 2024 10:54:02 GMT
cows-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/02/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/02/cows-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8e70a34c27b2431af9ec76f3bbc15e5e48ac2242ed575756b0217cbc79b0d92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103191
alt-svc
h3=":443"; ma=86400
content-length
16908
x-xss-protection
1; mode=block
last-modified
Mon, 27 Feb 2023 16:17:57 GMT
server
cloudflare
etag
"63fcd7b5-420c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfkw4t9uaYr0fhnwURjOtHnMyPrFxWWICiTJg5S9ERelyDN2d1Whhptt7sIL4onvI28BT14K1UblGTdgtwcO9vsLYX8mESurNU9TtIEqdw7STLxdtYMOn9fDFN0syKpMW6TE2YpNKGSvVWfhnXErLBPZJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c415d608f78c5d-EWR
expires
Sun, 15 Dec 2024 07:53:50 GMT
960245
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/960245
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/960245
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40dbb372e54f7c747849402c64f3334d62ed435e25887bd13339816f5b4f96b7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 00:47:22 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Mon, 18 Dec 2023 20:42:55 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
74463
x-amz-server-side-encryption
AES256
etag
"82e87865783e1d86bd7a8140757692e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27397
x-amz-cf-id
P7M8wkpnCNQXj6PXkGtM4xq7liv96tStTTeEH-jBgoYWcRAICjvLbg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/960245
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
962904
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=1&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/962904
26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/962904
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d609de1d2e7ca0e4a9593aecd44d689c46d564bcbfd5c65d27265d56248bcef1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 05:02:33 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Thu, 25 Jan 2024 21:16:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
59153
etag
"d8a50ef1267d126fa31c813198399a1b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
26847
x-amz-cf-id
jVEslFLSFjSI5VDBVPUMbnP33ad6no7aUq2iZSSpdewkoWciPj2NSg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/962904
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
957641
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=2&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/957641
30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/957641
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8029c9d5854972c6b678d0d09d800350155d41e435b237904dadbef31a9333ad

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 11:41:07 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 16:01:51 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
35239
x-amz-server-side-encryption
AES256
etag
"d612de2fe007548f8ddf38f5d3bfef63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
31184
x-amz-cf-id
I5-GkfAPvncMDWEc7QPJsY_8jN2iMexBJe3lvSADyVcLJAJC3MMLqA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/957641
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961912
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=3&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961912
31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961912
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2733759fb9e088f08ab2256582ee1a6a47828199b2fe8940d85eb0f4d0e0a246

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 20:48:41 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 17:54:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
2385
x-amz-server-side-encryption
AES256
etag
"f539da3b8e5345c57e5ec99cf0c2344e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
31811
x-amz-cf-id
In69gJLCIiAyqUUNUIbbcVCh2GtC9mJSrgZif4c3Fm1EBj6K0ysCnA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961912
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961659
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=4&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961659
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961659
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4f85f6a94ee3e4436bab667daa1ca111eb901287cba8fc59a1be26c4a19ceab2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 12:57:07 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 11:14:21 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
30679
x-amz-server-side-encryption
AES256
etag
"5d39130aea70b78ebd2d5f5ff8450591"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
24642
x-amz-cf-id
Wu1hSSMfadvPR8dEdcyNEi7i7cuOpoKcG0KsMKpgZt7zvKVx_7GPFw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961659
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961310
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=5&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961310
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961310
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dde58db4f044bdcf315619ab5759ef824e8c5b2d4c7f34353f9b97d8cdc3ab22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 01:04:37 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jan 2024 14:45:19 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
73429
x-amz-server-side-encryption
AES256
etag
"38b8162a919342fa810d0ae10df889e6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
26412
x-amz-cf-id
T_5OADB653YGPAhK5bUVr-UMkWHz53yThpOjYY_T9ssedk83VGrQyw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961310
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
919289
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=6&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/919289
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/919289
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a27fb30857addb74179e870446393652747d04294c1e6ede61fb7a98e4fe7cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 09:21:52 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:46:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
43594
x-amz-server-side-encryption
AES256
etag
"e4af7c995a0651f19b668fa47fc8a775"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30278
x-amz-cf-id
IOrQwlXptFu_s1L1RtIFaE2ItVU9PP_EVSlegBn6rjsryI0uvRTuBg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/919289
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
946487
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697802680&cs_offset=7&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/946487
25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/946487
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.63.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-23.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81007dbcf4e59a655eecddf667f585bd51d97531ceeecbaf8d7e41b544dee61c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 18:20:30 GMT
via
1.1 7ac993fb3bf15971cbb8b39563ee70e0.cloudfront.net (CloudFront)
last-modified
Wed, 13 Sep 2023 17:24:05 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
11276
x-amz-server-side-encryption
AES256
etag
"30c13bb39b0d2c39a328c8d9c5adad29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
25983
x-amz-cf-id
H3DZEJJRd4TB3ApHRWkwPKffvdseVh2eHRIUap49R-8xaQVfZOImYQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:25 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/946487
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
bg511aro0wbe1
mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/track-opening/ 		0
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/track-opening/bg511aro0wbe1
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/wg107548xjc23/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 21:28:25 GMT
X-Content-Type-Options
nosniff
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection
Keep-Alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Jan 2024 21:28:25 GMT
Server
Apache/2.4.56 (Debian)
X-Frame-Options
deny
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Expires
Mon, 26 Jul 1997 05:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mailz.leafybranch.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:41:07 GMT
x-content-type-options
nosniff
age
186438
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:41:07 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mailz.leafybranch.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 17:25:58 GMT
x-content-type-options
nosniff
age
187347
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Jan 2025 17:25:58 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
mailz.leafybranch.com/ Name: mwsid
Value: 9v29athq4u5p861sotjt73kept

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
fonts.googleapis.com
fonts.gstatic.com
freedomheadlines.com
images-prod.powerinboxedge.com
mailz.leafybranch.com
rs-stripe.freedomheadlines.com
13.225.214.43
13.225.63.23
20.225.97.235
2600:3c00::f03c:93ff:fe39:3408
2606:4700:3031::ac43:a0b9
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c19::5f
1198f03b0ec244684c5303eb4c8b5b612f809c7e2f3fb1c0c23e6b1031e55ee0
2733759fb9e088f08ab2256582ee1a6a47828199b2fe8940d85eb0f4d0e0a246
2a27fb30857addb74179e870446393652747d04294c1e6ede61fb7a98e4fe7cc
40dbb372e54f7c747849402c64f3334d62ed435e25887bd13339816f5b4f96b7
4cd68a0dd427d080601b241dbcf75859fcec9f59cd16ecde6bf85f1dbc5d410c
4f85f6a94ee3e4436bab667daa1ca111eb901287cba8fc59a1be26c4a19ceab2
505cbf50baa8a61ccb5e7acaa347d07e729a61623d9dd1f5ca59e600d5666cea
5ec4e88e121e5e08a4c02bf8683a75622a465226dcb0ca344fd647d92d917409
6ad7f0c5d5a0d599ffffdce4351226b6cc782b14f9e8d33d31373f416ba7dffc
77436b03fb5bb2de85dc9ce7e3b4a6bded7005100c638675c745b30efaed86ac
7cda1ac8b46f2559d035e66ee34926e0528a51158717ebec0b16e743859d2f34
8029c9d5854972c6b678d0d09d800350155d41e435b237904dadbef31a9333ad
81007dbcf4e59a655eecddf667f585bd51d97531ceeecbaf8d7e41b544dee61c
8ad42b414b617f6c0eb721b8ac143882998399b0c4b8688e8371c4150b73c477
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
b31d63a6589d9bc3c1957f104f9791c5295223d12dc0733724230a06b5b83057
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4
d5f4815d674f1597ac47b322e9bfbfc7bc7abb42a410b3b4f45da3d372d0d77e
d609de1d2e7ca0e4a9593aecd44d689c46d564bcbfd5c65d27265d56248bcef1
d8e70a34c27b2431af9ec76f3bbc15e5e48ac2242ed575756b0217cbc79b0d92
dde58db4f044bdcf315619ab5759ef824e8c5b2d4c7f34353f9b97d8cdc3ab22
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
f42475de1eb90522d5284050df0c50c8219b8e12cd06fe752b7089ea5e21714f
fbb138a79e95910d1ed65fe8ea9bee8530a8e6927dd0beab188bdee47a0912fe