Submitted URL: https://a.post.lhd.link/k86hn4zb8b/?lh_aid=9692956&lh_cid=9ppgyh1m33
Effective URL: https://read.letterhead.email/freedoms-lodge/26481
Submission: On December 14 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2606:4700:7::60, located in United States and belongs to CLOUDFLARENET, US. The main domain is read.letterhead.email.
TLS certificate: Issued by GTS CA 1P5 on December 5th 2023. Valid for: 3 months.
This is the only time read.letterhead.email was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.205.182.159 14061 (DIGITALOC...)
1 4 2606:4700:7::60 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
9 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 162.243.189.2 14061 (DIGITALOC...)
1 178.128.146.240 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
19 6
Apex Domain
Subdomains
Transfer
9 ucarecdn.com
ucarecdn.com — Cisco Umbrella Rank: 15683
441 KB
4 letterhead.email
read.letterhead.email
91 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 gstatic.com
fonts.gstatic.com
67 KB
1 tryletterhead.com
ranger.tryletterhead.com — Cisco Umbrella Rank: 793102
1 KB
1 digitaloceanspaces.com
wherebyspace.nyc3.digitaloceanspaces.com
7 KB
1 lhd.link
a.post.lhd.link
354 B
19 7
Domain Requested by
9 ucarecdn.com read.letterhead.email
4 read.letterhead.email 1 redirects read.letterhead.email
3 fonts.googleapis.com read.letterhead.email
2 fonts.gstatic.com fonts.googleapis.com
1 ranger.tryletterhead.com read.letterhead.email
1 wherebyspace.nyc3.digitaloceanspaces.com read.letterhead.email
1 a.post.lhd.link 1 redirects
19 7
Subject Issuer Validity Valid
read.letterhead.email
GTS CA 1P5
2023-12-05 -
2024-03-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
cps3.ucarecdn.com
R3
2023-11-13 -
2024-02-11
3 months crt.sh
*.nyc3.digitaloceanspaces.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-05-12 -
2024-05-29
a year crt.sh
ranger.tryletterhead.com
R3
2023-10-19 -
2024-01-17
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://read.letterhead.email/freedoms-lodge/26481
Frame ID: E765460E451C432212898C4111437501
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

The BEST gift you could give yourself | Freedom's Lodge The BEST gift you could give yourself

Page URL History Show full URLs

  1. https://a.post.lhd.link/k86hn4zb8b/?lh_aid=9692956&lh_cid=9ppgyh1m33 HTTP 302
    https://read.letterhead.email/freedoms-lodge/letter/26481?lh_aid=9692956&lh_cid=9ppgyh1m33&di=4150d529d43f... HTTP 301
    https://read.letterhead.email/freedoms-lodge/26481 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

19
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

608 kB
Transfer

814 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://a.post.lhd.link/k86hn4zb8b/?lh_aid=9692956&lh_cid=9ppgyh1m33 HTTP 302
    https://read.letterhead.email/freedoms-lodge/letter/26481?lh_aid=9692956&lh_cid=9ppgyh1m33&di=4150d529d43fe8275286c6af0440ab06 HTTP 301
    https://read.letterhead.email/freedoms-lodge/26481 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 26481
read.letterhead.email/freedoms-lodge/
Redirect Chain
  • https://a.post.lhd.link/k86hn4zb8b/?lh_aid=9692956&lh_cid=9ppgyh1m33
  • https://read.letterhead.email/freedoms-lodge/letter/26481?lh_aid=9692956&lh_cid=9ppgyh1m33&di=4150d529d43fe8275286c6af0440ab06
  • https://read.letterhead.email/freedoms-lodge/26481
45 KB
5 KB
Document
General
Full URL
https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528cc65bc27e62af639db3bab8a05fe28a25b7b45b1f6f9e7f1be13c70e5bb5f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
MISS
cf-ray
8352585e7dca9be6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 00:31:39 GMT
last-modified
Thu, 14 Dec 2023 00:31:39 GMT
server
cloudflare
vary
X-Inertia, Accept-Encoding
x-do-app-origin
2372cbc1-e8fc-4dfa-9a6a-b3a968a80224
x-do-orig-status
200

Redirect headers

cache-control
private
cf-cache-status
MISS
cf-ray
8352585cbcdb9be6-FRA
content-type
text/html; charset=UTF-8
date
Thu, 14 Dec 2023 00:31:39 GMT
location
/freedoms-lodge/26481
server
cloudflare
vary
X-Inertia, Accept-Encoding
x-do-app-origin
2372cbc1-e8fc-4dfa-9a6a-b3a968a80224
x-do-orig-status
301
app-50c35d92.js
read.letterhead.email/build/assets/
223 KB
81 KB
Script
General
Full URL
https://read.letterhead.email/build/assets/app-50c35d92.js
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad6e374ac8fc01a1ec7f684c756eeb954094a3054a6050e2bda1b1b9ee70902

Request headers

Referer
https://read.letterhead.email/freedoms-lodge/26481
Origin
https://read.letterhead.email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
2372cbc1-e8fc-4dfa-9a6a-b3a968a80224
x-do-orig-status
200
etag
W/"37de5-11ef9b484c240"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private
cf-ray
835258623fcf9be6-FRA
app-3953a818.css
read.letterhead.email/build/assets/
16 KB
4 KB
Stylesheet
General
Full URL
https://read.letterhead.email/build/assets/app-3953a818.css
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3953a81873f344bb5b2e4e461eed2f22bc404a3df95f06fc5b12ec6c8687b6b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/freedoms-lodge/26481
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
2372cbc1-e8fc-4dfa-9a6a-b3a968a80224
x-do-orig-status
200
etag
W/"4109-11ef9b484c240"
vary
Accept-Encoding
content-type
text/css
cache-control
private
cf-ray
835258623fcd9be6-FRA
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/build/assets/app-50c35d92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 00:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 00:00:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 00:31:40 GMT
css2
fonts.googleapis.com/
3 KB
593 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=PT%20Serif:wght@400;500;600;700;900&display=swap
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/build/assets/app-50c35d92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991701e801bacaf1b7e5c515f4875f77e077ca6ff4807985dee080670d3a2900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 00:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 00:31:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 00:31:40 GMT
css2
fonts.googleapis.com/
8 KB
755 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700;900&display=swap
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/build/assets/app-50c35d92.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c455bd6ebceda276c47696f41c77f926cf6a0d5bf64dc1d38c77860bf0fd1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 14 Dec 2023 00:31:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 00:31:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 14 Dec 2023 00:31:40 GMT
/
ucarecdn.com/0a3106cd-8f53-419a-88fa-76cf81335c42/
66 KB
67 KB
Image
General
Full URL
https://ucarecdn.com/0a3106cd-8f53-419a-88fa-76cf81335c42/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
87441e3f04cbaa6aefb456f3e7ad62982a1f978344958b15637639d2b6383d23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
800
last-modified
Tue, 12 Dec 2023 18:13:59 GMT
server
Uploadcare
etag
"e1e002cbe3d6bf40a22d24d36bfb6081"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31447860
content-disposition
inline; filename=FL-alt-header.png
x-image-height
167
accept-ranges
bytes
content-length
68095
/
ucarecdn.com/a03108f4-5ec2-47ea-bf80-fd72d3aed55d/
349 KB
350 KB
Image
General
Full URL
https://ucarecdn.com/a03108f4-5ec2-47ea-bf80-fd72d3aed55d/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
b9b35190f3d012c7522f4dcffc1837370b84148dc50755618201ea783a2547a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
600
last-modified
Mon, 11 Dec 2023 23:18:15 GMT
server
Uploadcare
etag
"9c02a126a9815ce777a237dd953135f6"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31379676
content-disposition
inline; filename=December2023_MediaBuy_V1.jpg
x-image-height
1200
accept-ranges
bytes
content-length
357841
/
ucarecdn.com/f5db66f2-3cc6-4246-964e-f3ff7d4147b4/
12 KB
12 KB
Image
General
Full URL
https://ucarecdn.com/f5db66f2-3cc6-4246-964e-f3ff7d4147b4/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
61eb41ffbe3e81d22324baa462b4e5565741fe7c8d433a3967e243919f61ff05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
1260
last-modified
Tue, 12 Dec 2023 18:15:44 GMT
server
Uploadcare
etag
"5fe2c92248550ea6483313544026d5e2"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31448006
content-disposition
inline; filename=USCCA-logo.png
x-image-height
161
accept-ranges
bytes
content-length
12068
/
ucarecdn.com/6624be06-1239-4859-881e-ed8b7012a9e1/
5 KB
6 KB
Image
General
Full URL
https://ucarecdn.com/6624be06-1239-4859-881e-ed8b7012a9e1/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
917e9eb7913c78e3d143537eef8d7c6e2eaac71fd589663f6a0c9f0f7d7f076c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
230
last-modified
Mon, 11 Dec 2023 23:19:04 GMT
server
Uploadcare
etag
"aa101cae66fe3b81b4df93dba956d11d"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31379769
content-disposition
inline; filename=inc_BB_w_2x.jpg
x-image-height
45
accept-ranges
bytes
content-length
5566
/
ucarecdn.com/386c1f71-d90d-4c5f-8c88-da802a795f28/
1 KB
2 KB
Image
General
Full URL
https://ucarecdn.com/386c1f71-d90d-4c5f-8c88-da802a795f28/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
00f8f623986536bf08d0511a07b1f2991ceb0436bec9244fc99a48ce3dbeac81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
64
last-modified
Mon, 09 Oct 2023 05:35:13 GMT
server
Uploadcare
etag
"7aad9d423af49f4f21e774ec50a921b7"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=30697716
content-disposition
inline; filename=whataspp_white.png
x-image-height
64
accept-ranges
bytes
content-length
1409
/
ucarecdn.com/afa5c228-ac9b-453a-a54e-a097181a7744/
1018 B
1 KB
Image
General
Full URL
https://ucarecdn.com/afa5c228-ac9b-453a-a54e-a097181a7744/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
f889debd07aba7629bb82f9ff8b3f62aecaa97eebd7445c09ec29b83175003fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
64
last-modified
Mon, 09 Oct 2023 03:04:17 GMT
server
Uploadcare
etag
"733919471a075fb0b317da90e35e26c9"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31294617
content-disposition
inline; filename=facebook_white.png
x-image-height
64
accept-ranges
bytes
content-length
1018
/
ucarecdn.com/4cef89e3-c05e-41ba-8787-db542eeb81fa/
947 B
1 KB
Image
General
Full URL
https://ucarecdn.com/4cef89e3-c05e-41ba-8787-db542eeb81fa/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
cb5dcc3a495873ef171c6c6c31133cca61973af57bb52734e0994ca9b594d663

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
64
last-modified
Mon, 09 Oct 2023 05:28:14 GMT
server
Uploadcare
etag
"316a17a0d04f2033d7cd6895838a9c36"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=30493355
content-disposition
inline; filename=twitter_white.png
x-image-height
58
accept-ranges
bytes
content-length
947
/
ucarecdn.com/f4ec518f-aad8-401c-b24d-c899e31e57cd/
1 KB
2 KB
Image
General
Full URL
https://ucarecdn.com/f4ec518f-aad8-401c-b24d-c899e31e57cd/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
74186234fab3dd744f2f89298f4ca07d6986c2d923cf4452238c734c70352d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
64
last-modified
Mon, 09 Oct 2023 05:08:37 GMT
server
Uploadcare
etag
"5be8d8f29743a4fd643ab26f8b3d8be0"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=30697669
content-disposition
inline; filename=reddit_white.png
x-image-height
64
accept-ranges
bytes
content-length
1344
/
ucarecdn.com/f852775c-9714-4061-9eb5-38e1cfad319e/
1 KB
1 KB
Image
General
Full URL
https://ucarecdn.com/f852775c-9714-4061-9eb5-38e1cfad319e/
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Uploadcare /
Resource Hash
13f3d086355c5c8d521279de12264df4aa2b33895bcde3bd6c654e0c4195a3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
x-image-width
64
last-modified
Mon, 09 Oct 2023 04:55:18 GMT
server
Uploadcare
etag
"0e5ceb9641026122563de31a34521390"
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=30697596
content-disposition
inline; filename="linkedin_white (1).png"
x-image-height
64
accept-ranges
bytes
content-length
1096
letterhead_favicon1.png
wherebyspace.nyc3.digitaloceanspaces.com/letterhead/
6 KB
7 KB
Image
General
Full URL
https://wherebyspace.nyc3.digitaloceanspaces.com/letterhead/letterhead_favicon1.png
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.243.189.2 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
nyc3.digitaloceanspaces.com
Software
/
Resource Hash
f1c4527385620807a7fe16af1f34b2528f72bb264110e760c4d5daf0764ecbe2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 00:31:40 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Wed, 16 Dec 2020 22:57:29 GMT
x-amz-request-id
tx00000187f88d757e42f92-00657a4cec-4ecd4e8a-nyc3b
etag
"44387503a623228656bc4eb1c1dfcc6d"
x-envoy-upstream-healthchecked-cluster
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
image/png
x-rgw-object-type
Normal
accept-ranges
bytes
content-length
6397
a.jpg
ranger.tryletterhead.com/rangers/9ppgyh1m33/u/
695 B
1 KB
Image
General
Full URL
https://ranger.tryletterhead.com/rangers/9ppgyh1m33/u/a.jpg
Requested by
Host: read.letterhead.email
URL: https://read.letterhead.email/freedoms-lodge/26481
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
178.128.146.240 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a80d723221bc0db212738b186ce5fa0d31fb2f099e6822f6363c3ef5e89d8d60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://read.letterhead.email/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Thu, 14 Dec 2023 00:31:40 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/jpg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache, private
Connection
keep-alive
Access-Control-Allow-Headers
*,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://read.letterhead.email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:07:20 GMT
x-content-type-options
nosniff
age
537860
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34852
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:07:20 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT%20Serif:wght@400;500;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://read.letterhead.email
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 12 Dec 2023 09:01:55 GMT
x-content-type-options
nosniff
age
142185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2024 09:01:55 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| __VUE_INSTANCE_SETTERS__ boolean| __VUE__

3 Cookies

Domain/Path Name / Value
.read.letterhead.email/ Name: __cf_bm
Value: j6RGiWXCSzGg7ZB96XD.AZ_uTLxj4okzovZFtr2wVpE-1702513899-1-Aaq+1cFaHn2N+92SQWVJoGOXjJypLBRQbBCoUhy9hjxA0KMdThRrVt2aSDcYPfGLaOlrCHTghFQ/0HhcnJB7KKs=
read.letterhead.email/ Name: XSRF-TOKEN
Value: eyJpdiI6ImhVdVJNY1BWN05iaXNzaDZqR1o3Ync9PSIsInZhbHVlIjoiUlZxRDZIUm5QTFUrOW9VRXBDcWtxb2dsN2JrUzVUakVKdUJPOFdmMTJKT1hzZVZPTzZlMWRlR3F3eEpRaldxblFCR0paSmxPRGk5RE90eXB5WW5CbVc4WGlGcmZEbXVGNEl0QzlpVVJtVmR4My82ays3UjVlejIvaXRrQ1Z3cnoiLCJtYWMiOiJlNzEzOWExNDE5NWQxMTZhMmUxYjQ2N2QzZDk0NmQ0ZTI1MzNlNDhmMzU1MTllNmIxMWQwZGY0MGE0NWFiOWZhIiwidGFnIjoiIn0%3D
read.letterhead.email/ Name: archives_session
Value: eyJpdiI6IlA1TWNDTFNjT1RBZW5xdHlkSUFqb2c9PSIsInZhbHVlIjoid2xzVTRpMWVtd1ZoNE1nZ2NOcEYyVkszeCtyTkRGQmRWUlArVkJWRnZTM3huYmdZSmRadG9BTVhWNGZYdGE0Q1BwZkI1cktocTNXbmNPS3RmSDJDLzJxUmtHd2Z1dWg2c1RnVWxyYWFaVC9GTG15Z00rVnVEa1c4YzJHK2s0NU8iLCJtYWMiOiIxMjBlNzRlNjY1YzRjZmRlODgxMzE3YTNhNTI3Y2NlMmU1MGU0NmRkZTFiYTVlNjI0YTA5ZDhkZWZkNWU0OGY4IiwidGFnIjoiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.post.lhd.link
fonts.googleapis.com
fonts.gstatic.com
ranger.tryletterhead.com
read.letterhead.email
ucarecdn.com
wherebyspace.nyc3.digitaloceanspaces.com
162.243.189.2
178.128.146.240
2606:4700:7::60
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a02:26f0:480:f::213:7ec6
67.205.182.159
00f8f623986536bf08d0511a07b1f2991ceb0436bec9244fc99a48ce3dbeac81
13f3d086355c5c8d521279de12264df4aa2b33895bcde3bd6c654e0c4195a3cc
1ea51c9046aa9f6b1b1193ba533b8938735775374b3e2ca4cd670dc1636773a3
3953a81873f344bb5b2e4e461eed2f22bc404a3df95f06fc5b12ec6c8687b6b4
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4ad6e374ac8fc01a1ec7f684c756eeb954094a3054a6050e2bda1b1b9ee70902
528cc65bc27e62af639db3bab8a05fe28a25b7b45b1f6f9e7f1be13c70e5bb5f
5c455bd6ebceda276c47696f41c77f926cf6a0d5bf64dc1d38c77860bf0fd1d6
61eb41ffbe3e81d22324baa462b4e5565741fe7c8d433a3967e243919f61ff05
74186234fab3dd744f2f89298f4ca07d6986c2d923cf4452238c734c70352d33
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
87441e3f04cbaa6aefb456f3e7ad62982a1f978344958b15637639d2b6383d23
917e9eb7913c78e3d143537eef8d7c6e2eaac71fd589663f6a0c9f0f7d7f076c
991701e801bacaf1b7e5c515f4875f77e077ca6ff4807985dee080670d3a2900
a80d723221bc0db212738b186ce5fa0d31fb2f099e6822f6363c3ef5e89d8d60
b9b35190f3d012c7522f4dcffc1837370b84148dc50755618201ea783a2547a8
cb5dcc3a495873ef171c6c6c31133cca61973af57bb52734e0994ca9b594d663
f1c4527385620807a7fe16af1f34b2528f72bb264110e760c4d5daf0764ecbe2
f889debd07aba7629bb82f9ff8b3f62aecaa97eebd7445c09ec29b83175003fd