URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d...
Submission: On March 17 via api from DE — Scanned from GB

Summary

This website contacted 9 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 161.71.106.76, located in London, United Kingdom and belongs to SALESFORCE, US. The main domain is view.message.treedom.net.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 19th 2021. Valid for: a year.
This is the only time view.message.treedom.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 161.71.106.76 14340 (SALESFORCE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 108.157.4.115 16509 (AMAZON-02)
1 143.204.98.121 16509 (AMAZON-02)
1 161.71.98.87 14340 (SALESFORCE)
2 2a00:1450:400... 15169 (GOOGLE)
16 9
Domain Requested by
6 image.s50.sfmc-content.com view.message.treedom.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com view.message.treedom.net
1 click.message.treedom.net view.message.treedom.net
1 medias.treedom.net view.message.treedom.net
1 www.treedom.net view.message.treedom.net
1 image.message.treedom.net view.message.treedom.net
1 view.message.treedom.net
16 8

This site contains links to these domains. Also see Links.

Domain
click.message.treedom.net
Subject Issuer Validity Valid
view.message.treedom.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-10-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh
akamai-san24.exacttarget.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-04-14
6 months crt.sh
image.community.bundabergrum.com.au
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-10-07
a year crt.sh
*.treedom.net
Go Daddy Secure Certificate Authority - G2
2021-09-01 -
2022-10-03
a year crt.sh
click.message.treedom.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-10-19
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-17 -
2022-05-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Frame ID: C435DC0A12810E4420EA81493E0D494A
Requests: 16 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

8
Subdomains

9
IPs

3
Countries

328 kB
Transfer

326 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
view.message.treedom.net/
65 KB
65 KB
Document
General
Full URL
https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.106.76 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
view.message.treedom.net
Software
/
Resource Hash
51faa9da396f8dbb1b0cdc9641f35e197e590ada4728a45b9ef2ceaf6b6af63d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Mar 2022 11:33:17 GMT
Connection
close
Content-Length
66841
css2
fonts.googleapis.com/
708 B
869 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 10:26:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 11:33:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 11:33:17 GMT
css2
fonts.googleapis.com/
3 KB
633 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 17 Mar 2022 10:56:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 17 Mar 2022 11:33:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Mar 2022 11:33:17 GMT
css
fonts.googleapis.com/
0
0

6477285b-4fe3-4c43-a85a-f4d69f1e2ce1.gif
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/
58 B
423 B
Image
General
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/6477285b-4fe3-4c43-a85a-f4d69f1e2ce1.gif
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fb5ad595c1b3df7350cf5f721f8df57d756863396c2dd91e1a88e2688c616b69

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/6477285b-4fe3-4c43-a85a-f4d69f1e2ce1.gif
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:14 GMT
Server
AkamaiNetStorage
ETag
"45aed9fb4844a22d62eb1a13c912f617:1644477794.304169"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58
2f1a3670-a149-4bb7-9350-8c8d72195cbc.png
image.message.treedom.net/lib/fe3c117175640478711771/m/1/
25 KB
25 KB
Image
General
Full URL
https://image.message.treedom.net/lib/fe3c117175640478711771/m/1/2f1a3670-a149-4bb7-9350-8c8d72195cbc.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9981 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
47fb71e26e478d7f1ecc3b62eb44cef3df481c179eff76976137510caee59bf6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/2f1a3670-a149-4bb7-9350-8c8d72195cbc.png
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Tue, 01 Mar 2022 07:20:54 GMT
Server
AkamaiNetStorage
ETag
"e351c00b9c1c1ab339f768a3ea1cd4aa:1646119254.917753"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25425
large_4688305
www.treedom.net/images/
30 KB
31 KB
Image
General
Full URL
https://www.treedom.net/images/large_4688305
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-115.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a6dbf1b9942678a8173f1c99b23fa3c2d0032f39b93488ececa917370cb11d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 15:45:54 GMT
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 12:10:43 GMT
server
AmazonS3
age
71244
etag
"6cce403fa9306ac009eafba06041131d"
x-cache
Hit from cloudfront
x-amz-version-id
Bdi96eo2E3vB4NCPhY6B9x9RFiy2XUCc
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-type
image/jpeg
content-length
30868
x-amz-cf-id
u9LihYnxHHS3HuuFjYXanuloBy0aquyD-8E740LOFwRMHtC7W-mvKw==
3ec08a6fe2465bb9435445ba654e1af6.png
medias.treedom.net/images/medium/
142 KB
143 KB
Image
General
Full URL
https://medias.treedom.net/images/medium/3ec08a6fe2465bb9435445ba654e1af6.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-121.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01ffda082a9d6b7c03b87786caffea7eddca328c5a3a163a2b956e9d3cfb6918

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 20:43:52 GMT
via
1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront)
last-modified
Wed, 09 Mar 2022 20:11:29 GMT
server
AmazonS3
age
658166
etag
"571a3156f7877ef01d381d4b34f9d6da"
x-cache
Hit from cloudfront
x-amz-version-id
Obic4hlHqJCiddvGpiBg8cXnE0D6UzqU
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
content-type
image/png
content-length
145440
x-amz-cf-id
Xyiv0l6RIkzJoAgOkYRksEYN7fVYupSY8ck9uHBOAeWwTWOwItXejw==
8e8001b5-ca5d-45f4-bb67-2ccc82c23630.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/
4 KB
4 KB
Image
General
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/8e8001b5-ca5d-45f4-bb67-2ccc82c23630.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
732fffdc226c7e7f1da33c3dd566d6166632fbaee00721eab04f7e3714cfdfe6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/8e8001b5-ca5d-45f4-bb67-2ccc82c23630.png
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:13 GMT
Server
AkamaiNetStorage
ETag
"b40b1bb2c7f169014400aa9b6fb7264d:1644477793.546225"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4224
fd9e31b2-edd6-4abe-9ea6-9345bc75f8a7.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/
412 B
778 B
Image
General
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/fd9e31b2-edd6-4abe-9ea6-9345bc75f8a7.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fd6fec9fccd9207ff6ecfa7725ac4de86aa1ba15b0f5f8b7bc61d594fd85b334

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/fd9e31b2-edd6-4abe-9ea6-9345bc75f8a7.png
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:20 GMT
Server
AkamaiNetStorage
ETag
"dbd93603e72f5c34466b4e2bea168814:1644477800.372025"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
412
7064ca23-8110-440b-8731-d495ed58ff0b.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/
582 B
948 B
Image
General
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/7064ca23-8110-440b-8731-d495ed58ff0b.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1eb4f587a5c547035b77f096362196d4447dd7ef39b0da89ec269b51a841ec1f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/7064ca23-8110-440b-8731-d495ed58ff0b.png
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:05 GMT
Server
AkamaiNetStorage
ETag
"8ab01ede9d94373f3b024566432f77ea:1644477785.792979"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
582
cb6a5cad-ccef-4b33-b409-18a78d1a449a.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/
1 KB
1 KB
Image
General
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/cb6a5cad-ccef-4b33-b409-18a78d1a449a.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
10d2a2452766f4d7dfdc0516316259bd078296735d22e6cf8183792ed98313ed

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/cb6a5cad-ccef-4b33-b409-18a78d1a449a.png
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:16 GMT
Server
AkamaiNetStorage
ETag
"ddcfe2becdb8ed99d1aac874392649b8:1644477796.267502"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1063
d849c35e-8590-4ab7-b6ec-79a047bbdfdd.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/
643 B
1009 B
Image
General
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/d849c35e-8590-4ab7-b6ec-79a047bbdfdd.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9dd3cb4be3d23f6cb39dd7932cceafa8a5b668cc77d79045b71bfaa8efdefb37

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/d849c35e-8590-4ab7-b6ec-79a047bbdfdd.png
Date
Thu, 17 Mar 2022 11:33:17 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:10 GMT
Server
AkamaiNetStorage
ETag
"0acbeb7cacc09947751164a4ea8d4bf7:1644477790.015122"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643
open.aspx
click.message.treedom.net/
43 B
199 B
Image
General
Full URL
https://click.message.treedom.net/open.aspx?ffcb10-fef61170716c0c-fe8f15787064037e7d-fe3c117175640478711771-ff971577-fe8b107871600c7e70-ff9a1071&d=500006&bmt=0
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.98.87 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
click.message.treedom.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 11:33:17 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.message.treedom.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options
nosniff
age
57742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:30:55 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.message.treedom.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 08:55:44 GMT
x-content-type-options
nosniff
age
95853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 08:55:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f(Line 14)
Message:
Mixed Content: The page at 'https://view.message.treedom.net/?qs=f644ce1f99f3d79219923bddd2063d4b997226be09b26cfb4f84e323e04f09c1a33fdecadcbb8b8fa369f7cd7b8d37493cadfd2f8485b1e0a9f28b05c94a4e5c7c553cc7c874fa2f' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.message.treedom.net
fonts.googleapis.com
fonts.gstatic.com
image.message.treedom.net
image.s50.sfmc-content.com
medias.treedom.net
view.message.treedom.net
www.treedom.net
fonts.googleapis.com
108.157.4.115
143.204.98.121
161.71.106.76
161.71.98.87
2a00:1450:4001:809::200a
2a00:1450:4001:812::2003
2a02:26f0:6c00:2ad::416d
2a02:26f0:fb::5f64:9981
01ffda082a9d6b7c03b87786caffea7eddca328c5a3a163a2b956e9d3cfb6918
10d2a2452766f4d7dfdc0516316259bd078296735d22e6cf8183792ed98313ed
1eb4f587a5c547035b77f096362196d4447dd7ef39b0da89ec269b51a841ec1f
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
2a6dbf1b9942678a8173f1c99b23fa3c2d0032f39b93488ececa917370cb11d8
47fb71e26e478d7f1ecc3b62eb44cef3df481c179eff76976137510caee59bf6
51faa9da396f8dbb1b0cdc9641f35e197e590ada4728a45b9ef2ceaf6b6af63d
732fffdc226c7e7f1da33c3dd566d6166632fbaee00721eab04f7e3714cfdfe6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9dd3cb4be3d23f6cb39dd7932cceafa8a5b668cc77d79045b71bfaa8efdefb37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
fb5ad595c1b3df7350cf5f721f8df57d756863396c2dd91e1a88e2688c616b69
fd6fec9fccd9207ff6ecfa7725ac4de86aa1ba15b0f5f8b7bc61d594fd85b334