urlscan.io logo urlscan.io
SecurityTrails logo

view.message.treedom.net Open in urlscan Pro
161.71.106.76  Public Scan

Go To Rescan Add Verdict Report
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391...
Submission: On April 25 via api from DE — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 161.71.106.76, located in London, United Kingdom and belongs to SALESFORCE, US. The main domain is view.message.treedom.net.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 19th 2021. Valid for: a year.
This is the only time view.message.treedom.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 161.71.106.76 14340 (SALESFORCE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 143.204.202.79 16509 (AMAZON-02)
1 65.9.68.19 16509 (AMAZON-02)
1 161.71.98.87 14340 (SALESFORCE)
2 2a00:1450:400... 15169 (GOOGLE)
16 9
1    161.71.106.76 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: view.message.treedom.net
view.message.treedom.net
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a02:26f0:6c00:2ad::416d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.s50.sfmc-content.com
1    2a02:26f0:6c00::210:bab2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
image.message.treedom.net
1    143.204.202.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-79.fra53.r.cloudfront.net
www.treedom.net
1    65.9.68.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-68-19.fra56.r.cloudfront.net
medias.treedom.net
1    161.71.98.87 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: click.message.treedom.net
click.message.treedom.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
6 image.s50.sfmc-content.com view.message.treedom.net
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com view.message.treedom.net
1 click.message.treedom.net view.message.treedom.net
1 medias.treedom.net view.message.treedom.net
1 www.treedom.net view.message.treedom.net
1 image.message.treedom.net view.message.treedom.net
1 view.message.treedom.net
16 8

This site contains links to these domains. Also see Links.

Domain
click.message.treedom.net
Subject Issuer Validity Valid
view.message.treedom.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-10-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
akamai-san24.exacttarget.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-12 -
2023-04-14		 a year crt.sh
san-6-s50.tlsprovisioning.exacttarget.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-21 -
2023-03-21		 a year crt.sh
*.treedom.net
Go Daddy Secure Certificate Authority - G2		 2021-09-01 -
2022-10-03		 a year crt.sh
click.message.treedom.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-10-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Frame ID: 43A85951C394C758575E7454D3DFCCFC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

94 %
HTTPS

50 %
IPv6

4
Domains

8
Subdomains

9
IPs

3
Countries

257 kB
Transfer

255 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
view.message.treedom.net/ 		65 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.106.76 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
view.message.treedom.net
Software
/
Resource Hash
fd8821983d51ee735349a99df741497be2b995462860dc33d2986cb8c60a5494

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private
Connection
close
Content-Length
66193
Content-Type
text/html; charset=utf-8
Date
Mon, 25 Apr 2022 08:00:11 GMT
css2
fonts.googleapis.com/ 		708 B
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato&display=swap
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 06:27:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 08:00:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 08:00:12 GMT
css2
fonts.googleapis.com/ 		3 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 06:13:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Apr 2022 08:00:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Apr 2022 08:00:12 GMT
css
fonts.googleapis.com/ 		0
0
6477285b-4fe3-4c43-a85a-f4d69f1e2ce1.gif
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/ 		58 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/6477285b-4fe3-4c43-a85a-f4d69f1e2ce1.gif
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fb5ad595c1b3df7350cf5f721f8df57d756863396c2dd91e1a88e2688c616b69

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/6477285b-4fe3-4c43-a85a-f4d69f1e2ce1.gif
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:14 GMT
Server
AkamaiNetStorage
ETag
"45aed9fb4844a22d62eb1a13c912f617:1644477794.304169"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58
2f1a3670-a149-4bb7-9350-8c8d72195cbc.png
image.message.treedom.net/lib/fe3c117175640478711771/m/1/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.message.treedom.net/lib/fe3c117175640478711771/m/1/2f1a3670-a149-4bb7-9350-8c8d72195cbc.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bab2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
47fb71e26e478d7f1ecc3b62eb44cef3df481c179eff76976137510caee59bf6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/2f1a3670-a149-4bb7-9350-8c8d72195cbc.png
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Tue, 01 Mar 2022 07:20:54 GMT
Server
AkamaiNetStorage
ETag
"e351c00b9c1c1ab339f768a3ea1cd4aa:1646119254.917753"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25425
large_4688305
www.treedom.net/images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.treedom.net/images/large_4688305
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.202.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-79.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a6dbf1b9942678a8173f1c99b23fa3c2d0032f39b93488ececa917370cb11d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 12:06:06 GMT
via
1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified
Thu, 02 Dec 2021 12:10:43 GMT
server
AmazonS3
age
158047
etag
"6cce403fa9306ac009eafba06041131d"
x-cache
Hit from cloudfront
x-amz-version-id
Bdi96eo2E3vB4NCPhY6B9x9RFiy2XUCc
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
30868
x-amz-cf-id
eqOQkB_KlOL8gVOQYYcMCpdNk2MJMDi-A55R2csPtbP-AJfYZ-OMPQ==
da20d7345155288d30e2d1dad90b22a1.png
medias.treedom.net/images/medium/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medias.treedom.net/images/medium/da20d7345155288d30e2d1dad90b22a1.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.68.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-68-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2f0970751bf17fda91c074da00a2e10dbf69d701376b0e7f836422e20579587

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 07:45:27 GMT
via
1.1 28ccbefb54459137bb0b0d946fd75e48.cloudfront.net (CloudFront)
last-modified
Wed, 20 Apr 2022 07:15:31 GMT
server
AmazonS3
age
432886
etag
"a2a2a15639e6206a56876c00c35941a9"
x-cache
Hit from cloudfront
x-amz-version-id
WtueSjxTAaXlTLzl_tWAHn9dJga6PGbo
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/png
content-length
73365
x-amz-cf-id
00hBrdbUS2GIrM-fSO59LfUnSxgsgf1t1OfbhbqO6oqpu00sjxRtdQ==
8e8001b5-ca5d-45f4-bb67-2ccc82c23630.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/8e8001b5-ca5d-45f4-bb67-2ccc82c23630.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
732fffdc226c7e7f1da33c3dd566d6166632fbaee00721eab04f7e3714cfdfe6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/8e8001b5-ca5d-45f4-bb67-2ccc82c23630.png
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:13 GMT
Server
AkamaiNetStorage
ETag
"b40b1bb2c7f169014400aa9b6fb7264d:1644477793.546225"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4224
fd9e31b2-edd6-4abe-9ea6-9345bc75f8a7.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/ 		412 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/fd9e31b2-edd6-4abe-9ea6-9345bc75f8a7.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
fd6fec9fccd9207ff6ecfa7725ac4de86aa1ba15b0f5f8b7bc61d594fd85b334

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/fd9e31b2-edd6-4abe-9ea6-9345bc75f8a7.png
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:20 GMT
Server
AkamaiNetStorage
ETag
"dbd93603e72f5c34466b4e2bea168814:1644477800.372025"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
412
7064ca23-8110-440b-8731-d495ed58ff0b.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/ 		582 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/7064ca23-8110-440b-8731-d495ed58ff0b.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1eb4f587a5c547035b77f096362196d4447dd7ef39b0da89ec269b51a841ec1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/7064ca23-8110-440b-8731-d495ed58ff0b.png
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:05 GMT
Server
AkamaiNetStorage
ETag
"8ab01ede9d94373f3b024566432f77ea:1644477785.792979"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
582
cb6a5cad-ccef-4b33-b409-18a78d1a449a.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/cb6a5cad-ccef-4b33-b409-18a78d1a449a.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
10d2a2452766f4d7dfdc0516316259bd078296735d22e6cf8183792ed98313ed

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/cb6a5cad-ccef-4b33-b409-18a78d1a449a.png
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:16 GMT
Server
AkamaiNetStorage
ETag
"ddcfe2becdb8ed99d1aac874392649b8:1644477796.267502"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1063
d849c35e-8590-4ab7-b6ec-79a047bbdfdd.png
image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/ 		643 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.s50.sfmc-content.com/lib/fe3c117175640478711771/m/1/d849c35e-8590-4ab7-b6ec-79a047bbdfdd.png
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:2ad::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9dd3cb4be3d23f6cb39dd7932cceafa8a5b668cc77d79045b71bfaa8efdefb37

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

NSLOCATION
/lib/fe3c117175640478711771/m/1/d849c35e-8590-4ab7-b6ec-79a047bbdfdd.png
Date
Mon, 25 Apr 2022 08:00:12 GMT
Last-Modified
Thu, 10 Feb 2022 07:23:10 GMT
Server
AkamaiNetStorage
ETag
"0acbeb7cacc09947751164a4ea8d4bf7:1644477790.015122"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
643
open.aspx
click.message.treedom.net/ 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://click.message.treedom.net/open.aspx?ffcb10-fefe1273756206-fe8f15787064037e7d-fe3c117175640478711771-ff971577-fe8b107871600c7e70-ff3716707562&d=500002&bmt=0
Requested by
Host: view.message.treedom.net
URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.98.87 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
click.message.treedom.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date
Mon, 25 Apr 2022 08:00:11 GMT
Cache-Control
no-cache; max-age=0
Connection
close
Content-Length
43
Content-Type
image/gif
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.message.treedom.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Wed, 20 Apr 2022 19:30:30 GMT
x-content-type-options
nosniff
age
390582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 20 Apr 2023 19:30:30 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://view.message.treedom.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 11:55:47 GMT
x-content-type-options
nosniff
age
504265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 11:55:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

0 Cookies

1 Console Messages

Source Level URL
Text
security error URL: https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84(Line 14)
Message:
Mixed Content: The page at 'https://view.message.treedom.net/?qs=10ed19968b9c51636aabf1062244764293a532128fc4a0a66ef73ee4034693a363d0cb188a59bd2541bffe611391b5b96981ce6c32857377371bcf8ea51eb11504eed25b73ab6d84' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900italic,900'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.message.treedom.net
fonts.googleapis.com
fonts.gstatic.com
image.message.treedom.net
image.s50.sfmc-content.com
medias.treedom.net
view.message.treedom.net
www.treedom.net
fonts.googleapis.com
143.204.202.79
161.71.106.76
161.71.98.87
2a00:1450:4001:808::2003
2a00:1450:4001:812::200a
2a02:26f0:6c00:2ad::416d
2a02:26f0:6c00::210:bab2
65.9.68.19
10d2a2452766f4d7dfdc0516316259bd078296735d22e6cf8183792ed98313ed
1eb4f587a5c547035b77f096362196d4447dd7ef39b0da89ec269b51a841ec1f
230f27646f2460a7e13106d06ec50cb822acf254ae08fba4058aa06ca57b9dab
2a6dbf1b9942678a8173f1c99b23fa3c2d0032f39b93488ececa917370cb11d8
47fb71e26e478d7f1ecc3b62eb44cef3df481c179eff76976137510caee59bf6
732fffdc226c7e7f1da33c3dd566d6166632fbaee00721eab04f7e3714cfdfe6
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9dd3cb4be3d23f6cb39dd7932cceafa8a5b668cc77d79045b71bfaa8efdefb37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f0970751bf17fda91c074da00a2e10dbf69d701376b0e7f836422e20579587
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
fb5ad595c1b3df7350cf5f721f8df57d756863396c2dd91e1a88e2688c616b69
fd6fec9fccd9207ff6ecfa7725ac4de86aa1ba15b0f5f8b7bc61d594fd85b334
fd8821983d51ee735349a99df741497be2b995462860dc33d2986cb8c60a5494