click1.em.iheart.com Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Effective URL:
http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Submission Tags: falconsandbox
Submission: On June 16 via api (June 16th 2022, 3:09:33 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 24 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.em.iheart.com.

This is the only time click1.em.iheart.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	96.46.128.252 96.46.128.252	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6813:9a5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9b5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	52.222.214.112 52.222.214.112	16509 (AMAZON-02) (AMAZON-02)
2	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1 2	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
24	10

2 74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)

click1.em.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.128.252 (United States)

ASN14618 (AMAZON-AES, US)
PTR: www.efeedbacktrk.com

d2b46f.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a5c (United States)

ASN13335 (CLOUDFLARENET, US)

www.hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9b5c (United States)

ASN13335 (CLOUDFLARENET, US)

hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.84.54.237 (San Antonio, United States) 5 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rs-stripe.bongino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.214.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-112.fra56.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

branding.revenuestripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.17 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	hannity.com 3 redirects www.hannity.com hannity.com — Cisco Umbrella Rank: 263014 rs-stripe.hannity.com ld.hannity.com Failed	184 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 158	175 KB
3	powerinboxedge.com images-prod.powerinboxedge.com — Cisco Umbrella Rank: 24101	317 KB
2	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 461	582 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 145	586 B
2	bongino.com 2 redirects rs-stripe.bongino.com	569 B
2	revenuestripe.com branding.revenuestripe.com — Cisco Umbrella Rank: 33078	5 KB
2	iheart.com click1.em.iheart.com	193 KB
1	efeedbacktrk.com d2b46f.efeedbacktrk.com	466 B
24	9

	Domain	Requested by
4	hannity.com	click1.em.iheart.com
4	connect.facebook.net	click1.em.iheart.com connect.facebook.net
3	images-prod.powerinboxedge.com	click1.em.iheart.com
3	rs-stripe.hannity.com	3 redirects
3	www.hannity.com	click1.em.iheart.com
2	pixel.quantserve.com	click1.em.iheart.com
2	sb.scorecardresearch.com	1 redirects click1.em.iheart.com
2	rs-stripe.bongino.com	2 redirects
2	branding.revenuestripe.com	click1.em.iheart.com
2	click1.em.iheart.com
1	d2b46f.efeedbacktrk.com	click1.em.iheart.com
0	ld.hannity.com Failed	click1.em.iheart.com
24	12

This site contains no links.

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-25` - `2022-06-23`	3 months	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2022-04-28` - `2023-04-26`	a year	crt.sh
www.hannity.com Cloudflare Inc ECC CA-3	`2021-11-24` - `2022-11-23`	a year	crt.sh
hannity.com Cloudflare Inc ECC CA-3	`2021-11-24` - `2022-11-23`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Frame ID: 4A57038E8D1CEA931F26BAFD6C0707D6
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TOO FAR? Days After Death Threats Against McConnell, Pressley Calls GOP Leader 'The Common Enemy' {subject}

Page URL History Show full URLs

http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgw... Page URL
http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

24
Requests

50 %
HTTPS

40 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

874 kB
Transfer

1301 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view Page URL
http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 8

http://rs-stripe.hannity.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3782/757492

Request Chain 9

http://rs-stripe.hannity.com/branding/recommend/transparent.gif HTTP 301
http://branding.revenuestripe.com/recommend/transparent.gif

Request Chain 11

http://rs-stripe.hannity.com/stripe/image?cs_email=259971&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3782/863832

Request Chain 13

http://rs-stripe.bongino.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=15916&cs_sendid=259971&cs_offset=0&cs_esp=postup HTTP 303
http://images-prod.powerinboxedge.com/v3/images/0/780186

Request Chain 14

http://rs-stripe.bongino.com/branding/recommend/short.png HTTP 301
http://branding.revenuestripe.com/recommend/short.png

Request Chain 20

https://sb.scorecardresearch.com/p?c1=2&c2=20015427&cv=2.0&cj=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ViewMessage.do Show response
click1.em.iheart.com/ 3 KB
3 KB 730ms
110ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: c13ba0973ad354aea8ee95ad5802e0407d30480d1bc62c286e88fb94ec1d77a5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Thu, 16 Jun 2022 03:09:27 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

99ms
22ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f21e0eccb136d093fce3205d66399511b50b261ba4da5a16f35efe5d2a6ee19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 00GMwMNp2xs9lXRoGR1J7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 3Rcd/i7sSwHLkp1gyR4H/2FpsXKDR16PTHauQalnNUvWDbhSG3cpqMwjIbcJhub4qS/5Ba+guiN9RrNSB+nSAg==
x-fb-trip-id: 686109401
x-fb-content-md5: 65989d310056d2de1c23062b70add642
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Jun 2022 03:09:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "00495e9f7bf8d3f61ba5973d76514c92"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jun 2022 03:12:20 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 all.js
connect.facebook.net/en_US/ 301 KB
85 KB 48ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=38bed0f5d4af2f25cade0684597ae07d

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.em.iheart.com/
Origin: http://click1.em.iheart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +7MzYDURBIFfsixzMmag7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87318
x-fb-rlafr: 0
x-fb-debug: s06doVP8pGVbCOR8tbpqV+gsmDTvMfZviuCq+FaB1xEZtHCVmqLjyR4MG+xNAsxj3lk1dDQ1xx+bM5rdlf1Tzg==
x-fb-content-md5: 3c708f1e18fa6c4933381fe6d4c8f673
x-frame-options: DENY
date: Thu, 16 Jun 2022 03:09:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7726012194055ec2cf348aa46ddbd1e8"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Jun 2023 02:14:44 GMT

POST
H/1.1 200
OK Primary Request ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1 Show response
click1.em.iheart.com/ 189 KB
190 KB 312ms
312ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e0e443aa5ccabfe087b1d47f90497b4d2ced40715a1b513367c1a7258391f221

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://click1.em.iheart.com
Referer: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Thu, 16 Jun 2022 03:09:27 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H3

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

48ms
24ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f21e0eccb136d093fce3205d66399511b50b261ba4da5a16f35efe5d2a6ee19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 00GMwMNp2xs9lXRoGR1J7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 3Rcd/i7sSwHLkp1gyR4H/2FpsXKDR16PTHauQalnNUvWDbhSG3cpqMwjIbcJhub4qS/5Ba+guiN9RrNSB+nSAg==
x-fb-content-md5: 65989d310056d2de1c23062b70add642
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Jun 2022 03:09:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "00495e9f7bf8d3f61ba5973d76514c92"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 16 Jun 2022 03:12:20 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK kdvbtpvftkzjprzbjrrddjfdtdjvtgggzsktqzrfrvtvss_mdppncbnwtqlcndnbsnsww.gif
d2b46f.efeedbacktrk.com/ 68 B
466 B 497ms
107ms Image
image/png 96.46.128.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2b46f.efeedbacktrk.com/kdvbtpvftkzjprzbjrrddjfdtdjvtgggzsktqzrfrvtvss_mdppncbnwtqlcndnbsnsww.gif
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.128.252 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: www.efeedbacktrk.com
Software: sp /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 03:09:28 GMT
Server: sp
Content-Type: image/png;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
imagetoolbar: no
Keep-Alive: timeout=60
Content-Length: 68
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=38bed0f5d4af2f25cade0684597ae07d

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da47117cd7acbfba69429e6bc471fa40b19dd6e9e6fa7b9fa0010a3a540340c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.em.iheart.com/
Origin: http://click1.em.iheart.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: +7MzYDURBIFfsixzMmag7g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87318
x-fb-rlafr: 0
x-fb-debug: s06doVP8pGVbCOR8tbpqV+gsmDTvMfZviuCq+FaB1xEZtHCVmqLjyR4MG+xNAsxj3lk1dDQ1xx+bM5rdlf1Tzg==
x-fb-content-md5: 3c708f1e18fa6c4933381fe6d4c8f673
x-frame-options: DENY
date: Thu, 16 Jun 2022 03:09:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7726012194055ec2cf348aa46ddbd1e8"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 16 Jun 2023 02:14:44 GMT

GET
H2 200 SeanHannity_logo_horizontal-1-443x69.png
www.hannity.com/wp-content/uploads/2017/12/ 2 KB
3 KB 203ms
127ms Image
image/webp 2606:4700::6813:9a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a80a010ad3e780d7d3d13fb1e67ded5016e394c4835efd9e8244de07f7411f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=2772
content-disposition: inline; filename="SeanHannity_logo_horizontal-1-443x69.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2388
last-modified: Mon, 14 Sep 2020 13:32:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Jun 2023 19:18:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058cc6e1a9b74-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 pressley-880x495.jpg
hannity.com/wp-content/uploads/2019/03/ 75 KB
75 KB 191ms
134ms Image
image/jpeg 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hannity.com/wp-content/uploads/2019/03/pressley-880x495.jpg
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c15ecb481d1fe8b71c9b8a61006c6a50ea1ee4ef61df299dcae5899ad27e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jan 2021 23:27:39 GMT
server: cloudflare
cf-polished: status=not_needed
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 15 Jun 2023 17:19:20 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058cc4f079966-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76727
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

757492
images-prod.powerinboxedge.com/v3/images/3782/
Redirect Chain

http://rs-stripe.hannity.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup
http://images-prod.powerinboxedge.com/v3/images/3782/757492

138 KB
139 KB

304ms
271ms

Image
image/png

52.222.214.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3782/757492
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Server: 52.222.214.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 964ca01542e1a74a4c616423ec932ad0009e86218b55839e70960fe57d3da715

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 03:09:30 GMT
Via: 1.1 54fc556adf6e8c787574c6f132d70178.cloudfront.net (CloudFront)
Last-Modified: Mon, 19 Jul 2021 22:00:37 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
ETag: "5ec648d36e026f11782340950492a6fa"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 141604
X-Amz-Cf-Id: xOjvr9eNd7sE0F7hCdwlwqOYXs6lI8oZz5eLExks3qZuOmwZWIUfMg==

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 03:09:28 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/3782/757492
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

transparent.gif
branding.revenuestripe.com/recommend/
Redirect Chain

http://rs-stripe.hannity.com/branding/recommend/transparent.gif
http://branding.revenuestripe.com/recommend/transparent.gif

3 KB
4 KB

55ms
23ms

Image
image/gif

52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://branding.revenuestripe.com/recommend/transparent.gif
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Server: 52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 114a94d6363058a453f91374a6a17b2b03e2317a426f8578422f7cfac884c06b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Sat, 04 Jun 2022 18:54:13 GMT
Via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
Last-Modified: Fri, 21 Jan 2022 22:16:11 GMT
Server: AmazonS3
Age: 980116
ETag: "538f857e43ff094071c254a003739ed0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P4
Accept-Ranges: bytes
Content-Length: 3213
X-Amz-Cf-Id: EcozG1bZrNF3c_ppsKERWF6wfL5IUFPj-IJDvAlcC8muTuR40aAOkw==

Redirect headers

Location: http://branding.revenuestripe.com/recommend/transparent.gif
Date: Thu, 16 Jun 2022 03:09:28 GMT
Content-Length: 17
Content-Type: text/plain; charset=utf-8

GET
H2 200 az_grandma-880x495.jpg
hannity.com/wp-content/uploads/2019/08/ 40 KB
40 KB 138ms
138ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hannity.com/wp-content/uploads/2019/08/az_grandma-880x495.jpg
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14eff268c8d87103358c726938cf2f3549f37bb647e4c801c06ed8ddd0769810

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=44698
content-disposition: inline; filename="az_grandma-880x495.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40744
last-modified: Wed, 06 Jan 2021 16:23:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 15 Jun 2023 17:21:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058ccaf749966-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

863832
images-prod.powerinboxedge.com/v3/images/3782/
Redirect Chain

http://rs-stripe.hannity.com/stripe/image?cs_email=259971&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup
http://images-prod.powerinboxedge.com/v3/images/3782/863832

82 KB
82 KB

339ms
278ms

Image
image/png

52.222.214.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3782/863832
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Server: 52.222.214.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3d05b9564adc570502c7262befd59435bd6522f169e0c00ecd38436bdfab2f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 03:09:30 GMT
Via: 1.1 59439a13f6db75e801a63663b4f79372.cloudfront.net (CloudFront)
Last-Modified: Fri, 08 Apr 2022 20:16:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P3
ETag: "fe173dd01222120f69e6b786f433cb42"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83626
X-Amz-Cf-Id: vPw1R-YcHEYIuhRnjbz0bgDPRMxYjotZr-q4JsZkWtbKO6NnP6IGSQ==

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 03:09:28 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/3782/863832
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H3 200 schiff_eagles-880x495.jpg
hannity.com/wp-content/uploads/2019/08/ 23 KB
23 KB 169ms
141ms Image
image/webp 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hannity.com/wp-content/uploads/2019/08/schiff_eagles-880x495.jpg
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45905aa8ababf2fbbc58dc79f8a6df2178d8dc5a405f655ecd748ffe8774862b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=29604
content-disposition: inline; filename="schiff_eagles-880x495.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23212
last-modified: Wed, 06 Jan 2021 16:22:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Thu, 15 Jun 2023 17:18:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058cd7ffe909d-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200
OK

780186
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

http://rs-stripe.bongino.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=15916&cs_sendid=259971&cs_offset=0&cs_esp=postup
http://images-prod.powerinboxedge.com/v3/images/0/780186

96 KB
97 KB

79ms
22ms

Image
image/png

52.222.214.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/0/780186
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Server: 52.222.214.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-112.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ddd365af70a35cd931654a219bc3d78686dc10f4dfd4a65d95f07f1c547e262

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Thu, 16 Jun 2022 02:32:49 GMT
Via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Sep 2021 19:04:13 GMT
Server: AmazonS3
Age: 2244
ETag: "d5b3fd9760e91230ba69ff638af28798"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
Content-Length: 98347
X-Amz-Cf-Id: K7eDvoPubyzrPL7flil5G0snumKDTUUJdmlu16PCncByzkZYl9LIxQ==

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 03:09:28 GMT
Location: http://images-prod.powerinboxedge.com/v3/images/0/780186
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

short.png
branding.revenuestripe.com/recommend/
Redirect Chain

http://rs-stripe.bongino.com/branding/recommend/short.png
http://branding.revenuestripe.com/recommend/short.png

872 B
1 KB

23ms
23ms

Image
image/png

52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://branding.revenuestripe.com/recommend/short.png
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: HTTP/1.1
Server: 52.222.236.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 04:39:42 GMT
Via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
Last-Modified: Fri, 21 Jan 2022 22:16:11 GMT
Server: AmazonS3
Age: 685787
ETag: "69de7bae23dafcc7e38c4e59445aa693"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P4
Accept-Ranges: bytes
Content-Length: 872
X-Amz-Cf-Id: -Zb1b_2Vyl3bBeyjwwiPbjQUIsFRF9w5oH_yfSHePK-yYPrdcJ1O2A==

Redirect headers

Location: http://branding.revenuestripe.com/recommend/short.png
Date: Thu, 16 Jun 2022 03:09:28 GMT
Content-Length: 17
Content-Type: text/plain; charset=utf-8

GET
H3 200 bernie_billionaire-880x495.jpg
hannity.com/wp-content/uploads/2019/07/ 40 KB
40 KB 190ms
163ms Image
image/jpeg 2606:4700::6813:9b5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hannity.com/wp-content/uploads/2019/07/bernie_billionaire-880x495.jpg
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9b5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a78af076612b3bd66e34cbe50453155e508609c93a15e0a1af3cee05fc26391f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Jan 2021 23:45:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058cd8800909d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40788
expires: Fri, 16 Jun 2023 03:09:28 GMT

GET 11565666444754278
ld.hannity.com/elad/std/ 0
0

GET 11565672182562150
ld.hannity.com/elad/std/ 0
0

GET
H3 200 twitter.png
www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/ 772 B
1 KB 172ms
146ms Image
image/webp 2606:4700::6813:9a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c797c9a6c9463f93b2dbabc0da2b137a76a78f2d684a3689859a273bf573c57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1914
content-disposition: inline; filename="twitter.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 772
last-modified: Sun, 13 Oct 2019 04:51:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Jun 2023 18:46:40 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058cd89d79a1b-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 facebook.png
www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/ 576 B
965 B 159ms
134ms Image
image/webp 2606:4700::6813:9a5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9a5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c48d3968674f564d551af798a3e6c2b7d35464995e8105c7324632cbb558f61

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=1463
content-disposition: inline; filename="facebook.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 576
last-modified: Sun, 13 Oct 2019 04:51:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 14 Jun 2023 19:18:14 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71c058cd89da9a1b-FRA
cf-bgj: imgq:85,h2pri

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=20015427&cv=2.0&cj=1
https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1

43 B
262 B

24ms
23ms

Image
image/gif

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1
Protocol: H2
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 03:09:28 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 43
x-amz-cf-id: -isnUm1og5X7Zu-u2aoOwOF5ggEosIaW1c3_Ho7D_RiGYY65EdwUqw==
x-cache: Miss from cloudfront
content-type: image/gif

Redirect headers

location: /p2?c1=2&c2=20015427&cv=2.0&cj=1
date: Thu, 16 Jun 2022 03:09:28 GMT
via: 1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: _LdFfnhANnXzOw_7ti00_Qg70tker0JA5rJrWz-vN8SNWICibAZzIw==
x-cache: Miss from cloudfront

GET
H2 200 p-31iz6hfFutd16.gif
pixel.quantserve.com/pixel/ 35 B
372 B 91ms
22ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-31iz6hfFutd16.gif?labels=Domain.hannity_com,DomainId.80607

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 03:09:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-31iz6hfFutd16.gif
pixel.quantserve.com/pixel/ 35 B
210 B 23ms
23ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-31iz6hfFutd16.gif?labels=Domain.hannity_com,DomainId.80607

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=A16D4ED4DB56B54DFBE43B90B9F1D7D1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.em.iheart.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 03:09:28 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ld.hannity.com
URL: http://ld.hannity.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup

Domain: ld.hannity.com
URL: http://ld.hannity.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
click1.em.iheart.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4B12600D7FBB50074E5B6BF587A0E587
.scorecardresearch.com/	1970-01-20 21:05:56	Name: UID Value: 1F995dffb5a7b17849716001655348968
.quantserve.com/	1970-01-20 13:19:23	Name: mc Value: 62aa9ee8-94163-a1cd9-f1bce

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ld.hannity.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://ld.hannity.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
click1.em.iheart.com
connect.facebook.net
d2b46f.efeedbacktrk.com
hannity.com
images-prod.powerinboxedge.com
ld.hannity.com
pixel.quantserve.com
rs-stripe.bongino.com
rs-stripe.hannity.com
sb.scorecardresearch.com
www.hannity.com
ld.hannity.com
13.32.121.17
13.84.54.237
2606:4700::6813:9a5c
2606:4700::6813:9b5c
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a03:2880:f01c:8012:face:b00c:0:3
52.222.214.112
52.222.236.122
74.214.203.11
96.46.128.252
114a94d6363058a453f91374a6a17b2b03e2317a426f8578422f7cfac884c06b
14eff268c8d87103358c726938cf2f3549f37bb647e4c801c06ed8ddd0769810
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2da47117cd7acbfba69429e6bc471fa40b19dd6e9e6fa7b9fa0010a3a540340c
45905aa8ababf2fbbc58dc79f8a6df2178d8dc5a405f655ecd748ffe8774862b
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313
6f21e0eccb136d093fce3205d66399511b50b261ba4da5a16f35efe5d2a6ee19
8c48d3968674f564d551af798a3e6c2b7d35464995e8105c7324632cbb558f61
8ddd365af70a35cd931654a219bc3d78686dc10f4dfd4a65d95f07f1c547e262
964ca01542e1a74a4c616423ec932ad0009e86218b55839e70960fe57d3da715
9a80a010ad3e780d7d3d13fb1e67ded5016e394c4835efd9e8244de07f7411f9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a78af076612b3bd66e34cbe50453155e508609c93a15e0a1af3cee05fc26391f
a8c15ecb481d1fe8b71c9b8a61006c6a50ea1ee4ef61df299dcae5899ad27e6e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d05b9564adc570502c7262befd59435bd6522f169e0c00ecd38436bdfab2f0
c13ba0973ad354aea8ee95ad5802e0407d30480d1bc62c286e88fb94ec1d77a5
c797c9a6c9463f93b2dbabc0da2b137a76a78f2d684a3689859a273bf573c57c
e0e443aa5ccabfe087b1d47f90497b4d2ced40715a1b513367c1a7258391f221

click1.em.iheart.com Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

50 %HTTPS

40 %IPv6

9 Domains

12 Subdomains

10 IPs

2 Countries

874 kBTransfer

1301 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

3 Cookies

2 Console Messages

click1.em.iheart.com Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

50 %
HTTPS

40 %
IPv6

9
Domains

12
Subdomains

10
IPs

2
Countries

874 kB
Transfer

1301 kB
Size

3
Cookies

24 HTTP transactions
0 data transactions