andromeda.mbmail1.com Open in urlscan Pro
2606:4700:3035::6815:43f9  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request web-version Show response andromeda.mbmail1.com/	90 KB 7 KB	1065ms 722ms	Document text/html	2606:4700:3035::6815:43f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:43f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2b7e81137ba2844ecfca8bf59596b444b2d4dfcfec84e26f91a4c871f028e3b Security Headers Name Value Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self' ; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self'; frame-src 'self'; form-action 'self'; worker-src 'self'; object-src 'none'; child-src 'none'; frame-ancestors 'none'; Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 85927b9b9954398a-YYZ content-encoding br content-security-policy default-src 'self'; connect-src 'self'; script-src 'self' ; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self'; frame-src 'self'; form-action 'self'; worker-src 'self'; object-src 'none'; child-src 'none'; frame-ancestors 'none'; content-type text/html date Wed, 21 Feb 2024 22:39:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} permissions-policy camera=(), microphone=(), geolocation=(), interest-cohort=() referrer-policy strict-origin-when-cross-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0GVZtBpCAGKnRRWRoKPFY%2BhXw%2BQ5HoyqkE73rRBE4m7N7SQJhlOWyvXL1NvvyemixZ9Kd63buoniMYb6%2FtJV5WQbfTqR7e1vpihowcm44TXVrfr%2Fb0JoITcYWAn8t1WS23MC7Xu%2F2VbJHLrPfelmIgREI8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-permitted-cross-domain-policies none x-xss-protection 1
GET H2	200	css fonts.googleapis.com/	1 KB 818 B	569ms 198ms	Stylesheet text/css	2607:f8b0:4004:c07::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,700 Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 21 Feb 2024 22:39:01 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 21 Feb 2024 21:16:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 21 Feb 2024 22:39:01 GMT
GET H2	200	cfdf209f-4e04-4d9b-8f6d-f94e7dd2ca82.png email-resources.mailbluster.com/22502/	7 KB 8 KB	355ms 87ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/cfdf209f-4e04-4d9b-8f6d-f94e7dd2ca82.png Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c06ad067d6b50310f1ac64414d5753e29108e04c97bb2c0fc3e4ba29f765e81 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id MJ90EP8B64X86PT2 age 6543 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 7403 x-amz-id-2 405hgfmFwKxh6KldGDFM05eYB/q2Ib/vdUxzwbUiyUi5NBiJN3q3pfk+Z1BnhF4q4qvaOy5bae/ZmXI1Yo2g/A== last-modified Sun, 05 Feb 2023 19:39:46 GMT server cloudflare etag "4d01c9350efeb45c2ecaaf1e004981b0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ag%2BZ2wN2TNfTbTLaCwWUIr6lDq0RjHuipX9Us1togNQ8DYHfH%2FiqYkvzgSJYmgKfmT4ZuHxqRof7BA1FKGjQCCm3uxILvLH4TiWaFq0I%2BUqkY3%2FGmP%2BejMNYwxRHaRTZflDjZMS9KPzvj60T8JUA4hC"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba1da20a21c-YYZ
GET H2	200	1708526995711-video_youtube_5yaeCVPapnM.jpg assets.unlayer.com/projects/12255/	831 KB 832 KB	577ms 144ms	Image image/png	2600:9000:201e:3000:1e:5470:880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.unlayer.com/projects/12255/1708526995711-video_youtube_5yaeCVPapnM.jpg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:201e:3000:1e:5470:880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92fd5f8d4e2e3710456f47ceae2a9992d9ec0ebe4036f10b0a366f6a0a63cd36 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:07:30 GMT via 1.1 f37f104903bda438e8b0547be6e0c192.cloudfront.net (CloudFront) last-modified Wed, 21 Feb 2024 14:49:57 GMT server AmazonS3 x-amz-cf-pop IAD89-C3 age 1892 x-amz-server-side-encryption AES256 etag "3a65b62c08b9deded1a6300f1585570d" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 850597 x-amz-cf-id f6Z-CrvNVjtuJXrU7Q6YCF7iMpaR6W0sVZwxvPjW88m--kDIHcrl5w==
GET H2	200	1708531374963-video_youtube_mkc1QO96r4M.jpg assets.unlayer.com/projects/12255/	714 KB 715 KB	575ms 144ms	Image image/png	2600:9000:201e:3000:1e:5470:880:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.unlayer.com/projects/12255/1708531374963-video_youtube_mkc1QO96r4M.jpg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:201e:3000:1e:5470:880:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e14b0f025ab9422a4e9021aa30f3db3a4d29d7eba96c5f428eea6f96be5fdf46 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:07:30 GMT via 1.1 f37f104903bda438e8b0547be6e0c192.cloudfront.net (CloudFront) last-modified Wed, 21 Feb 2024 16:02:56 GMT server AmazonS3 x-amz-cf-pop IAD89-C3 age 1892 x-amz-server-side-encryption AES256 etag "5022fd1cbf8fa061fc86e64cbae086f8" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png accept-ranges bytes content-length 731198 x-amz-cf-id RxJXZt1iZHGYkxbV4f3DE8-IfJ86a1uBKmm6ouJqNFWiagV-D6PCQA==
GET H2	200	204a5fe9-f2d8-4d02-8280-2335758f4c75.jpeg email-resources.mailbluster.com/22502/	13 KB 14 KB	388ms 122ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/204a5fe9-f2d8-4d02-8280-2335758f4c75.jpeg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6366294ee164b1b89ac7717422c8a429158031e4245b84eaa7a5f48b2695b36e Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id VQBQGSKE8WM58EXK age 3113 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 13457 x-amz-id-2 85RORotMOqfoW7ZcJpWrqFNnuNYyjYermrKUz7Ipw0ndoIIfTl4g6dAn6DKX3pzpxc1UshEUa34= last-modified Wed, 21 Feb 2024 16:04:15 GMT server cloudflare etag "a8ee732c14ed4d5835d6025aa1c79f30" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASp6%2Fzc2hN%2FqNGiGWThBqni9L3VK1Pf%2Bezog4GW2ldtfNu4r1EkYpnwQkutWHKMvpzE0A6FRhPxt1BNJEtyRk3WH2iOMta7lWtpAk%2FkbJNkR8urYI8HhEdJXIAEDNB09fWyFmtyMsFpsKQSa1R%2BKXgmn"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba1da23a21c-YYZ
GET H2	200	34550bd9-0de9-48f4-8f77-dc5be435bf7d.jpeg email-resources.mailbluster.com/22502/	5 KB 6 KB	357ms 91ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/34550bd9-0de9-48f4-8f77-dc5be435bf7d.jpeg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c846204151d376ce1bcf1e4cce0788ec0c2e8dbc710a54bb92ed95b66aff9e9 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id VQBW8RNSF5MGWPVS age 3113 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 5561 x-amz-id-2 GLnSpbuGA6KCqQ2Y2xnYa1qvlZuFL0MPBdEPCsuFsLAViw7ERu8RnmSV9SYY5f+VJXBB0IrUrOc= last-modified Wed, 21 Feb 2024 16:07:23 GMT server cloudflare etag "8169f040c4c47292fe46647292f431cf" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChnfyPxjdsl1qVHJdBTuJXOZcaZ4F3%2BRR8Qz4TYUzBQOtGy%2FzgVkPTzSAOO%2B7UmGOU73V8Ei09Gcw%2BCnWJ73q5qtqnCXpAJMsMPP7fVasO1mLJ6Gm8wDdA4urfEhYmOzkFAE9IaxpdRuOVU8Bm48J0%2Fh"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba1da21a21c-YYZ
GET H2	200	8275fc7f-c449-4acb-ae56-39060bb00583.jpeg email-resources.mailbluster.com/22502/	6 KB 7 KB	368ms 103ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/8275fc7f-c449-4acb-ae56-39060bb00583.jpeg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e5fc722f74cbef5a7791d8881948c8e259fed1f496534381f5793d992a97812 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id MJ9957ANSM27ET7P age 6543 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 6573 x-amz-id-2 I9RbWb1IU/5i/Dx71MrPZw2XU8lRckT6AL+b4oC/14rIrkr4eFCRV+YtuiizKO9A6Xm8JUY7IofZXDF5j0XE1Q== last-modified Thu, 06 Jul 2023 23:37:16 GMT server cloudflare etag "d4b41930cb5093a12af1c92ed53582a9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMn3CXzt2b%2BkLrmHOatRde%2F4i647Uu5yT6u4sXQtLuACzKVe56fYPHMHiSRGYsVxRZYtuB5lCqHFXnfAKI0EOgNDH7XdSIf%2BMaHSjIOb33i0lsLQPwJfz9R7WFsTFY0IPSUaXujWlMXq%2BOPF7WNGZgLO"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba1da28a21c-YYZ
GET H2	200	71c82e17-1934-48cc-9d5f-a63e1c92f68a.jpeg email-resources.mailbluster.com/22502/	5 KB 5 KB	400ms 135ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/71c82e17-1934-48cc-9d5f-a63e1c92f68a.jpeg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97ad83b9a31d0133a14400b6168d7caf76e855240bc9f6d3fb8d0299423d2522 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id RAJ2NSQ1EBWQHCJ1 age 3113 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 4633 x-amz-id-2 r3I7TpIPyoY+ezIzjjwe7sMgaO9uWoxkphb2dmL1t4z2cskp82JaRWMHr37s5q0dOMvIPmgqd9l183XLtfvktQ== last-modified Thu, 06 Jul 2023 23:46:29 GMT server cloudflare etag "ebeb2eea93ab635cb8a64fcf34bb1502" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9c9W8ZpORUTR6XzmnrW%2BYtCpOM3YJ3F2u5Ycge40DUmlSXfV75n%2BFrpeikL4fQPpEzQirYHLTK0C3RQLRR3DaaL%2FSO3S7XIuzNGjiiaZFPYjQVgSeeUWgUVH2nEPLllr9vP42pSS3LmNomy42K2ZdqUP"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba1da26a21c-YYZ
GET H2	200	1882ad43-9b08-468a-8b80-746a791939e8.jpeg email-resources.mailbluster.com/22502/	4 KB 4 KB	556ms 291ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/1882ad43-9b08-468a-8b80-746a791939e8.jpeg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05aec2b48e13b4be89687f9240e5741f4cceb83badc1b7e16e317fd321c1f888 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 0DCRRCTV5R152MT8 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 3816 x-amz-id-2 hrHTKsDQVko1uI5tnleSL+tn/QSsNCdumOWw1fOp8up9EumCXS7e/3uwsxgUsZ0qARNU2IZyj04= last-modified Thu, 06 Jul 2023 23:48:45 GMT server cloudflare etag "09f34b0722412ec4798fd272044377b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYKfK%2Bl8bxHzvMSxHlUD6eC6WPOPa%2B216bMai4InaYMugMxonO453jdqNc7xb1IHKhSGwpxKCNQ%2FjyOoAOprBlrXZMj56kERWmmfFyNETNYvHn%2BvFyXn%2FZPBrsawrNpaF5U8UpqPdBQ6IKTtjTKPDWbe"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba1da2aa21c-YYZ
GET H2	200	3a144da7-677d-4041-bbd2-2dd120d0fa98.jpeg email-resources.mailbluster.com/22502/	5 KB 6 KB	105ms 104ms	Image application/octet-stream	104.21.63.113 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://email-resources.mailbluster.com/22502/3a144da7-677d-4041-bbd2-2dd120d0fa98.jpeg Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.63.113 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9917a7f4f1b9a3e524dd8f2ea6e467c4188003e4c712c19d039081ed9f0dc299 Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id MJ9DMS637HF8RBDT age 3113 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 5288 x-amz-id-2 hkHQB26Z5UM+MLGmndzM6Dfofjsl6ArKp7drpLcu5yjENaFQ2Z7LS5zDPvIoWm2qgw4vQ9lIZLT5Hdqc0rvlwg== last-modified Thu, 06 Jul 2023 23:58:22 GMT server cloudflare etag "f23b2fda66fd42299218407dd4994f98" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FijNVsuMBTyzS0uObGzHYCNILT%2BsUkArUP4DgVp%2FBFwGx9zSBpqNMpMoXggOIFby8zbc96nRk2axFcfARUMz%2B4KXrnHD86GEgxrKOo%2F4nzcpv05BOq1WEf1Trr8Tet2d3UZGs46g5Usi6gtwO%2BnqQQRm"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 85927ba27b03a21c-YYZ
GET H2	200	email-decode.min.js Show response andromeda.mbmail1.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	91ms 90ms	Script application/javascript	2606:4700:3035::6815:43f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://andromeda.mbmail1.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: andromeda.mbmail1.com URL: https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3035::6815:43f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://andromeda.mbmail1.com/web-version?b=el5g0ewzknj1y9wx4x7d62mrvq7ox4p8&c=qw41lrm280yz7dnemzmdkejv6x5qgopn&l=80nmqy5jp1ldgmqmxvexdv2kzexro476 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Wed, 21 Feb 2024 22:39:01 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff last-modified Fri, 16 Feb 2024 14:40:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare content-encoding gzip etag W/"65cf73c3-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJUS5AAShfvxxzNgYcrYBjxOzPI%2B%2FqXsvvvz%2B%2Be86NcmPiGYuZ%2BuQ0fLB3Z3kC3ra4LQhHQLODR0S5A4r4WPPgqgOcaVr2pd8uqlkCLR6%2BVlimt07FJEDAXd10SbDsWb1cQITRdNY8%2B0ugJRG%2FUTD%2FhIj1U%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 85927ba02a03398a-YYZ expires Fri, 23 Feb 2024 22:39:01 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 24 KB	529ms 134ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://andromeda.mbmail1.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 04:14:46 GMT x-content-type-options nosniff age 411856 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Feb 2025 04:14:46 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 23 KB	584ms 190ms	Font font/woff2	2607:f8b0:4004:c17::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://andromeda.mbmail1.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36 Response headers date Sat, 17 Feb 2024 07:58:25 GMT x-content-type-options nosniff age 398437 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 02 May 2023 15:07:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Feb 2025 07:58:25 GMT

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self' ; style-src * 'self' 'unsafe-inline'; img-src * 'self' data:; font-src * 'self'; frame-src 'self'; form-action 'self'; worker-src 'self'; object-src 'none'; child-src 'none'; frame-ancestors 'none';
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andromeda.mbmail1.com
assets.unlayer.com
email-resources.mailbluster.com
fonts.googleapis.com
fonts.gstatic.com
104.21.63.113
2600:9000:201e:3000:1e:5470:880:93a1
2606:4700:3035::6815:43f9
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c17::5e
05aec2b48e13b4be89687f9240e5741f4cceb83badc1b7e16e317fd321c1f888
1e5fc722f74cbef5a7791d8881948c8e259fed1f496534381f5793d992a97812
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c846204151d376ce1bcf1e4cce0788ec0c2e8dbc710a54bb92ed95b66aff9e9
6366294ee164b1b89ac7717422c8a429158031e4245b84eaa7a5f48b2695b36e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92fd5f8d4e2e3710456f47ceae2a9992d9ec0ebe4036f10b0a366f6a0a63cd36
97ad83b9a31d0133a14400b6168d7caf76e855240bc9f6d3fb8d0299423d2522
9917a7f4f1b9a3e524dd8f2ea6e467c4188003e4c712c19d039081ed9f0dc299
9c06ad067d6b50310f1ac64414d5753e29108e04c97bb2c0fc3e4ba29f765e81
c2b7e81137ba2844ecfca8bf59596b444b2d4dfcfec84e26f91a4c871f028e3b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c71c144709e243473601e175acad7cd2d31bc7883d9dd7278ce6c5b74a06f9bf
e14b0f025ab9422a4e9021aa30f3db3a4d29d7eba96c5f428eea6f96be5fdf46