urlscan.io logo urlscan.io
SecurityTrails logo

mailz.leafybranch.com Open in urlscan Pro
2600:3c00::f03c:93ff:fe39:3408  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc7486d6ec949f85d4de541022
Effective URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpos...
Submission: On January 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 26 HTTP transactions. The main IP is 2600:3c00::f03c:93ff:fe39:3408, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is mailz.leafybranch.com.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time mailz.leafybranch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 2600:3c00::f0... 63949 (AKAMAI-LI...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
14 14 20.225.97.235 8075 (MICROSOFT...)
13 108.159.227.114 16509 (AMAZON-02)
1 108.159.227.26 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
26 6
4    2600:3c00::f03c:93ff:fe39:3408 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
mailz.leafybranch.com
1    2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:4700:3031::ac43:a0b9 (United States)

ASN13335 (CLOUDFLARENET, US)
freedomheadlines.com
14    20.225.97.235 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rs-stripe.freedomheadlines.com
13    108.159.227.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-159-227-114.ord56.r.cloudfront.net
images-prod.powerinboxedge.com
1    108.159.227.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-159-227-26.ord56.r.cloudfront.net
branding.revenuestripe.com
2    2607:f8b0:4006:81d::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
21 freedomheadlines.com
freedomheadlines.com
rs-stripe.freedomheadlines.com
93 KB
13 powerinboxedge.com
images-prod.powerinboxedge.com — Cisco Umbrella Rank: 25927
1 MB
4 leafybranch.com
mailz.leafybranch.com
9 KB
2 gstatic.com
fonts.gstatic.com
56 KB
1 revenuestripe.com
branding.revenuestripe.com — Cisco Umbrella Rank: 49189
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
26 6
Domain Requested by
14 rs-stripe.freedomheadlines.com 14 redirects
13 images-prod.powerinboxedge.com mailz.leafybranch.com
7 freedomheadlines.com mailz.leafybranch.com
4 mailz.leafybranch.com 2 redirects mailz.leafybranch.com
2 fonts.gstatic.com fonts.googleapis.com
1 branding.revenuestripe.com mailz.leafybranch.com
1 fonts.googleapis.com mailz.leafybranch.com
26 7

This site contains no links.

Subject Issuer Validity Valid
mailz.leafybranch.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
freedomheadlines.com
GTS CA 1P5		 2023-11-24 -
2024-02-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Frame ID: CC1FBF6594386C34D84F60FB511A9073
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Teacher Makes Excellent Point, “If Educators Can Teach Children About Gender, I Can…”

Page URL History Show full URLs

  1. http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc74... HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc74... HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

46 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

1270 kB
Transfer

1331 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc7486d6ec949f85d4de541022 HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc7486d6ec949f85d4de541022 HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125095&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/0/603920
Request Chain 3
  • https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png HTTP 301
  • https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Request Chain 7
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/962401
Request Chain 8
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/953655
Request Chain 9
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/962149
Request Chain 10
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961667
Request Chain 14
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/960714
Request Chain 15
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961913
Request Chain 16
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/957640
Request Chain 17
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/903971
Request Chain 18
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=4&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/877012
Request Chain 19
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=5&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/949798
Request Chain 20
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=6&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961249
Request Chain 21
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=7&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757493

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request eo6838hvma0bd
mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/
Redirect Chain
  • http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc7486d6ec949f85d4de541022
  • https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-url/eo6838hvma0bd/98effa695024cdcc7486d6ec949f85d4de541022
  • https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
76 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
557fecbe22d516892d22c2de3ef355ca87808eb29518c8ed8c6a0d755211191c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7098
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 21:02:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Referrer-Policy
no-referrer
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 Jan 2024 21:02:22 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Sun, 21 Jan 2024 21:02:22 GMT
Location
https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Pragma
no-cache
Referrer-Policy
no-referrer
Server
Apache/2.4.56 (Debian)
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ad7f0c5d5a0d599ffffdce4351226b6cc782b14f9e8d33d31373f416ba7dffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 Jan 2024 21:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 Jan 2024 21:00:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 Jan 2024 21:02:22 GMT
FH-2021-sized-1.jpg
freedomheadlines.com/wp-content/uploads/2021/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2021/01/FH-2021-sized-1.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7045682
alt-svc
h3=":443"; ma=86400
content-length
28587
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 01:55:25 GMT
server
cloudflare
etag
"6351fc0d-6fab"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYwqbzrq%2F4h6ag1WMiNhqWCqNHRPxYMD3EHAVY8C2mZmQqO8KB9dq5xoGkCH%2Bo2binoBaKmCNeJusCmDbc5Io6m5l4nmgJuU4J1avBCcb8qSjEAuf6nnMkEvRUNmr0Yg0TkshCVkpYrd9uqUMEWvc0JgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f71aaa6436f-EWR
expires
Wed, 07 Aug 2024 15:15:55 GMT
603920
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125095&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/0/603920
77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/0/603920
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ad94cfb328e70e62a13fc1595b452e4918148640ccf0884c1183d8a06f3840a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 20:13:29 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Mon, 24 Feb 2020 14:43:24 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
2935
etag
"2a7b6eb81464fcb8e904458925860d36"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
79088
x-amz-cf-id
Hs_DdMurKwNrAdNO60qhjOvalXAYuBkGlgfAlxakdx7_i9Utp8WneQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/0/603920
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
powerinbox-rec-reg.png
branding.revenuestripe.com/recommend/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png
  • https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-26.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 19:16:31 GMT
via
1.1 5fc388a03679dfbbbbf697a5d857131e.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 22:16:11 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
1734352
etag
"466795436b37f96c671ae07757810750"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1707
x-amz-cf-id
a-JfHSHCJJoVqwlNRlLVZZxmbCl2iDGT4nJhyDQmaDUH2ENbPLFYzw==

Redirect headers

location
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
access-control-expose-headers
Request-Context
cache-control
private
date
Sun, 21 Jan 2024 21:02:22 GMT
request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length
184
content-type
text/html; charset=utf-8
teacher-viral-300x175.jpg
freedomheadlines.com/wp-content/uploads/2022/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2022/04/teacher-viral-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203a465ded36459c84e5eb932fc399a7848e2ea8c3918aa311214a596a1bf9c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5438
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 01:54:31 GMT
server
cloudflare
etag
"6351fbd7-153e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QXAttNOQjlHmPCSXtsOEL5XvZrabmWAayA7AQAPh5VdMCrAOdiZJcwCP0LtoKnJNOhor9szAZCJH1IslJtyXDSEIwpFY1dug48EJB3o2j60WMPnXa5cgAN3%2Bfc4Lsc5HnC82vKJrR0HctCml4f8FC3CwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f71fb0a436f-EWR
expires
Fri, 03 Jan 2025 17:28:19 GMT
insurrection1-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/insurrection1-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7af89e31f234a1ef86f79f687c7c9d800066e61841ae27fdfc3eb728d68e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13931
x-xss-protection
1; mode=block
last-modified
Thu, 19 Oct 2023 04:47:09 GMT
server
cloudflare
etag
"6530b4cd-366b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISpTCpoP4XMH7Avuc82qrjfw16JcBhbrKbyDzFkvg%2B6XbHEctn4jcfrQFScKyTLQzAijT9aH7BBOB9YqMQPv58RxjuJyefWDAX4uPFyFJM7%2Be1aaDwiRgOEPZJrNMJ%2BoROJqfuV08uqtInWVPXqLwDimvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f727ae98ca5-EWR
expires
Fri, 03 Jan 2025 17:28:19 GMT
embassy-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/embassy-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f4815d674f1597ac47b322e9bfbfc7bc7abb42a410b3b4f45da3d372d0d77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14276
x-xss-protection
1; mode=block
last-modified
Thu, 19 Oct 2023 15:45:22 GMT
server
cloudflare
etag
"65314f12-37c4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khLpSFsqeLSDMa1iWhBJXTPJB%2FEU9Vf9Tp2MPTAzBD%2BD7zxwSWj4rwnCEbcjOzrKKHzuiZvpMGq48TiizBePimKq7gQnhsutSoKOVmFQr5UT31w3%2B0eyCkAUNqNcQ4PZrxoqTatuK6V6virGaRXw%2Bqb%2FLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f733ba78ca5-EWR
expires
Wed, 27 Nov 2024 11:53:15 GMT
962401
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/962401
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/962401
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75ffccced76efb207b4bd17b0f75750145e07ac27b59d789c6ce2e98552bc545

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 13:36:22 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Thu, 18 Jan 2024 17:34:44 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
26762
x-amz-server-side-encryption
AES256
etag
"abcb0c2bef7574056c82b364aaa460d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29524
x-amz-cf-id
hpvgcZpPl5dIIzbTRpl7VTHkj4YvKvvjgQ07xHxyGSyKBxP8CEbPOw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/962401
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
953655
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/953655
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/953655
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
490cdc7f0ad6671973c0228ed0e07a1e480e3fc184b52146ed5c6abd2e3ea3ff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:55:29 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 19:15:38 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
7615
etag
"4ddb015a7109009009121439326e37d7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29681
x-amz-cf-id
DZINBydpcUH7hJd8tjmzoTMLYVDPsjZ2PfbLAWK5rD6yHORgLAx8Nw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/953655
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
962149
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/962149
29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/962149
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
840186b41eb658db40090466834eac38ad94d96ef3b186795039aabdd0102e22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 00:08:19 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2024 15:25:31 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
75245
x-amz-server-side-encryption
AES256
etag
"b23ab07247150513d2bc24ea06b8b44b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30028
x-amz-cf-id
Y059BnHbZ-uFUSbeOrIFAsdmZvFNiF5gQoWra7WRqtx8V2jMsB7ZnQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/962149
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961667
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961667
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961667
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fcce8183a6a2661bdc11ab16bfd680324a34554c905c9315e7239ab916d4344

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 18:05:44 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 11:14:27 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
10773
x-amz-server-side-encryption
AES256
etag
"b3bb3591d8b7aafab5c5f1f4f16caedf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30684
x-amz-cf-id
n9k-zveectqGBFJTwW6lqy6Z7Ak5xur6az6QLFCy8fQZXzbD3x4CSg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961667
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
sidney-powell3-300x175.jpg
freedomheadlines.com/wp-content/uploads/2021/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2021/02/sidney-powell3-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb138a79e95910d1ed65fe8ea9bee8530a8e6927dd0beab188bdee47a0912fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4955
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 02:08:19 GMT
server
cloudflare
etag
"6351ff13-135b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZmiNqXT0BqpJ5eX85WiziV3Ly61wZ2RYB8R5Q%2FuE0R6CYoVFe7pZ8iIsy8v4sFJZLXJUidsHF4MCRBgAjJnzCyrhtVAn2nGANNVYf%2FEFLb5TqbWGz%2Fm0ksLh7ImCFuEwyo5by5N2CceaAf9G43mFBTO7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f740cab8ca5-EWR
expires
Sat, 18 Jan 2025 21:50:43 GMT
trump-army-300x175.jpg
freedomheadlines.com/wp-content/uploads/2019/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2019/09/trump-army-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad42b414b617f6c0eb721b8ac143882998399b0c4b8688e8371c4150b73c477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7568
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 02:01:30 GMT
server
cloudflare
etag
"6351fd7a-1d90"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxGmP5bP30aeRv4I3sxfQLi%2FspZ8rBHY4LZxkrzBbeJD4iCyKKKDZZpwwy99cVT%2FLU28DpVKwWf7N3Kl%2FaQePfdU7QmW8wmlyn9nxRcp1KVvLED54i6uzJB71u%2FNBf4vBwbs42dU0fmeGHnTVwu3FiBj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f740cad8ca5-EWR
expires
Sun, 12 Jan 2025 03:42:58 GMT
gop-candidates2-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/gop-candidates2-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:a0b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1198f03b0ec244684c5303eb4c8b5b612f809c7e2f3fb1c0c23e6b1031e55ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 21:02:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15452
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 18:30:19 GMT
server
cloudflare
etag
"652ed2bb-3c5c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIO8PtHrl4NhoBzng8ni0Kh3mBDnsHDYXuLlb0B1CxbkIHzZUXPTnUn5GvtjhaMECatroPcKoGwJZGS0EefQ%2BAKuMtupAoRdlKhnY%2BbpSTP6ZeKGH1LyD1drpL%2BjAJ8WiccjPCKuTTxSIC%2FS7mMv%2FDNbVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84927f740cae8ca5-EWR
expires
Sat, 30 Nov 2024 11:11:34 GMT
960714
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/960714
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/960714
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8a327aa891177f3e5d768d67e0fd010fcff60a0805363ae6209ee24cee4659a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 14:08:32 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jan 2024 18:54:30 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
25106
x-amz-server-side-encryption
AES256
etag
"91192146f95e270163110a0f63a29647"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
26243
x-amz-cf-id
8jUSBFdJaIcTAtZwD4RDQIsSg5-tp2GX1wE15P0qDMjqZh0tLZopEA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/960714
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961913
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961913
31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961913
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b2427dda10eb35be961f0b7fd7b8c476d319c9725c76bfbfb33d5d5963020874

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 20:50:31 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Thu, 11 Jan 2024 17:54:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
1051
x-amz-server-side-encryption
AES256
etag
"55ac11db4e1c641f5e50f7479e916bc8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
32000
x-amz-cf-id
DxGjRJhuuO5Ok4m0Z_qBZiwhWMcazRj1MJc20hsAU-PWD6y5pZHgbg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961913
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
957640
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/957640
31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/957640
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3d463086576300dfbad13d58737ebf7d32bd10af56ec1d415cfab6e710ac2e23

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 20:56:07 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 16:01:49 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
377
x-amz-server-side-encryption
AES256
etag
"635f2977bb7cf9ebec2b397610f8bc39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
31235
x-amz-cf-id
9hBAcbG_uKkR9-aM14XzXsuiV6Raa01r0-kKo2H8OYnAg5xj32eqVg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/957640
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
903971
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/903971
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/903971
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1ada0b5e76ea82b0729d72b1a613a6c4c4b00bc91b5c4d42a03e9ccb429dbca

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 17:07:11 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:59:31 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
14113
x-amz-server-side-encryption
AES256
etag
"bcce0af0638297df43875e4807d8f55c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
21730
x-amz-cf-id
kCx-FFavhHoqYfh0OQ_u2ApfXC7uvjH12uxrERkMgl7b9-K7A5rp2w==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/903971
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
877012
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=4&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/877012
29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/877012
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acd8997eea79b2dffe4c86adc5ce7c6d35e902626f8ab91d115d76f8414b8f90

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 17:44:55 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:54:27 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
13538
x-amz-server-side-encryption
AES256
etag
"10d45d74b00709c2f51416b0d6e41d9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29268
x-amz-cf-id
XXIAGrBqE_z1KSZO0iuqx6G36QZPbhfg-1COqd_9Tw4FF-eZlcaz-g==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/877012
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
949798
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=5&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/949798
27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/949798
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7c1484a3b4a9759eac43734fcd99f2d0038e9de3669b49e12d0d1cc3fc51a19

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 02:10:24 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Thu, 12 Oct 2023 19:17:07 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
67920
x-amz-server-side-encryption
AES256
etag
"44b7a6ffe2903cfca6823f756668d321"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27909
x-amz-cf-id
Ov7QQ7uMx65Uqa-pfNKSXUVFOqDiqpaGEi2CXW1WuOVQ-l9S44612A==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/949798
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961249
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=6&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961249
717 KB
718 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961249
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a9a09290e7061f76ec13bfd51ab721f71900b1d01573fb6505e45eba476db0e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 15:45:02 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 20:35:57 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
19042
x-amz-server-side-encryption
AES256
etag
"32f87c04978aa817c6463ab9f3e57904"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
734556
x-amz-cf-id
KDemepXd-WFpagTqFIdRhnyi0ZldWUWej0BBOi1OIp-JujB5qTpZAA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961249
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757493
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=Jack.tester@jacksonsystems.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=7&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757493
29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757493
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
108.159.227.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-159-227-114.ord56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03e900bbae32bad252e9b8acef9ac75762d2500e4583bf0524cf415a7f0e96f9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 21 Jan 2024 16:04:05 GMT
via
1.1 e9771f76a15c472d0dcc1ff6a2158106.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 23:16:16 GMT
server
AmazonS3
x-amz-cf-pop
ORD56-P4
age
17899
x-amz-server-side-encryption
AES256
etag
"e4cc15e4ecc18a9210ed932c81d9aa00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29924
x-amz-cf-id
9l0wBy5zH0iqdG3KQWiqaySzqt5_BZ92aeDPjTIZsz_BHyCoDGnJpw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sun, 21 Jan 2024 21:02:22 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757493
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
eo6838hvma0bd
mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-opening/ 		0
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-opening/eo6838hvma0bd
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/eo6838hvma0bd?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sun, 21 Jan 2024 21:02:23 GMT
X-Content-Type-Options
nosniff
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection
Keep-Alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sun, 21 Jan 2024 21:02:23 GMT
Server
Apache/2.4.56 (Debian)
X-Frame-Options
deny
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=98
Expires
Mon, 26 Jul 1997 05:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mailz.leafybranch.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:19:16 GMT
x-content-type-options
nosniff
age
200587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:19:16 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mailz.leafybranch.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 19 Jan 2024 13:27:19 GMT
x-content-type-options
nosniff
age
200104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Jan 2025 13:27:19 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
mailz.leafybranch.com/ Name: mwsid
Value: projchf8bemjv6je3vrk6rr8uo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
fonts.googleapis.com
fonts.gstatic.com
freedomheadlines.com
images-prod.powerinboxedge.com
mailz.leafybranch.com
rs-stripe.freedomheadlines.com
108.159.227.114
108.159.227.26
20.225.97.235
2600:3c00::f03c:93ff:fe39:3408
2606:4700:3031::ac43:a0b9
2607:f8b0:4006:81d::2003
2607:f8b0:4006:823::200a
03e900bbae32bad252e9b8acef9ac75762d2500e4583bf0524cf415a7f0e96f9
0d7af89e31f234a1ef86f79f687c7c9d800066e61841ae27fdfc3eb728d68e3e
0fcce8183a6a2661bdc11ab16bfd680324a34554c905c9315e7239ab916d4344
1198f03b0ec244684c5303eb4c8b5b612f809c7e2f3fb1c0c23e6b1031e55ee0
1ad94cfb328e70e62a13fc1595b452e4918148640ccf0884c1183d8a06f3840a
203a465ded36459c84e5eb932fc399a7848e2ea8c3918aa311214a596a1bf9c4
3d463086576300dfbad13d58737ebf7d32bd10af56ec1d415cfab6e710ac2e23
490cdc7f0ad6671973c0228ed0e07a1e480e3fc184b52146ed5c6abd2e3ea3ff
557fecbe22d516892d22c2de3ef355ca87808eb29518c8ed8c6a0d755211191c
5a9a09290e7061f76ec13bfd51ab721f71900b1d01573fb6505e45eba476db0e
6ad7f0c5d5a0d599ffffdce4351226b6cc782b14f9e8d33d31373f416ba7dffc
75ffccced76efb207b4bd17b0f75750145e07ac27b59d789c6ce2e98552bc545
840186b41eb658db40090466834eac38ad94d96ef3b186795039aabdd0102e22
8ad42b414b617f6c0eb721b8ac143882998399b0c4b8688e8371c4150b73c477
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a1ada0b5e76ea82b0729d72b1a613a6c4c4b00bc91b5c4d42a03e9ccb429dbca
acd8997eea79b2dffe4c86adc5ce7c6d35e902626f8ab91d115d76f8414b8f90
b2427dda10eb35be961f0b7fd7b8c476d319c9725c76bfbfb33d5d5963020874
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4
d5f4815d674f1597ac47b322e9bfbfc7bc7abb42a410b3b4f45da3d372d0d77e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
e7c1484a3b4a9759eac43734fcd99f2d0038e9de3669b49e12d0d1cc3fc51a19
e8a327aa891177f3e5d768d67e0fd010fcff60a0805363ae6209ee24cee4659a
fbb138a79e95910d1ed65fe8ea9bee8530a8e6927dd0beab188bdee47a0912fe