campaign.r20.constantcontact.com Open in urlscan Pro
104.18.7.155  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request render Show response campaign.r20.constantcontact.com/	31 KB 6 KB	337ms 288ms	Document text/html	104.18.7.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol HTTP/1.1 Server 104.18.7.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66b8bb4d1f1d41d43f8e330b9d9185c46d00e449b469ca45c328eb5bf80a07ca Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7421688b49559249-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Mon, 29 Aug 2022 01:10:41 GMT Server cloudflare Transfer-Encoding chunked
GET H2	200	css fonts.googleapis.com/	3 KB 961 B	83ms 30ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 28 Aug 2022 23:31:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 29 Aug 2022 01:10:41 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 29 Aug 2022 01:10:41 GMT
GET H2	200	logos_dual.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	23 KB 23 KB	252ms 79ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/logos_dual.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash 5dbeb205453691edaa185358bdd61a836789567fe01a4ac993319636b950f1e8 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:08 GMT server nginx x-amz-meta-orgignalheigth 110 etag "b83e554b8710d183e31f5d6e8fae70c9" x-cache-status HIT x-amz-meta-stripooriginalfilename Logos_Dual.png content-type image/png x-amz-meta-orgignalwidth 1166 cache-control max-age=31536000 content-length 23175 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurllogos_dual.png x-amz-version-id Kmj6XO2S42qHezGbwqmPIKgUK66zTDIE
GET H2	200	ls_email_header_v6_FpG.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	24 KB 24 KB	208ms 79ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/ls_email_header_v6_FpG.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash cc602f13cf7b812f852a6e4c844ab620b07ad89c6d34bb36a3220c8a8727fa76 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:06:08 GMT server nginx x-amz-meta-orgignalheigth 470 etag "2444e63d1798556ec0463e46e01b69f5" x-cache-status HIT x-amz-meta-stripooriginalfilename LS_email_header_v6.png content-type image/png x-amz-meta-orgignalwidth 1050 cache-control max-age=31536000 content-length 24189 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlls_email_header_v6_XhQ.png x-amz-version-id _5MDr_U9KNsK1XwaEVcZQfBt2DkKsjy1
GET H2	200	ls_email_header_v6.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	24 KB 24 KB	208ms 80ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/ls_email_header_v6.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash cc602f13cf7b812f852a6e4c844ab620b07ad89c6d34bb36a3220c8a8727fa76 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:51 GMT server nginx x-amz-meta-orgignalheigth 470 etag "2444e63d1798556ec0463e46e01b69f5" x-cache-status HIT x-amz-meta-stripooriginalfilename LS_email_header_v6.png content-type image/png x-amz-meta-orgignalwidth 1050 cache-control max-age=31536000 content-length 24189 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlls_email_header_v6.png x-amz-version-id 9BCQoARJRu8wPif5PottNMY9Ikh6iCq3
GET H2	200	hessam_2.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	383 KB 384 KB	207ms 79ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/hessam_2.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash bee2d41addc06a914f649ba98acc595ca8ce3b0f7447be4d1920932fad7dff32 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:08 GMT server nginx x-amz-meta-orgignalheigth 634 etag "8442c6e5e84cb841aed875f37924f887" x-cache-status HIT x-amz-meta-stripooriginalfilename Hessam_2.png content-type image/png x-amz-meta-orgignalwidth 633 cache-control max-age=31536000 content-length 391877 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlhessam_2.png x-amz-version-id V5qaneBN0Mu.SWgHR5DtY8xx5tx8iqqi
GET H2	200	summers_lawrence_uppdated_circle.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	358 KB 359 KB	207ms 79ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/summers_lawrence_uppdated_circle.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash 5cee7356c343e4d163246e4adf59f6911741f01c47e792cc8dbb66df82a2bdbb Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:08 GMT server nginx x-amz-meta-orgignalheigth 634 etag "d5b01db2d96070a9828a994f956364b5" x-cache-status HIT x-amz-meta-stripooriginalfilename Summers_Lawrence_uppdated_circle.png content-type image/png x-amz-meta-orgignalwidth 633 cache-control max-age=31536000 content-length 366799 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlsummers_lawrence_uppdated_circle.png x-amz-version-id PmgL_Rz8AyBWVW5Xy7fBKSN2tQ6dBD6E
GET H2	200	swarup.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	308 KB 309 KB	207ms 80ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/swarup.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash 419dc6d8e962c4ac2f57774f9f4f0f249ab25d4be343427545c775fd15c61eda Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:08 GMT server nginx x-amz-meta-orgignalheigth 634 etag "2e71be207a166fcd0cc0e35e099348bb" x-cache-status HIT x-amz-meta-stripooriginalfilename Swarup.png content-type image/png x-amz-meta-orgignalwidth 633 cache-control max-age=31536000 content-length 315393 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlswarup.png x-amz-version-id LTqgFPBnNb9oFoGN48ufo1fJNZnp11tS
GET H2	200	background.jpg uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	482 KB 483 KB	120ms 48ms	Image image/jpeg	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/background.jpg Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash eb403c61fd5e3347a03f45d3addf544c408238869625ea438bf7fd87df64e529 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:08 GMT server nginx x-amz-meta-orgignalheigth 1080 etag "b059a2d3d1c9ecd2d0bdd105930bd309" x-cache-status HIT x-amz-meta-stripooriginalfilename Background.jpg content-type image/jpeg x-amz-meta-orgignalwidth 1920 cache-control max-age=31536000 content-length 493499 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlbackground.jpg x-amz-version-id JU0APLEx6sTic0ktkxx3SnOTKT3H5b9Y
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	88ms 38ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://campaign.r20.constantcontact.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 17:08:09 GMT x-content-type-options nosniff age 460952 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Aug 2023 17:08:09 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	64ms 20ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://campaign.r20.constantcontact.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 23 Aug 2022 17:08:09 GMT x-content-type-options nosniff age 460952 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Aug 2023 17:08:09 GMT
GET H2	200	flynn.png uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/	419 KB 420 KB	106ms 78ms	Image image/png	88.198.226.235 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://uyiyz.stripocdn.email/content/guids/CABINET_e0a2377bd7fc1db9986078b72a3f94c3/images/flynn.png Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 88.198.226.235 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-226-235.clients.your-server.de Software nginx / Resource Hash 63959b2013947a0d6e715a2ab05d0269ec1473220c8630b04b211bf6523e2395 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT last-modified Fri, 12 Aug 2022 20:04:08 GMT server nginx x-amz-meta-orgignalheigth 634 etag "e3d2ec02546503623d1ab760d876cc31" x-cache-status HIT x-amz-meta-stripooriginalfilename Flynn.png content-type image/png x-amz-meta-orgignalwidth 633 cache-control max-age=31536000 content-length 429379 x-amz-meta-stripothumbnailurl https%3A%2F%2Fmy.stripo.email%2Fcontent%2Fguids%2FCABINET_e0a2377bd7fc1db9986078b72a3f94c3%2Fimages%2Fstripothumbnailurlflynn.png x-amz-version-id XT7q1QA_WrzowRRDW83xdO6bDByS9ml4
GET H2	200	S.gif imgssl.constantcontact.com/letters/images/sys/	42 B 393 B	117ms 32ms	Image image/webp	104.18.170.33 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://imgssl.constantcontact.com/letters/images/sys/S.gif Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.170.33 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2bd3dce8a6b2d8f9400226f88ee6d8a09ef959f6278ea56d9d0a48bc67b20d69 Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT cf-cache-status HIT age 374541 cf-polished origFmt=gif, origSize=271 content-disposition inline; filename="S.webp" content-length 42 last-modified Thu, 05 May 2016 16:01:59 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp access-control-allow-origin * expires Tue, 29 Aug 2023 01:10:41 GMT cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7421688f59a39159-FRA cf-bgj imgq:100,h2pri
GET H/1.1	200 OK	email-decode.min.js Show response campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	24ms 24ms	Script application/javascript	104.18.7.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol HTTP/1.1 Server 104.18.7.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Mon, 29 Aug 2022 01:10:41 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Tue, 23 Aug 2022 11:02:51 GMT Server cloudflare ETag W/"6304b3db-4d7" X-Frame-Options DENY Content-Type application/javascript Cache-Control max-age=172800, public Transfer-Encoding chunked Connection keep-alive CF-RAY 7421688edc6a9249-FRA Vary Accept-Encoding Expires Wed, 31 Aug 2022 01:10:41 GMT
GET H2	200	v652eace1692a40cfa3763df669d7439c1639079717194 Show response static.cloudflareinsights.com/beacon.min.js/	14 KB 5 KB	98ms 51ms	Script text/javascript	2606:4700:440e::ac40:9c1a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Requested by Host: campaign.r20.constantcontact.com URL: http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505 Request headers Referer http://campaign.r20.constantcontact.com/ Origin http://campaign.r20.constantcontact.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 29 Aug 2022 01:10:41 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 19:55:17 GMT server cloudflare etag W/2021.12.0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin cf-ray 7421688f1d6691e9-FRA
POST H/1.1	200 OK	rum Show response campaign.r20.constantcontact.com/cdn-cgi/	0 494 B	28ms 28ms	XHR text/plain	104.18.7.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://campaign.r20.constantcontact.com/cdn-cgi/rum? Requested by Host: static.cloudflareinsights.com URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 Protocol HTTP/1.1 Server 104.18.7.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer http://campaign.r20.constantcontact.com/render?m=1137191391689&ca=9f18f14a-5881-4d58-9f1f-d6e8b9d47c9e accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 content-type application/json Response headers Date Mon, 29 Aug 2022 01:10:42 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cloudflare X-Frame-Options DENY access-control-allow-methods POST,OPTIONS Content-Type text/plain access-control-allow-origin http://campaign.r20.constantcontact.com access-control-max-age 86400 Transfer-Encoding chunked Connection keep-alive access-control-allow-credentials true CF-RAY 74216890adbc9249-FRA vary Origin

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| __cfBeacon

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			campaign.r20.constantcontact.com/	1969-12-31 23:59:59	Name: BIGipServerProdCampaign Value: !+gAFmIU7mT+bUrHktzrR47jR+xRuVdkMESdijpJYdVaxWhGJvBHibPqsr54tRbkpEcdgjQdLEhO3ojI=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

campaign.r20.constantcontact.com
fonts.googleapis.com
fonts.gstatic.com
imgssl.constantcontact.com
static.cloudflareinsights.com
uyiyz.stripocdn.email
104.18.170.33
104.18.7.155
2606:4700:440e::ac40:9c1a
2a00:1450:4001:801::200a
2a00:1450:4001:813::2003
88.198.226.235
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2bd3dce8a6b2d8f9400226f88ee6d8a09ef959f6278ea56d9d0a48bc67b20d69
419dc6d8e962c4ac2f57774f9f4f0f249ab25d4be343427545c775fd15c61eda
5cee7356c343e4d163246e4adf59f6911741f01c47e792cc8dbb66df82a2bdbb
5dbeb205453691edaa185358bdd61a836789567fe01a4ac993319636b950f1e8
63959b2013947a0d6e715a2ab05d0269ec1473220c8630b04b211bf6523e2395
66b8bb4d1f1d41d43f8e330b9d9185c46d00e449b469ca45c328eb5bf80a07ca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aed5ccd9a1464ec082338fd88b0b73b810af66c72b4adffe270607212d4693a2
bee2d41addc06a914f649ba98acc595ca8ce3b0f7447be4d1920932fad7dff32
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cc602f13cf7b812f852a6e4c844ab620b07ad89c6d34bb36a3220c8a8727fa76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb403c61fd5e3347a03f45d3addf544c408238869625ea438bf7fd87df64e529
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505