click1.srnemail.com Open in urlscan Pro
74.214.203.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.srnemail.com/ViewMessage.do?m=bfpfjbcbf&r=mbyddnqcstqb&s=ktrpvsbbvzrzzqbrrglfzwvdswwzhsgqwhr&q=1702405800&a=view
Effective URL:
http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Submission: On December 12 via api (December 12th 2023, 8:52:33 pm UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 8 domains to perform 20 HTTP transactions. The main IP is 74.214.203.11, located in United States and belongs to AMAZON-AES, US. The main domain is click1.srnemail.com.

This is the only time click1.srnemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	74.214.203.11 74.214.203.11	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
5 5	20.225.97.235 20.225.97.235	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	99.84.146.44 99.84.146.44	16509 (AMAZON-02) (AMAZON-02)
1	18.64.79.126 18.64.79.126	16509 (AMAZON-02) (AMAZON-02)
3	68.183.113.21 68.183.113.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
20	6

3 74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)

click1.srnemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9f444a.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.saleminteractivemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.225.97.235 (San Antonio, United States) 5 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.members.salemsurround.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.146.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-146-44.txl52.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-79-126.txl50.r.cloudfront.net

branding.revenuestripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 68.183.113.21 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 471495.cloudwaysapps.com

heysaltylady.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	salemsurround.com 5 redirects rs-stripe.members.salemsurround.com — Cisco Umbrella Rank: 622201	600 B
5	saleminteractivemedia.com cdn.saleminteractivemedia.com — Cisco Umbrella Rank: 327067	40 KB
4	powerinboxedge.com images-prod.powerinboxedge.com — Cisco Umbrella Rank: 25855	213 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	176 KB
3	heysaltylady.com heysaltylady.com	332 KB
2	srnemail.com click1.srnemail.com	46 KB
1	revenuestripe.com branding.revenuestripe.com — Cisco Umbrella Rank: 45452	1 KB
1	efeedbacktrk.com 9f444a.efeedbacktrk.com	466 B
20	8

	Domain	Requested by
5	rs-stripe.members.salemsurround.com	5 redirects
5	cdn.saleminteractivemedia.com	click1.srnemail.com
4	images-prod.powerinboxedge.com	click1.srnemail.com
4	connect.facebook.net	click1.srnemail.com connect.facebook.net
3	heysaltylady.com	click1.srnemail.com
2	click1.srnemail.com
1	branding.revenuestripe.com	click1.srnemail.com
1	9f444a.efeedbacktrk.com	click1.srnemail.com
20	8

This site contains no links.

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-21` - `2023-12-20`	3 months	crt.sh
*.efeedbacktrk.com Go Daddy Secure Certificate Authority - G2	`2023-03-19` - `2024-04-19`	a year	crt.sh
cdn.saleminteractivemedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-04-16`	a year	crt.sh
heysaltylady.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Frame ID: 4629672865A8CEA09FD78D9574E1D709
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pillar Talk with Hey Salty Lady Tuesday, December 12, 2023

Page URL History Show full URLs

http://click1.srnemail.com/ViewMessage.do?m=bfpfjbcbf&r=mbyddnqcstqb&s=ktrpvsbbvzrzzqbrrglfzwvdswwzhsgq... Page URL
http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

20
Requests

55 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

808 kB
Transfer

1240 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.srnemail.com/ViewMessage.do?m=bfpfjbcbf&r=mbyddnqcstqb&s=ktrpvsbbvzrzzqbrrglfzwvdswwzhsgqwhr&q=1702405800&a=view Page URL
http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 7

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=44089&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_siteid=184 HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/946884

Request Chain 8

https://rs-stripe.members.salemsurround.com/branding/recommend/short.png HTTP 301
https://branding.revenuestripe.com/recommend/short.png

Request Chain 11

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=44092&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_siteid=184 HTTP 303
https://images-prod.powerinboxedge.com/v3/images/8467/941773

Request Chain 14

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=47027&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_siteid=184 HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/929647

Request Chain 17

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=44090&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_siteid=184 HTTP 303
https://images-prod.powerinboxedge.com/v3/images/0/943465

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK ViewMessage.do Show response
click1.srnemail.com/ 3 KB
3 KB 419ms
98ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.srnemail.com/ViewMessage.do?m=bfpfjbcbf&r=mbyddnqcstqb&s=ktrpvsbbvzrzzqbrrglfzwvdswwzhsgqwhr&q=1702405800&a=view
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: c6231f1448b5f96b791fe1f16d14c1e743fd80503d737390ed7b3bd236b0f470

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Tue, 12 Dec 2023 20:52:27 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
3 KB

22ms
8ms

Script
application/x-javascript

2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do?m=bfpfjbcbf&r=mbyddnqcstqb&s=ktrpvsbbvzrzzqbrrglfzwvdswwzhsgqwhr&q=1702405800&a=view

Protocol

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4e0e0dc36df8db56abb19f57f84f9e55ce0925df04910ba3fcfa9e1d4c630f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 20:52:27 GMT
content-md5: 6tDMC0Dy9KHfN1M1ySobiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: dAjvMgfxy1Yr30HxhgVlxesbdsSu811Qncc92VdqnTpt/nvey0R7AgR8o7UtbClxMoA2J5Ynj+VheFxK8QUBmw==
x-fb-content-md5: 6a2f26607c96c6e86dec666355ff3f41
cross-origin-opener-policy: same-origin-allow-popups
etag: "a9ce2f7ec6d88204f9ff0f6a731be505"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 12 Dec 2023 21:07:02 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 all.js
connect.facebook.net/en_US/ 304 KB
86 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c1786de4d0a3597c83673ca397bce232

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.srnemail.com/
Origin: http://click1.srnemail.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 20:52:27 GMT
content-md5: IofIBOTZ2bP0NqWQQZzxmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87816
reporting-endpoints
x-fb-debug: 8zEI22zRPDvb6+n1ONS5fOBDqLH1VMvuCJDhyiGS6kle3lzLjrTcZQSREayKZDM5ncE7bqWCqaw+6fh2PjJ1vw==
x-fb-content-md5: 12b244c774efc776eccdafd39b5249cd
cross-origin-opener-policy: same-origin-allow-popups
etag: "32db61c853f59ec1004008a25533981d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Dec 2024 20:11:51 GMT

POST
H/1.1 200
OK Primary Request ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E Show response
click1.srnemail.com/ 43 KB
43 KB 146ms
146ms Document
text/html 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: HTTP/1.1
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 08c5ee9b667c823a0be978a1a107e3ee68e75479861f303c21deb2a8445c50f9

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: http://click1.srnemail.com
Referer: http://click1.srnemail.com/ViewMessage.do?m=bfpfjbcbf&r=mbyddnqcstqb&s=ktrpvsbbvzrzzqbrrglfzwvdswwzhsgqwhr&q=1702405800&a=view
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
Date: Tue, 12 Dec 2023 20:52:27 GMT
Keep-Alive: timeout=60
Server: Apache-Coyote/1.1
Transfer-Encoding: chunked

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

7ms
7ms

Script
application/x-javascript

2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E

Protocol

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe4e0e0dc36df8db56abb19f57f84f9e55ce0925df04910ba3fcfa9e1d4c630f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 20:52:28 GMT
content-md5: 6tDMC0Dy9KHfN1M1ySobiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: dAjvMgfxy1Yr30HxhgVlxesbdsSu811Qncc92VdqnTpt/nvey0R7AgR8o7UtbClxMoA2J5Ynj+VheFxK8QUBmw==
x-fb-content-md5: 6a2f26607c96c6e86dec666355ff3f41
cross-origin-opener-policy: same-origin-allow-popups
etag: "a9ce2f7ec6d88204f9ff0f6a731be505"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 12 Dec 2023 21:07:02 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c1786de4d0a3597c83673ca397bce232

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e358a9de3da5bad085e712ec483ef147a5ddc53c9919a69a90513576fa93a7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.srnemail.com/
Origin: http://click1.srnemail.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 20:52:28 GMT
content-md5: IofIBOTZ2bP0NqWQQZzxmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87816
reporting-endpoints
x-fb-debug: 8zEI22zRPDvb6+n1ONS5fOBDqLH1VMvuCJDhyiGS6kle3lzLjrTcZQSREayKZDM5ncE7bqWCqaw+6fh2PjJ1vw==
x-fb-content-md5: 12b244c774efc776eccdafd39b5249cd
cross-origin-opener-policy: same-origin-allow-popups
etag: "32db61c853f59ec1004008a25533981d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Dec 2024 20:11:51 GMT

GET
H/1.1 200
OK vrgyhgqqhckncczqnkktfnmcdhnjgddcvgtzdvkpkfrphm_spskkmrblcrstbsjrcjmljj.gif
9f444a.efeedbacktrk.com/ 68 B
466 B 662ms
97ms Image
image/png 74.214.203.11
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9f444a.efeedbacktrk.com/vrgyhgqqhckncczqnkktfnmcdhnjgddcvgtzdvkpkfrphm_spskkmrblcrstbsjrcjmljj.gif
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 74.214.203.11 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: sp /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Dec 2023 20:52:28 GMT
Server: sp
Content-Type: image/png;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
imagetoolbar: no
Connection: Keep-Alive
Keep-Alive: timeout=60
Content-Length: 68
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 heysaltylady-728x192.jpg
cdn.saleminteractivemedia.com/184/module/53880/ 18 KB
19 KB 27ms
7ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/184/module/53880/heysaltylady-728x192.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3aebed2a849ad7e45f579d32d5376e73ae5ee3ba158fc9ddd4e8d697593d5641

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
x-cf-tsc: 1699986675
x-cf3: H
content-md5: xfLjeIWr1vF2CyBBo5aGsQ==
cf4ttl: 2592000.000
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: e78d21bc7e4ac04b5bfb78f618f9ced7
x-ms-meta-uploadedby: Bowen,John
content-length: 18750
x-cf2: H
last-modified: Wed, 18 Oct 2023 14:08:42 GMT
server: CFS 0215
x-cff: B
etag: 0x8DBCFE3BC1FB361
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 0
accept-ranges: bytes

GET
H2

200

946884
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=44089&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_site...
https://images-prod.powerinboxedge.com/v3/images/0/946884

76 KB
76 KB

501ms
447ms

Image
image/jpeg

99.84.146.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/946884
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Server: 99.84.146.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-146-44.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16f1d2d3c41102d4f05c7cd6b132a21dd3c50d33668f16d9a5e26c6b7aa08914

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:30 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
last-modified: Fri, 15 Sep 2023 19:33:46 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
etag: "3d9520b731b282bff10863f41e24a7e5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 77826
x-amz-cf-id: 4DPQ2s2K0yFR5AtrbvbYdgwsydQvg0Nbz5Agwo7nQMiUj4kdfHQPBw==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Tue, 12 Dec 2023 20:52:28 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/946884
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2

200

short.png
branding.revenuestripe.com/recommend/
Redirect Chain

https://rs-stripe.members.salemsurround.com/branding/recommend/short.png
https://branding.revenuestripe.com/recommend/short.png

872 B
1 KB

69ms
17ms

Image
image/png

18.64.79.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://branding.revenuestripe.com/recommend/short.png
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Server: 18.64.79.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-79-126.txl50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 20:41:43 GMT
via: 1.1 7fc97e30af7472a64e5a6feef4dbebba.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jan 2022 22:16:11 GMT
server: AmazonS3
x-amz-cf-pop: TXL50-P2
age: 1210246
etag: "69de7bae23dafcc7e38c4e59445aa693"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 872
x-amz-cf-id: 4c1RaXjykxbFv2OCYmZPrI7N4-EmHishfmGCVq4XPlij_kiaJpO8kg==

Redirect headers

location: https://branding.revenuestripe.com/recommend/short.png
access-control-expose-headers: Request-Context
cache-control: private
date: Tue, 12 Dec 2023 20:52:28 GMT
request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length: 171
content-type: text/html; charset=utf-8

GET
H2 200 WORTH.jpg
heysaltylady.com/wp-content/uploads/2023/12/ 234 KB
234 KB 602ms
177ms Image
image/jpeg 68.183.113.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heysaltylady.com/wp-content/uploads/2023/12/WORTH.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.113.21 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 471495.cloudwaysapps.com
Software: nginx /
Resource Hash: 0df9f5e96d388d77d2c169cbc3f95da8b707551c6d4ba187c644179014c15150

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
last-modified: Tue, 12 Dec 2023 17:00:17 GMT
server: nginx
etag: "657891a1-3a632"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 239154

GET
H2 200 salem-press-150x150.jpg
cdn.saleminteractivemedia.com/187/module/51880/ 6 KB
7 KB 7ms
7ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/module/51880/salem-press-150x150.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 283965a73efb05a3e09bb582d79e89404621e7c4081877b28962a154df1bcab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
x-cf-tsc: 1699986675
x-cf3: H
content-md5: oPc6TJX5drDiAxInnwEMYQ==
cf4ttl: 2588434.750
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 337d0ddd17949c7acc28a490063f4e06
x-ms-meta-uploadedby: Bowen,John
content-length: 6224
x-cf2: H
last-modified: Wed, 07 Dec 2022 16:20:23 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAD86EF152D2E7
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 3565
accept-ranges: bytes

GET
H2

200

941773
images-prod.powerinboxedge.com/v3/images/8467/
Redirect Chain

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=44092&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_site...
https://images-prod.powerinboxedge.com/v3/images/8467/941773

37 KB
37 KB

93ms
39ms

Image
image/png

99.84.146.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/8467/941773
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Server: 99.84.146.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-146-44.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5aef70bdd3df875c144332a97a0bd904034043cddd65f5dd626f3888143b7bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:49:25 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 22:50:47 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
age: 3784
etag: "0e001dd323a8840726c3f2b909af1a5a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 37639
x-amz-cf-id: JOAJ8VbpV7R2XN1K3mtWQNpWYfXNMmGxnGT0mVhuf7nUUtxhBvyo2g==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Tue, 12 Dec 2023 20:52:28 GMT
location: https://images-prod.powerinboxedge.com/v3/images/8467/941773
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2 200 reconciled-e1702338023691.jpg
heysaltylady.com/wp-content/uploads/2023/12/ 60 KB
61 KB 640ms
266ms Image
image/jpeg 68.183.113.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heysaltylady.com/wp-content/uploads/2023/12/reconciled-e1702338023691.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.113.21 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 471495.cloudwaysapps.com
Software: nginx /
Resource Hash: 610bb12a360bd252e6472124c86e11245872268ffd6b080b2ee363c9af185928

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
last-modified: Mon, 11 Dec 2023 23:40:23 GMT
server: nginx
etag: "65779de7-f1ee"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 61934

GET
H2 200 salem-press-150x150.jpg
cdn.saleminteractivemedia.com/187/module/51881/ 6 KB
7 KB 7ms
7ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/module/51881/salem-press-150x150.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 283965a73efb05a3e09bb582d79e89404621e7c4081877b28962a154df1bcab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
x-cf-tsc: 1699986675
x-cf3: H
content-md5: oPc6TJX5drDiAxInnwEMYQ==
cf4ttl: 2588435.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 88d3b30992a20d1e34507ac0f5159f23
x-ms-meta-uploadedby: Bowen,John
content-length: 6224
x-cf2: H
last-modified: Wed, 07 Dec 2022 16:36:30 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAD871319931AC
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 3564
accept-ranges: bytes

GET
H2

200

929647
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=47027&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_site...
https://images-prod.powerinboxedge.com/v3/images/0/929647

37 KB
38 KB

151ms
97ms

Image
image/jpeg

99.84.146.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/929647
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Server: 99.84.146.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-146-44.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c096db85d035908efacd918396a04b879b9f26a59225de5b83105221b768efc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:36:07 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 19:11:13 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
age: 982
x-amz-server-side-encryption: AES256
etag: "e1a890a6bd01f7178efcdaa98c8a609c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 37986
x-amz-cf-id: M3XJ1bOs4n3vUx5ya8uykzI_p9tTjIANrfj6UruIMnmxmlc3BHX29w==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Tue, 12 Dec 2023 20:52:28 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/929647
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2 200 IMG_2874-e1699968484467.jpg
heysaltylady.com/wp-content/uploads/2022/08/ 37 KB
37 KB 639ms
266ms Image
image/jpeg 68.183.113.21
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://heysaltylady.com/wp-content/uploads/2022/08/IMG_2874-e1699968484467.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.183.113.21 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: 471495.cloudwaysapps.com
Software: nginx /
Resource Hash: 3caf5aa6a6236883320f754bf5bdaf6d4d36b301a488f952a311b234a3e990a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
last-modified: Tue, 14 Nov 2023 13:28:04 GMT
server: nginx
etag: "655375e4-9372"
content-type: image/jpeg
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 37746

GET
H2 200 salem-press-150x150.jpg
cdn.saleminteractivemedia.com/187/module/52092/ 6 KB
7 KB 8ms
7ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/187/module/52092/salem-press-150x150.jpg
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 283965a73efb05a3e09bb582d79e89404621e7c4081877b28962a154df1bcab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
x-cf-tsc: 1699986675
x-cf3: H
content-md5: oPc6TJX5drDiAxInnwEMYQ==
cf4ttl: 2588435.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:M
x-cf-reqid: 6a41ad727eb8675b51a3cc434e0b769e
x-ms-meta-uploadedby: Bowen,John
content-length: 6224
x-cf2: H
last-modified: Thu, 12 Jan 2023 20:17:18 GMT
server: CFS 0215
x-cff: B
etag: 0x8DAF4DA011F15DA
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,x-ms-meta-uploadedBy,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 3564
accept-ranges: bytes

GET
H2

200

943465
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

https://rs-stripe.members.salemsurround.com/stripe/image?cs_stripeid=44090&cs_offset=0&cs_email=mike_phillips@gwinnett.k12.ga.us&cs_sendid=348783&cs_esp=postup&dfp_site=familytalktoday.com&dfp_site...
https://images-prod.powerinboxedge.com/v3/images/0/943465

61 KB
62 KB

492ms
438ms

Image
image/jpeg

99.84.146.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images-prod.powerinboxedge.com/v3/images/0/943465
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Server: 99.84.146.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-146-44.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b09bdd8d62a9187e3aa34c0fee1e15b75014040f4b0add0f6d2dd0ea77af884d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:30 GMT
via: 1.1 c6649c9545bbfa66bc79c9ba552d7a4a.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 09:29:18 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
x-amz-server-side-encryption: AES256
etag: "817a4c22df7d018cbfa5ed4dff1862a5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 62688
x-amz-cf-id: v0A0obX-pf_p8_MWpRAoVNf9-MW6QWqlhHYhfgN57RxGWBJ_6zg5LA==

Redirect headers

request-context: appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma: no-cache
date: Tue, 12 Dec 2023 20:52:28 GMT
location: https://images-prod.powerinboxedge.com/v3/images/0/943465
access-control-expose-headers: Request-Context
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length: 0
expires: -1

GET
H2 200 transparent1x1.gif
cdn.saleminteractivemedia.com/shared/images/ 807 B
1 KB 7ms
7ms Image
image/gif 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.saleminteractivemedia.com/shared/images/transparent1x1.gif
Requested by: Host: click1.srnemail.com
URL: http://click1.srnemail.com/ViewMessage.do;jsessionid=BF9CD39C83CC4DA3A41C6F70EF70F73E
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: fb88483e9d449ab38b37a82f200c033de7f5b816126eced4c2e1350d3a56e634

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://click1.srnemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 20:52:28 GMT
x-cf-tsc: 1702066297
x-cf3: H
content-md5: fXQq2KiwqtgN4DXkVPZqVQ==
cf4ttl: 2071240.250
x-cf1: 34174:fE.fra2:co:nots:cacheN.fra2-01:H
x-cf-reqid: f59b11f0412d3b4568da7c2c696e7220
content-length: 807
x-cf2: H
last-modified: Fri, 10 Aug 2018 17:25:21 GMT
server: CFS 0215
x-cff: B
etag: 0x8D5FEE640354476
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=2592000, s-maxage=2592000
cf4age: 520759
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FB object| __buffer

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			click1.srnemail.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: BF9CD39C83CC4DA3A41C6F70EF70F73E

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f444a.efeedbacktrk.com
branding.revenuestripe.com
cdn.saleminteractivemedia.com
click1.srnemail.com
connect.facebook.net
heysaltylady.com
images-prod.powerinboxedge.com
rs-stripe.members.salemsurround.com
18.64.79.126
20.225.97.235
205.234.175.175
2a03:2880:f084:d:face:b00c:0:3
68.183.113.21
74.214.203.11
99.84.146.44
08c5ee9b667c823a0be978a1a107e3ee68e75479861f303c21deb2a8445c50f9
0df9f5e96d388d77d2c169cbc3f95da8b707551c6d4ba187c644179014c15150
16f1d2d3c41102d4f05c7cd6b132a21dd3c50d33668f16d9a5e26c6b7aa08914
283965a73efb05a3e09bb582d79e89404621e7c4081877b28962a154df1bcab0
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3aebed2a849ad7e45f579d32d5376e73ae5ee3ba158fc9ddd4e8d697593d5641
3caf5aa6a6236883320f754bf5bdaf6d4d36b301a488f952a311b234a3e990a5
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313
610bb12a360bd252e6472124c86e11245872268ffd6b080b2ee363c9af185928
6c096db85d035908efacd918396a04b879b9f26a59225de5b83105221b768efc
b09bdd8d62a9187e3aa34c0fee1e15b75014040f4b0add0f6d2dd0ea77af884d
c6231f1448b5f96b791fe1f16d14c1e743fd80503d737390ed7b3bd236b0f470
e358a9de3da5bad085e712ec483ef147a5ddc53c9919a69a90513576fa93a7e0
f5aef70bdd3df875c144332a97a0bd904034043cddd65f5dd626f3888143b7bc
fb88483e9d449ab38b37a82f200c033de7f5b816126eced4c2e1350d3a56e634
fe4e0e0dc36df8db56abb19f57f84f9e55ce0925df04910ba3fcfa9e1d4c630f

click1.srnemail.com Open in urlscan Pro 74.214.203.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

55 %HTTPS

14 %IPv6

8 Domains

8 Subdomains

6 IPs

2 Countries

808 kBTransfer

1240 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

click1.srnemail.com Open in urlscan Pro
74.214.203.11 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

55 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

6
IPs

2
Countries

808 kB
Transfer

1240 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions