click1.em.iheart.com Open in urlscan Pro
96.46.128.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Effective URL:
http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Submission: On August 10 via api (August 10th 2020, 1:59:49 am UTC) from US

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 10 domains to perform 26 HTTP transactions. The main IP is 96.46.128.252, located in United States and belongs to CYBER-GENERATION, CA. The main domain is click1.em.iheart.com.

This is the only time click1.em.iheart.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	96.46.128.252 96.46.128.252	18499 (CYBER-GEN...) (CYBER-GENERATION)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	69.56.15.50 69.56.15.50	30145 (PCUC-AS) (PCUC-AS)
3 10	151.101.194.159 151.101.194.159	54113 (FASTLY) (FASTLY)
5 5	13.84.54.237 13.84.54.237	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	13.226.155.21 13.226.155.21	16509 (AMAZON-02) (AMAZON-02)
2	13.226.155.70 13.226.155.70	16509 (AMAZON-02) (AMAZON-02)
2 4	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
26	9

2 96.46.128.252 (United States)

ASN18499 (CYBER-GENERATION, CA)
PTR: www.efeedbacktrk.com

click1.em.iheart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.56.15.50 (United States)

ASN30145 (PCUC-AS, US)
PTR: www.efeedbacktrk.com

d2b46f.efeedbacktrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.194.159 (United States) 3 redirects

ASN54113 (FASTLY, US)

www.hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.84.54.237 (San Antonio, United States) 5 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

rs-stripe.hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rs-stripe.bongino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.155.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-21.dus51.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.155.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-70.dus51.r.cloudfront.net

branding.revenuestripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.154.142.214 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

ld.hannity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hannity.com 8 redirects www.hannity.com hannity.com rs-stripe.hannity.com ld.hannity.com	225 KB
4	facebook.net connect.facebook.net	121 KB
3	quantserve.com pixel.quantserve.com	792 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	powerinboxedge.com images-prod.powerinboxedge.com	357 KB
2	lockerdome.com lockerdome.com	600 B
2	bongino.com 2 redirects rs-stripe.bongino.com	752 B
2	revenuestripe.com branding.revenuestripe.com	20 KB
2	iheart.com click1.em.iheart.com	193 KB
1	efeedbacktrk.com d2b46f.efeedbacktrk.com	466 B
26	10

	Domain	Requested by
7	hannity.com	click1.em.iheart.com
4	connect.facebook.net	click1.em.iheart.com connect.facebook.net
3	pixel.quantserve.com	click1.em.iheart.com
3	sb.scorecardresearch.com	1 redirects click1.em.iheart.com
3	images-prod.powerinboxedge.com	click1.em.iheart.com
3	rs-stripe.hannity.com	3 redirects
3	www.hannity.com	3 redirects
2	lockerdome.com	click1.em.iheart.com
2	ld.hannity.com	2 redirects
2	rs-stripe.bongino.com	2 redirects
2	branding.revenuestripe.com	click1.em.iheart.com
2	click1.em.iheart.com	click1.em.iheart.com
1	d2b46f.efeedbacktrk.com	click1.em.iheart.com
26	13

This site contains no links.

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.efeedbacktrk.com Sectigo RSA Organization Validation Secure Server CA	`2019-04-24` - `2021-04-23`	2 years	crt.sh
hannity.com Let's Encrypt Authority X3	`2020-08-09` - `2020-11-07`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2019-09-27` - `2020-11-26`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Frame ID: A487485306471AA0DC8C8BB2CCA96720
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgw... Page URL
http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Page Statistics

26
Requests

69 %
HTTPS

20 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

916 kB
Transfer

1183 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view Page URL
http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 6

https://www.hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png HTTP 301
https://hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png

Request Chain 8

http://rs-stripe.hannity.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3782/557932

Request Chain 9

http://rs-stripe.hannity.com/branding/recommend/transparent.gif HTTP 301
http://branding.revenuestripe.com/recommend/transparent.gif

Request Chain 11

http://rs-stripe.hannity.com/stripe/image?cs_email=259971&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3782/557932

Request Chain 13

http://rs-stripe.bongino.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=15916&cs_sendid=259971&cs_offset=0&cs_esp=postup HTTP 303
http://images-prod.powerinboxedge.com/v3/images/0/561648

Request Chain 14

http://rs-stripe.bongino.com/branding/recommend/short.png HTTP 301
http://branding.revenuestripe.com/recommend/short.png

Request Chain 16

http://ld.hannity.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup HTTP 302
https://lockerdome.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup

Request Chain 17

http://ld.hannity.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup HTTP 302
https://lockerdome.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup

Request Chain 18

https://www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png HTTP 301
https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png

Request Chain 19

https://www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png HTTP 301
https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png

Request Chain 20

https://sb.scorecardresearch.com/p?c1=2&c2=20015427&cv=2.0&cj=1 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1&cs_ak_ss=1

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set ViewMessage.do
click1.em.iheart.com/ 3 KB
3 KB 441ms
289ms Document
text/html 96.46.128.252
CYBER-GENERATION

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Protocol: HTTP/1.1
Server: 96.46.128.252 , United States, ASN18499 (CYBER-GENERATION, CA),
Reverse DNS: www.efeedbacktrk.com
Software: /
Resource Hash

Request headers

Host: click1.em.iheart.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=177
Set-Cookie: JSESSIONID=40A7BD6BB8935CB20307E725E75D0023; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Date: Mon, 10 Aug 2020 01:58:26 GMT
Server

GET
H/1.1 200
OK all.js
connect.facebook.net/en_US/ 3 KB
3 KB 12ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

http://connect.facebook.net/en_US/all.js

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view

Protocol

HTTP/1.1

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-MD5: QQ+ojcd7TGuo+DiO8KHP9g==
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 1776
ETag: "5845629ad574d62841a82fa74f1c8a23"
X-FB-Debug: GRZWIwyO6OoIJrIeFTLN6ncIk4erOULO1zSre9tjm/qNaKKmfDhea+8qYQz+esKlwMxjygBVlrIz/B4QOm+wCw==
X-FB-TRIP-ID: 2011651281
x-fb-content-md5: c7e2ddc3a1a03a634f2a5349222de4bc
X-Frame-Options: DENY
Date: Mon, 10 Aug 2020 01:59:10 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-FB-Content-MD5
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
Expires: Mon, 10 Aug 2020 02:06:58 GMT

POST
H/1.1 200
OK Primary Request Cookie set ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023 Show response
click1.em.iheart.com/ 189 KB
190 KB 683ms
682ms Document
text/html 96.46.128.252
CYBER-GENERATION

General

Check archive.org

Show headers Download Go to

Full URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Protocol: HTTP/1.1
Server: 96.46.128.252 , United States, ASN18499 (CYBER-GENERATION, CA),
Reverse DNS: www.efeedbacktrk.com
Software: /
Resource Hash: 40b3e8b8778351a4aa43b583b6a36f1ebe70645cc1f27f1feafd8bec4b7946d7

Request headers

Host: click1.em.iheart.com
Connection: keep-alive
Content-Length: 263
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
Origin: http://click1.em.iheart.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: JSESSIONID=40A7BD6BB8935CB20307E725E75D0023
Upgrade-Insecure-Requests: 1
Origin: http://click1.em.iheart.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=177
Set-Cookie: JSESSIONID=C07CEF1C3828BDBB5AF3DE88C5BBC6BF; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Date: Mon, 10 Aug 2020 01:59:08 GMT
Server

GET
H2 200 all.js
connect.facebook.net/en_US/ 193 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=ababa1ae8bbfd246aa4e4379fe0072c8&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://click1.em.iheart.com/ViewMessage.do?m=jfbrvnnqb&r=hfvfcvhcnsq&s=djdlgjcsgkbjrblrrddsdgdcgnnnbmkgwbr&q=1565785800&a=view
Origin: http://click1.em.iheart.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NAyMs37S1ZGYiWwKvhl40g==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 59207
etag: "b6b16c0b04194b9c0910769a8afb975b"
x-fb-debug: FeA1bxcrBOlkmB7iCuFoCITCnWMWaTrHnzkgKMzN53I4wNU7E3Y4oittYDkDN9q2O8DiUCpLFvwGYIgOaCWqjw==
x-fb-trip-id: 664085054
x-fb-content-md5: 742170000ada44d10539ae5bdc479c01
x-frame-options: DENY
date: Mon, 10 Aug 2020 01:59:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:21:39 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

6ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0fda20e708856bf4406d35ba92024a193b81c58391f1aebb1c06f8eb4aa0fab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: QQ+ojcd7TGuo+DiO8KHP9g==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1776
etag: "5845629ad574d62841a82fa74f1c8a23"
x-fb-debug: GRZWIwyO6OoIJrIeFTLN6ncIk4erOULO1zSre9tjm/qNaKKmfDhea+8qYQz+esKlwMxjygBVlrIz/B4QOm+wCw==
x-fb-trip-id: 664085054
x-fb-content-md5: c7e2ddc3a1a03a634f2a5349222de4bc
x-frame-options: DENY
date: Mon, 10 Aug 2020 01:59:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 10 Aug 2020 02:06:58 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK kdvbtpvftkzjprzbjrrddjfdtdjvtgggzsktqzrfrvtvss_idccmynmgbhwymdmnzmzgg.gif
d2b46f.efeedbacktrk.com/ 68 B
466 B 565ms
177ms Image
image/png 69.56.15.50
PCUC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2b46f.efeedbacktrk.com/kdvbtpvftkzjprzbjrrddjfdtdjvtgggzsktqzrfrvtvss_idccmynmgbhwymdmnzmzgg.gif
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.56.15.50 , United States, ASN30145 (PCUC-AS, US),
Reverse DNS: www.efeedbacktrk.com
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:09 GMT
Server
Content-Type: image/png;charset=utf-8
Cache-Control: private, max-age=0, no-cache, no-store, must-revalidate
Connection: Keep-Alive
imagetoolbar: no
Keep-Alive: timeout=177
Content-Length: 68
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 193 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=ababa1ae8bbfd246aa4e4379fe0072c8&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

294947915c2f6b15d260f2fc09f68a14cfef24da6e0228809956f13ee3da4141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Origin: http://click1.em.iheart.com

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NAyMs37S1ZGYiWwKvhl40g==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 59207
etag: "b6b16c0b04194b9c0910769a8afb975b"
x-fb-debug: FeA1bxcrBOlkmB7iCuFoCITCnWMWaTrHnzkgKMzN53I4wNU7E3Y4oittYDkDN9q2O8DiUCpLFvwGYIgOaCWqjw==
x-fb-trip-id: 664085054
x-fb-content-md5: 742170000ada44d10539ae5bdc479c01
x-frame-options: DENY
date: Mon, 10 Aug 2020 01:59:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Tue, 10 Aug 2021 01:21:39 GMT

GET
H2

200

SeanHannity_logo_horizontal-1-443x69.png
hannity.com/wp-content/uploads/2017/12/
Redirect Chain

https://www.hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png
https://hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png

7 KB
8 KB

150ms
150ms

Image
image/png

151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

f46b1e5d029138667cbb040073b2c67e1d4afcfe3e37318dcef00d1bbde96600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 7648
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 03:23:10 GMT
server: Flywheel/5.1.0
x-timer: S1597024752.109120,VS0,VE108
etag: W/"5da2989e-1dc4"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

x-fw-static: NO
date: Mon, 10 Aug 2020 01:59:12 GMT
x-content-type-options: nosniff
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 301
content-length: 178
x-xss-protection: 1
x-served-by: cache-hhn4023-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
x-timer: S1597024752.957098,VS0,VE109
x-fw-hash: 8vgb82hkn4
x-fw-version: 5.0.0
content-type: text/html
location: https://hannity.com/wp-content/uploads/2017/12/SeanHannity_logo_horizontal-1-443x69.png
x-fw-serve: TRUE
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pressley-880x495.jpg
hannity.com/wp-content/uploads/2019/03/ 79 KB
79 KB 778ms
684ms Image
image/jpeg 151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/2019/03/pressley-880x495.jpg

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

71ca1ebbc13d82cced01937e9480dd055f34e51a3e176c5a1d64b9d3e41e44f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 80563
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 02:57:55 GMT
server: Flywheel/5.1.0
x-timer: S1597024752.933601,VS0,VE643
etag: W/"5da292b3-13bbe"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

557932
images-prod.powerinboxedge.com/v3/images/3782/
Redirect Chain

http://rs-stripe.hannity.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup
http://images-prod.powerinboxedge.com/v3/images/3782/557932

139 KB
140 KB

370ms
341ms

Image
image/png

13.226.155.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3782/557932
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Server: 13.226.155.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-21.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9b2154960cfcf3f14bb213dd99f23ee50971df4d379b0e74b0087574538815a

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 01:59:13 GMT
Via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Sep 2019 16:59:08 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "7c522fc9c1b820939f7cccae16f85367"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142510
X-Amz-Cf-Id: Yi2AhzSj0xMWZLcviyRYvj9sSnEbGJN8JCHFItce3QkRTg8sjwGGaA==

Redirect headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:11 GMT
X-Aspnetmvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-Aspnet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3782/557932
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

transparent.gif
branding.revenuestripe.com/recommend/
Redirect Chain

http://rs-stripe.hannity.com/branding/recommend/transparent.gif
http://branding.revenuestripe.com/recommend/transparent.gif

18 KB
19 KB

129ms
85ms

Image
image/gif

13.226.155.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://branding.revenuestripe.com/recommend/transparent.gif
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Server: 13.226.155.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ead3884004084eb183a040673cf1d63b64e1c83519df2803646110e21a11795b

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 05 Aug 2020 01:08:50 GMT
Via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 Aug 2015 16:56:10 GMT
Server: AmazonS3
Age: 435023
ETag: "4128f95bd8487bb29a31913da47afcb6"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 18632
X-Amz-Cf-Id: chKud8VAwa9FbgRi-yetLZk-pWO9DOs2niiAd_6NTlbqxeIy1pdu0Q==

Redirect headers

Location: http://branding.revenuestripe.com/recommend/transparent.gif
Date: Mon, 10 Aug 2020 01:59:12 GMT
Content-Length: 17
Content-Type: text/plain; charset=utf-8

GET
H2 200 az_grandma-880x495.jpg
hannity.com/wp-content/uploads/2019/08/ 52 KB
52 KB 682ms
681ms Image
image/jpeg 151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/2019/08/az_grandma-880x495.jpg

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

fc273e4131ff883af897933e691c4bde8a86f9db7a3ca46bec397c135c49af8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 52357
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 03:15:35 GMT
server: Flywheel/5.1.0
x-timer: S1597024752.983608,VS0,VE639
etag: W/"5da296d7-cf67"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

557932
images-prod.powerinboxedge.com/v3/images/3782/
Redirect Chain

http://rs-stripe.hannity.com/stripe/image?cs_email=259971&cs_stripeid=13907&cs_sendid=259971&cs_offset=0&cs_esp=postup
http://images-prod.powerinboxedge.com/v3/images/3782/557932

139 KB
140 KB

609ms
587ms

Image
image/png

13.226.155.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3782/557932
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Server: 13.226.155.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-21.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9b2154960cfcf3f14bb213dd99f23ee50971df4d379b0e74b0087574538815a

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 01:59:13 GMT
Via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Sep 2019 16:59:08 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "7c522fc9c1b820939f7cccae16f85367"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142510
X-Amz-Cf-Id: L7ZLW7NTPBOSsZFk_HEXB5vxoyw5Z79m5Tn-dXdncr6lxTokpBBc0A==

Redirect headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:11 GMT
X-Aspnetmvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-Aspnet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3782/557932
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
Content-Length: 0
Expires: -1

GET
H2 200 schiff_eagles-880x495.jpg
hannity.com/wp-content/uploads/2019/08/ 35 KB
35 KB 267ms
267ms Image
image/jpeg 151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/2019/08/schiff_eagles-880x495.jpg

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

10310de6a075f0d8ce815e4871282d873ddfe84a1eb8e985c37f3a40ece28553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 35536
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 03:16:18 GMT
server: Flywheel/5.1.0
x-timer: S1597024752.114315,VS0,VE225
etag: W/"5da29702-8d11"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

561648
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

http://rs-stripe.bongino.com/stripe/image?cs_email=harry.loader@deca.mil&cs_stripeid=15916&cs_sendid=259971&cs_offset=0&cs_esp=postup
http://images-prod.powerinboxedge.com/v3/images/0/561648

77 KB
77 KB

98ms
76ms

Image
image/png

13.226.155.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/0/561648
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Server: 13.226.155.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-21.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fc43a0cce4f5e9c56443ab98dcadb9b6773954abde9931cdbbfcbc0c038bbc5

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 01:17:24 GMT
Via: 1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 04 Oct 2019 18:52:02 GMT
Server: AmazonS3
Age: 2509
ETag: "8218efaf7daf1548ae1a540adb84fd5f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 78784
X-Amz-Cf-Id: qhV2bfX3tVu8_PBNf7X24U0Mw5o1v6cscYjv6o-IAQ49ufMzj4fedQ==

Redirect headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:12 GMT
X-Aspnetmvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-Aspnet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/0/561648
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
Content-Length: 0
Expires: -1

GET
H/1.1

200
OK

short.png
branding.revenuestripe.com/recommend/
Redirect Chain

http://rs-stripe.bongino.com/branding/recommend/short.png
http://branding.revenuestripe.com/recommend/short.png

1 KB
2 KB

105ms
84ms

Image
image/png

13.226.155.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://branding.revenuestripe.com/recommend/short.png
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Server: 13.226.155.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-70.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 05 Aug 2020 00:28:29 GMT
Via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 Aug 2015 16:56:24 GMT
Server: AmazonS3
Age: 437444
ETag: "b21b189748ab85533f7859fc43cc8806"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 1389
X-Amz-Cf-Id: m2Ob5GoRSoJcl6JR6T39KwlotMlY55-GunajRiE9VvJKxAT2uI1kGA==

Redirect headers

Location: http://branding.revenuestripe.com/recommend/short.png
Date: Mon, 10 Aug 2020 01:59:12 GMT
Content-Length: 17
Content-Type: text/plain; charset=utf-8

GET
H2 200 bernie_billionaire-880x495.jpg
hannity.com/wp-content/uploads/2019/07/ 46 KB
46 KB 282ms
279ms Image
image/jpeg 151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/2019/07/bernie_billionaire-880x495.jpg

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

6633e88457dfc0e1b2ec4f0eee68802269d8cd6053033bda32f7520fbda3c7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 46838
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 02:46:42 GMT
server: Flywheel/5.1.0
x-timer: S1597024752.128381,VS0,VE218
etag: W/"5da29012-b93b"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/jpeg
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

11565666444754278
lockerdome.com/elad/std/
Redirect Chain

http://ld.hannity.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup
https://lockerdome.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup

43 B
300 B

589ms
156ms

Image
image/gif

104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lockerdome.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 01:59:13 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: image/gif
Content-Length: 43
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'

Redirect headers

Location: https://lockerdome.com/elad/std/11565666444754278?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup
Date: Mon, 10 Aug 2020 01:59:12 GMT
Transfer-Encoding: chunked

GET
H/1.1

200
OK

11565672182562150
lockerdome.com/elad/std/
Redirect Chain

http://ld.hannity.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup
https://lockerdome.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup

43 B
300 B

589ms
152ms

Image
image/gif

104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lockerdome.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 10 Aug 2020 01:59:13 GMT
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: image/gif
Content-Length: 43
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'

Redirect headers

Location: https://lockerdome.com/elad/std/11565672182562150?mid=259971&rcp=97193d60f882b560549583cfe3803c67&sz=medium_rectangle&esp=postup
Date: Mon, 10 Aug 2020 01:59:12 GMT
Transfer-Encoding: chunked

GET
H2

200

twitter.png
hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/
Redirect Chain

https://www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png
https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png

2 KB
2 KB

474ms
473ms

Image
image/png

151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

c1e9b64a5fd3fbc48eef8a03415874d4d92d5660c9dc99c25febd7bb7281886c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 1937
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 04:51:27 GMT
server: Flywheel/5.1.0
x-timer: S1597024752.406261,VS0,VE431
etag: W/"5da2ad4f-77a"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

x-fw-static: NO
date: Mon, 10 Aug 2020 01:59:12 GMT
x-content-type-options: nosniff
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 301
content-length: 178
x-xss-protection: 1
x-served-by: cache-hhn4023-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
x-timer: S1597024752.253656,VS0,VE110
x-fw-hash: 8vgb82hkn4
x-fw-version: 5.0.0
content-type: text/html
location: https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/twitter.png
x-fw-serve: TRUE
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

facebook.png
hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/
Redirect Chain

https://www.hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png
https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png

1 KB
2 KB

468ms
468ms

Image
image/png

151.101.194.159
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.159 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Flywheel/5.1.0 /

Resource Hash

f881752f70fd73ee553a42b62a008f3e8817b11b658a3e4ff5f18f224af06a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fw-static: YES
date: Mon, 10 Aug 2020 01:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
fastly-restarts: 1
x-cacheable: YES
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 200
content-length: 1491
x-xss-protection: 1
x-served-by: cache-hhn4028-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 13 Oct 2019 04:51:27 GMT
server: Flywheel/5.1.0
x-timer: S1597024753.733755,VS0,VE427
etag: W/"5da2ad4f-5b7"
x-fw-hash: 8vgb82hkn4
vary: Accept-Encoding, Authorization
x-fw-version: 5.0.0
content-type: image/png
x-fw-serve: TRUE
expires: Tue, 10 Aug 2021 01:59:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

Redirect headers

x-fw-static: NO
date: Mon, 10 Aug 2020 01:59:12 GMT
x-content-type-options: nosniff
x-fw-server: Flywheel/5.1.0
x-cache: MISS
status: 301
content-length: 178
x-xss-protection: 1
x-served-by: cache-hhn4023-HHN
x-fw-type: VISIT
referrer-policy: no-referrer-when-downgrade
server: Flywheel/5.1.0
x-timer: S1597024752.253735,VS0,VE437
x-fw-hash: 8vgb82hkn4
x-fw-version: 5.0.0
content-type: text/html
location: https://hannity.com/wp-content/uploads/mailster/templates/market/img/social/dark/facebook.png
x-fw-serve: TRUE
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=20015427&cv=2.0&cj=1
https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1&cs_ak_ss=1

43 B
589 B

45ms
45ms

Image
image/gif

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1&cs_ak_ss=1
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=20015427&cv=2.0&cj=1&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p-31iz6hfFutd16.gif
pixel.quantserve.com/pixel/ 35 B
372 B 23ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-31iz6hfFutd16.gif?labels=Domain.hannity_com,DomainId.80607

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 01:59:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-31iz6hfFutd16.gif
pixel.quantserve.com/pixel/ 35 B
210 B 8ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-31iz6hfFutd16.gif?labels=Domain.hannity_com,DomainId.80607

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 01:59:12 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 p-31iz6hfFutd16.gif
pixel.quantserve.com/pixel/ 35 B
210 B 9ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-31iz6hfFutd16.gif?labels=Domain.hannity_com,DomainId.80607

Requested by

Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Aug 2020 01:59:12 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
589 B 45ms
45ms Image
image/gif 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=20015427&cv=2.0&cj=1
Requested by: Host: click1.em.iheart.com
URL: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: http://click1.em.iheart.com/ViewMessage.do;jsessionid=40A7BD6BB8935CB20307E725E75D0023
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 10 Aug 2020 01:59:12 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FB

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
click1.em.iheart.com
connect.facebook.net
d2b46f.efeedbacktrk.com
hannity.com
images-prod.powerinboxedge.com
ld.hannity.com
lockerdome.com
pixel.quantserve.com
rs-stripe.bongino.com
rs-stripe.hannity.com
sb.scorecardresearch.com
www.hannity.com
104.111.238.139
104.154.142.214
13.226.155.21
13.226.155.70
13.84.54.237
151.101.194.159
2620:116:800d:21:36a9:ecb:e518:b308
2a03:2880:f01c:8012:face:b00c:0:3
69.56.15.50
96.46.128.252
0fda20e708856bf4406d35ba92024a193b81c58391f1aebb1c06f8eb4aa0fab9
10310de6a075f0d8ce815e4871282d873ddfe84a1eb8e985c37f3a40ece28553
1fc43a0cce4f5e9c56443ab98dcadb9b6773954abde9931cdbbfcbc0c038bbc5
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
294947915c2f6b15d260f2fc09f68a14cfef24da6e0228809956f13ee3da4141
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
40b3e8b8778351a4aa43b583b6a36f1ebe70645cc1f27f1feafd8bec4b7946d7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6633e88457dfc0e1b2ec4f0eee68802269d8cd6053033bda32f7520fbda3c7a4
71ca1ebbc13d82cced01937e9480dd055f34e51a3e176c5a1d64b9d3e41e44f1
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
c1e9b64a5fd3fbc48eef8a03415874d4d92d5660c9dc99c25febd7bb7281886c
d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1
ead3884004084eb183a040673cf1d63b64e1c83519df2803646110e21a11795b
f46b1e5d029138667cbb040073b2c67e1d4afcfe3e37318dcef00d1bbde96600
f881752f70fd73ee553a42b62a008f3e8817b11b658a3e4ff5f18f224af06a0c
f9b2154960cfcf3f14bb213dd99f23ee50971df4d379b0e74b0087574538815a
fc273e4131ff883af897933e691c4bde8a86f9db7a3ca46bec397c135c49af8f

click1.em.iheart.com Open in urlscan Pro 96.46.128.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

69 %HTTPS

20 %IPv6

10 Domains

13 Subdomains

9 IPs

3 Countries

916 kBTransfer

1183 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

click1.em.iheart.com Open in urlscan Pro
96.46.128.252 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

69 %
HTTPS

20 %
IPv6

10
Domains

13
Subdomains

9
IPs

3
Countries

916 kB
Transfer

1183 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions