urlscan.io logo urlscan.io
SecurityTrails logo

mailz.leafybranch.com Open in urlscan Pro
2600:3c00::f03c:93ff:fe39:3408  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpos...
Effective URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpos...
Submission: On January 27 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 26 HTTP transactions. The main IP is 2600:3c00::f03c:93ff:fe39:3408, located in Richardson, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is mailz.leafybranch.com.
TLS certificate: Issued by R3 on January 6th 2024. Valid for: 3 months.
This is the only time mailz.leafybranch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2600:3c00::f0... 63949 (AKAMAI-LI...)
1 2607:f8b0:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
14 14 20.225.97.235 8075 (MICROSOFT...)
13 13.225.195.73 16509 (AMAZON-02)
1 52.85.132.116 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
26 6
3    2600:3c00::f03c:93ff:fe39:3408 (Richardson, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
mailz.leafybranch.com
1    2607:f8b0:4004:c08::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2606:4700:3030::6815:2278 (United States)

ASN13335 (CLOUDFLARENET, US)
freedomheadlines.com
14    20.225.97.235 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rs-stripe.freedomheadlines.com
13    13.225.195.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-73.yul62.r.cloudfront.net
images-prod.powerinboxedge.com
1    52.85.132.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-132-116.iad50.r.cloudfront.net
branding.revenuestripe.com
2    2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
21 freedomheadlines.com
freedomheadlines.com
rs-stripe.freedomheadlines.com
92 KB
13 powerinboxedge.com
images-prod.powerinboxedge.com — Cisco Umbrella Rank: 25927
411 KB
3 leafybranch.com
mailz.leafybranch.com
8 KB
2 gstatic.com
fonts.gstatic.com
56 KB
1 revenuestripe.com
branding.revenuestripe.com — Cisco Umbrella Rank: 49189
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
26 6
Domain Requested by
14 rs-stripe.freedomheadlines.com 14 redirects
13 images-prod.powerinboxedge.com mailz.leafybranch.com
7 freedomheadlines.com mailz.leafybranch.com
3 mailz.leafybranch.com 1 redirects mailz.leafybranch.com
2 fonts.gstatic.com fonts.googleapis.com
1 branding.revenuestripe.com mailz.leafybranch.com
1 fonts.googleapis.com mailz.leafybranch.com
26 7

This site contains no links.

Subject Issuer Validity Valid
mailz.leafybranch.com
R3		 2024-01-06 -
2024-04-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
freedomheadlines.com
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Frame ID: C113224D2A60E2DA44347EC2514EC832
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Teacher Makes Excellent Point, “If Educators Can Teach Children About Gender, I Can…”

Page URL History Show full URLs

  1. http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email... HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

46 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

6
IPs

1
Countries

570 kB
Transfer

633 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular HTTP 301
    https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125095&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/0/962526
Request Chain 3
  • https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png HTTP 301
  • https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Request Chain 7
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/946496
Request Chain 8
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/919292
Request Chain 9
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/961253
Request Chain 10
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757493
Request Chain 14
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757538
Request Chain 15
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/788438
Request Chain 16
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757480
Request Chain 17
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757539
Request Chain 18
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=4&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757483
Request Chain 19
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=5&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757488
Request Chain 20
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=6&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757485
Request Chain 21
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=7&cs_esp=amazonses HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/8661/757491

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bg511aro0wbe1
mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/
Redirect Chain
  • http://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
  • https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
76 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
adfad5aac85d85f369591367ea3299670af99503e6c17cc7688d318b3fbae50b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
7102
Content-Type
text/html; charset=UTF-8
Date
Sat, 27 Jan 2024 21:28:37 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Referrer-Policy
no-referrer
Server
Apache/2.4.56 (Debian)
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
deny
X-Robots-Tag
noindex
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
364
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 27 Jan 2024 21:28:36 GMT
Keep-Alive
timeout=5, max=100
Location
https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Server
Apache/2.4.56 (Debian)
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ad7f0c5d5a0d599ffffdce4351226b6cc782b14f9e8d33d31373f416ba7dffc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 27 Jan 2024 21:28:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 27 Jan 2024 21:28:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 27 Jan 2024 21:28:37 GMT
FH-2021-sized-1.jpg
freedomheadlines.com/wp-content/uploads/2021/01/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2021/01/FH-2021-sized-1.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1712517
alt-svc
h3=":443"; ma=86400
content-length
28587
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 01:55:25 GMT
server
cloudflare
etag
"6351fc0d-6fab"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwKbr7umSACR%2FR0t8eu0FHDM1XUimfJXWYywPSsku2czgJAyzju28awi6Dh4t86uGN08vChKBP0FRhN8QtLPt5TTIFQA%2Fn7ZSGKLyzBzqC%2ByXZPqiCJISuZtqhDjQjEmZnQzsS1HD48KiGcKicw4luqaqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162218244bcd-BUF
expires
Tue, 12 Nov 2024 11:19:06 GMT
962526
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125095&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/0/962526
52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/0/962526
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aad49464aebe54d0c11112d20ffd209d497283179a4ce9a0908f228e3ffd1543

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:38 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Fri, 19 Jan 2024 16:54:40 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
x-amz-server-side-encryption
AES256
etag
"4c4c72696fcc1db50f409ce28a48e29f"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
53645
x-amz-cf-id
RBOX_2OHtTOW_Vko1CG81RmHOR5GhpCFhKJfE6WCtMELHmv97yeGhw==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/0/962526
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
powerinbox-rec-reg.png
branding.revenuestripe.com/recommend/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/branding/recommend/powerinbox-rec-reg.png
  • https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
52.85.132.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-132-116.iad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 08 Jan 2024 17:47:35 GMT
via
1.1 13af704549c5ac5d9fb78e3b737019ec.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 22:16:11 GMT
server
AmazonS3
x-amz-cf-pop
IAD50-C2
age
1654863
etag
"466795436b37f96c671ae07757810750"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
1707
x-amz-cf-id
vZFD3LqYZwzhTV19exUue_XlVx-jpbah4_LMt7apIjf0bpbDOgvGjA==

Redirect headers

location
https://branding.revenuestripe.com/recommend/powerinbox-rec-reg.png
access-control-expose-headers
Request-Context
cache-control
private
date
Sat, 27 Jan 2024 21:28:37 GMT
request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length
184
content-type
text/html; charset=utf-8
teacher-viral-300x175.jpg
freedomheadlines.com/wp-content/uploads/2022/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2022/04/teacher-viral-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203a465ded36459c84e5eb932fc399a7848e2ea8c3918aa311214a596a1bf9c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5438
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 01:54:31 GMT
server
cloudflare
etag
"6351fbd7-153e"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xj8ZDI0ABB8rgehYpiSWupgqHZn9E5Q5DJLyI3RjMBj9icTgo3gm7LkAgIuT5bfJ3ViCO6cpSBnrfPzpA1xBDJ3b3kkiHiZYG7U94JB58MhYP%2Buufwg%2FqMEnSRRslyGBu9YSyXd1eN442oxaReVCHNwYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162258514bcd-BUF
expires
Fri, 03 Jan 2025 17:28:19 GMT
insurrection1-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/insurrection1-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d7af89e31f234a1ef86f79f687c7c9d800066e61841ae27fdfc3eb728d68e3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
13931
x-xss-protection
1; mode=block
last-modified
Thu, 19 Oct 2023 04:47:09 GMT
server
cloudflare
etag
"6530b4cd-366b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvBXlAwoJI6getfs3CRX1DtOoVjA%2FLJpUL%2Fn6qCCix54%2Fs%2F3viYGbzrlRTGZerAX7DrkFbh1Cx4r75Sl7HoCkUBBYoZEWfVF9vpzT7nIspYso9NAU4vOnhsiAzwqwuCZPgNjBeStk8E1Zeke5wGfyp7PTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162258524bcd-BUF
expires
Fri, 03 Jan 2025 17:28:19 GMT
embassy-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/embassy-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f4815d674f1597ac47b322e9bfbfc7bc7abb42a410b3b4f45da3d372d0d77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
14276
x-xss-protection
1; mode=block
last-modified
Thu, 19 Oct 2023 15:45:22 GMT
server
cloudflare
etag
"65314f12-37c4"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1u%2B2IEuARqHkPBLKEJ88Hs5%2FpDLSd7vZ%2BqO9XC9gmv2TPdX934iWbPEKKRrnWtrhlTW9k6GWwIeCqy%2B3Xgx2QDJ83W%2FtE1MDC488q5XMY4BENQSr2JA9zR%2FHsFvegnJdM10t04XvYzIzYRrz7%2B4eE%2BHvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162258544bcd-BUF
expires
Wed, 27 Nov 2024 11:53:15 GMT
946496
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/946496
25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/946496
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dbcc0a2ba851fc150ba218e07a0541b32a56fe155e12c747400546e59dcc1de8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 22:02:29 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Wed, 13 Sep 2023 17:43:37 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
84369
etag
"3381e45fe593b858072c999053991ec0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
26057
x-amz-cf-id
7_HKjp_uYJ63ZRgLo8JbNWqNBhPeNFM9gVBXn0rfiBSChxL1JpC2wg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/946496
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
919292
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/919292
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/919292
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
defe52487009958c86611b419d2401b32fdd74a64858a4d614bcde038a31e60a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 15:30:00 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:46:46 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
21517
etag
"d4c02b012257546684e14d17124cb402"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27521
x-amz-cf-id
6wzCrA2zv2yeG0PNeRnveR1rnx_5s545v2ElE2o-JDOlalqjj_X6IA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/919292
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
961253
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/961253
32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/961253
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c9aeafd3225f8bf3bb7f5c3855c13304f71b8ce3424de05fc19a3e16c11f4c6f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:38 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jan 2024 20:33:49 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
etag
"3007723d9946f4050fcc47e5c748bbee"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
32958
x-amz-cf-id
Lpu7baMuHMu4iqCYRtxJr3oBnAD4Frm1QNW8HgtR_HzOzVIQru5JWg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/961253
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757493
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125096&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757493
29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757493
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03e900bbae32bad252e9b8acef9ac75762d2500e4583bf0524cf415a7f0e96f9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 04:16:16 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 23:16:16 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
61942
etag
"e4cc15e4ecc18a9210ed932c81d9aa00"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
29924
x-amz-cf-id
kVIWlTT2L67ayOrAakqpKF8iaOgI_BAIMptYoF6P5qRTb1pqbb8jrg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757493
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
sidney-powell3-300x175.jpg
freedomheadlines.com/wp-content/uploads/2021/02/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2021/02/sidney-powell3-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb138a79e95910d1ed65fe8ea9bee8530a8e6927dd0beab188bdee47a0912fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
4955
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 02:08:19 GMT
server
cloudflare
etag
"6351ff13-135b"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhXIfEDQBV%2FVpDvQi7nAcaU70idJJotA0m%2BA4Bb51KX9DR22HLSJsnXbdettOW7dZ%2Fzi1QXZ93W%2B0xklN2JXnFlmSLTl%2FbvXGojnXeyDFNcVItngXPQbz5tJP%2B8kc5RSst%2BwL2LHu%2FWaSB3tV9SsD8ZaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162258554bcd-BUF
expires
Sat, 25 Jan 2025 22:01:38 GMT
trump-army-300x175.jpg
freedomheadlines.com/wp-content/uploads/2019/09/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2019/09/trump-army-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad42b414b617f6c0eb721b8ac143882998399b0c4b8688e8371c4150b73c477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7568
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 02:01:30 GMT
server
cloudflare
etag
"6351fd7a-1d90"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjt9cQTfZ%2FLUhVRNcywNfVv1dgj6C2jP7JFKR0HZuHbAwx34yOZolWNYSNA7kdBrrlX9IJVm0f0xR%2BL1d0Npbrya%2BZveisb%2FcDNMv9x%2Bybl5hixoR1zmVA7jZK1RBny9lcT2InbgRV9Tvl6OemraIjjdFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162258564bcd-BUF
expires
Fri, 24 Jan 2025 00:28:50 GMT
gop-candidates2-300x175.jpg
freedomheadlines.com/wp-content/uploads/2023/10/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomheadlines.com/wp-content/uploads/2023/10/gop-candidates2-300x175.jpg
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:2278 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1198f03b0ec244684c5303eb4c8b5b612f809c7e2f3fb1c0c23e6b1031e55ee0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 21:28:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
15452
x-xss-protection
1; mode=block
last-modified
Tue, 17 Oct 2023 18:30:19 GMT
server
cloudflare
etag
"652ed2bb-3c5c"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJ1%2FprUGUHNEjEkQRg%2Fp%2FEl5NrBwCW75z1ogkWsGSmaMk4SO3cYtIUp7c2v0UT%2FEewe7Ti2V39gITfAsXlDHPTW5K7Rzc2TpvtozulkRB6FAnzh9uSPKOgf6CQMp2c%2FXewQk%2Bz08tZjeP2FfR1Uq3%2Fm6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
84c4162258574bcd-BUF
expires
Sat, 30 Nov 2024 11:11:34 GMT
757538
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=0&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757538
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757538
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba152870785eedcf9d1be1e6d4b1f78e9975ceae8fd40af75c5ed0d88ff85702

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 04:16:16 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:53:59 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
61942
etag
"b1c3990975918ba3e3697b92e5db9f45"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
34350
x-amz-cf-id
raBN72xijcyxXQeNZLpnblT7_0zL29RURzwN_UleaJ52r6VJbL-kDg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757538
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
788438
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=1&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/788438
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/788438
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e8dc4c29836d9e2f46c5823e20eb2e5a7dd6e88b93c8b90e953e9e923b79d17

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 02:47:27 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:59:48 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
67271
x-amz-server-side-encryption
AES256
etag
"15d91990f8401c3e447e95314e56953d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15411
x-amz-cf-id
gc48PCt0V4V-5ZP-re70E_cKXyqv4B06Xb_gmsezPR9tGvcqnYYa8g==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/788438
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757480
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=2&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757480
27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757480
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7cbc78521e04103d56e2ceeef5515bdcf5701cb6b7212746640a5ea2d14ef0a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 01:37:27 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:51:41 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
71471
x-amz-server-side-encryption
AES256
etag
"9310ffd116e88847b2ddba43a5d77218"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27625
x-amz-cf-id
486mnwYZNVQ6v4_VUcFJMHvY1icdlAZKEKTJjGGNIE2NIjInmsJSpg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757480
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757539
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=3&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757539
33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757539
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3776a13ec3830623ee7abc2109377a5534a5d0638f930439f585cde86899f3a2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 07:22:52 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:59:38 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
50746
etag
"f9bbb21c3232538e6c57b9563c80ec5d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
33602
x-amz-cf-id
tlTlgACKCaVSFM-HaTVuB40sisjwipznkwBQAGEHNHb1Emmythm_-w==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757539
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757483
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=4&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757483
37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757483
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1065487ec4fc49c616dbbb19c9b27eb943f193a7504a6a1d4e78713c52821d16

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 15:45:35 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 23:16:12 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
20583
x-amz-server-side-encryption
AES256
etag
"dad28fff2cac8419048c9693d735020e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
37496
x-amz-cf-id
qIrupjpTrW_U8SRDbibcg9QTwWPpuK0ejucx5d7Y_5NGNe-Hxsw1tA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757483
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757488
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=5&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757488
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757488
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb3192ffa38f491b0139f6f623353faff3f062db587e1e5508846078c5a0748b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 17:23:15 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:56:42 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
14723
etag
"df689e6625e5f8eb728aefab33b02d8c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
30742
x-amz-cf-id
ITf-N8t-TF-wXzhC1md5SxMV_RhnxVsJrXDHaZxh6rUO_VX4GI23YQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757488
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757485
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=6&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757485
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757485
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
767f924e07cdaa980db0e0371e2d94c208d2eb03264506adc8f647f08039641e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 21:31:10 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:49:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
86248
etag
"b1b9b662a405a1bcec73db510fa9441d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
32798
x-amz-cf-id
dOfK_wSKupzUKJEIC2cGHjJQ_kwXazIHegzgQW6B6qpOfuOzwKvFCQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757485
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757491
images-prod.powerinboxedge.com/v3/images/8661/
Redirect Chain
  • https://rs-stripe.freedomheadlines.com/stripe/image?cs_email=ccannon@realclearpolitics.com&cs_stripeid=125097&cs_sendid=1697820872&cs_offset=7&cs_esp=amazonses
  • https://images-prod.powerinboxedge.com/v3/images/8661/757491
33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/8661/757491
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
H2
Server
13.225.195.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-195-73.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5c74381b99ede3ec8d859fa1f88aacb18ba99570ba8a4b9dfd2b9ca13a9562

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 18:54:04 GMT
via
1.1 accde91a69bd802adc7286eb965fb316.cloudfront.net (CloudFront)
last-modified
Tue, 29 Aug 2023 22:44:29 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C1
age
9274
etag
"dae1acbf53cbd4b75f6e67e23b7d8346"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
34055
x-amz-cf-id
XfMCKuf11cGtG_NCc9pOAs4SPgOdYWovN5e-NIYfxTvx9w4md7v0gg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Sat, 27 Jan 2024 21:28:37 GMT
location
https://images-prod.powerinboxedge.com/v3/images/8661/757491
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
bg511aro0wbe1
mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-opening/ 		0
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/track-opening/bg511aro0wbe1
Requested by
Host: mailz.leafybranch.com
URL: https://mailz.leafybranch.com/index.php/campaigns/ka7647m2126de/web-version/bg511aro0wbe1?utm_medium=email&utm_source=sparkpost&utm_campaign=regular
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:3c00::f03c:93ff:fe39:3408 Richardson, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software
Apache/2.4.56 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 27 Jan 2024 21:28:37 GMT
X-Content-Type-Options
nosniff
P3P
CP="OTI DSP COR CUR IVD CONi OTPi OUR IND UNI STA PRE"
Connection
Keep-Alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
no-referrer
Last-Modified
Sat, 27 Jan 2024 21:28:37 GMT
Server
Apache/2.4.56 (Debian)
X-Frame-Options
deny
Content-Type
application/json
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Robots-Tag
noindex
Keep-Alive
timeout=5, max=99
Expires
Mon, 26 Jul 1997 05:00:00 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mailz.leafybranch.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:34:32 GMT
x-content-type-options
nosniff
age
89645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 20:34:32 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700|Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mailz.leafybranch.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:06:47 GMT
x-content-type-options
nosniff
age
80510
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Jan 2025 23:06:47 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
mailz.leafybranch.com/ Name: mwsid
Value: vh9ejppfpsc77erms423cc49vb

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
fonts.googleapis.com
fonts.gstatic.com
freedomheadlines.com
images-prod.powerinboxedge.com
mailz.leafybranch.com
rs-stripe.freedomheadlines.com
13.225.195.73
20.225.97.235
2600:3c00::f03c:93ff:fe39:3408
2606:4700:3030::6815:2278
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c1b::5e
52.85.132.116
03e900bbae32bad252e9b8acef9ac75762d2500e4583bf0524cf415a7f0e96f9
0d7af89e31f234a1ef86f79f687c7c9d800066e61841ae27fdfc3eb728d68e3e
1065487ec4fc49c616dbbb19c9b27eb943f193a7504a6a1d4e78713c52821d16
1198f03b0ec244684c5303eb4c8b5b612f809c7e2f3fb1c0c23e6b1031e55ee0
203a465ded36459c84e5eb932fc399a7848e2ea8c3918aa311214a596a1bf9c4
3776a13ec3830623ee7abc2109377a5534a5d0638f930439f585cde86899f3a2
6ad7f0c5d5a0d599ffffdce4351226b6cc782b14f9e8d33d31373f416ba7dffc
767f924e07cdaa980db0e0371e2d94c208d2eb03264506adc8f647f08039641e
8ad42b414b617f6c0eb721b8ac143882998399b0c4b8688e8371c4150b73c477
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9e8dc4c29836d9e2f46c5823e20eb2e5a7dd6e88b93c8b90e953e9e923b79d17
aad49464aebe54d0c11112d20ffd209d497283179a4ce9a0908f228e3ffd1543
adfad5aac85d85f369591367ea3299670af99503e6c17cc7688d318b3fbae50b
ba152870785eedcf9d1be1e6d4b1f78e9975ceae8fd40af75c5ed0d88ff85702
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd68ba47151af47fb4fc00492f47126e0bc7049f5218211d74439f996e00d4b4
c9aeafd3225f8bf3bb7f5c3855c13304f71b8ce3424de05fc19a3e16c11f4c6f
d5f4815d674f1597ac47b322e9bfbfc7bc7abb42a410b3b4f45da3d372d0d77e
d7cbc78521e04103d56e2ceeef5515bdcf5701cb6b7212746640a5ea2d14ef0a
dbcc0a2ba851fc150ba218e07a0541b32a56fe155e12c747400546e59dcc1de8
dc5c74381b99ede3ec8d859fa1f88aacb18ba99570ba8a4b9dfd2b9ca13a9562
defe52487009958c86611b419d2401b32fdd74a64858a4d614bcde038a31e60a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f4f96e32a749a3c07b566aceb9b84a8445c71ca9713a4bfce9b7d28731fc33
eb3192ffa38f491b0139f6f623353faff3f062db587e1e5508846078c5a0748b
fbb138a79e95910d1ed65fe8ea9bee8530a8e6927dd0beab188bdee47a0912fe