echo7.bluehornet.com

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 44.240.21.16, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is echo7.bluehornet.com.

This is the only time echo7.bluehornet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	4.16.47.153 4.16.47.153	3356 (LEVEL3) (LEVEL3)
2 4	44.240.21.16 44.240.21.16	16509 (AMAZON-02) (AMAZON-02)
4	52.240.149.243 52.240.149.243	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2

1 4.16.47.153 (West Linn, United States) 1 redirects

ASN3356 (LEVEL3, US)

es.sonicurlprotection-sjl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.240.21.16 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-21-16.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.240.149.243 (Chicago, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.cintas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cintas.com www.cintas.com	422 KB
4	bluehornet.com 2 redirects echo7.bluehornet.com	10 KB
1	sonicurlprotection-sjl.com 1 redirects es.sonicurlprotection-sjl.com	227 B
6	3

	Domain	Requested by
4	www.cintas.com	echo7.bluehornet.com
4	echo7.bluehornet.com	2 redirects echo7.bluehornet.com
1	es.sonicurlprotection-sjl.com	1 redirects
6	3

This site contains no links.

Subject Issuer	Validity	Valid
*.cintas.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-12` - `2021-10-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21
Frame ID: 5153B9DDCABF2F4BD8A6F50D40431CDA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251512030039304&URLID=1&ESV=10.0.6.3447&IV=28805424BC... HTTP 302
http://echo7.bluehornet.com/p/vJoGIpfuLN HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

430 kB
Transfer

436 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251512030039304&URLID=1&ESV=10.0.6.3447&IV=28805424BC48C3C043194F1EA9DB59A6&TT=1616685124435&ESN=klP36ozqu7CmumcQlR%2B0dkd0S4aMRoOezbBmDWLWKN4%3D&KV=1536961729279&ENCODED_URL=http%3A%2F%2Fecho7.bluehornet.com%2Fp%2FvJoGIpfuLN&HK=5F1E034E04E8585C095988C1290ECCBC5FAACC24293E5C2420C44DE75EF92560 HTTP 302
http://echo7.bluehornet.com/p/vJoGIpfuLN HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif HTTP 301
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set email.htm Show response echo7.bluehornet.com/hostedemail/ Redirect Chain https://es.sonicurlprotection-sjl.com/click?PV=1&MSGID=202103251512030039304&URLID=1&ESV=10.0.6.3447&IV=28805424BC48C3C043194F1EA9DB59A6&TT=1616685124435&ESN=klP36ozqu7CmumcQlR%2B0dkd0S4aMRoOezbBmD... http://echo7.bluehornet.com/p/vJoGIpfuLN http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21	11 KB 3 KB	361ms 361ms	Document text/html	44.240.21.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Protocol HTTP/1.1 Server 44.240.21.16 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-21-16.us-west-2.compute.amazonaws.com Software Apache / Resource Hash `9526aa598d7d670ae6426938c0e91f3d7ab0d8d44c431004ce87a8ed532c7ce9` Request headers Host echo7.bluehornet.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie AWSALB=XfZQuAx8ULXTj3V+jf6BAVPEDXb7ER5OpobNQ5SZggMwdEdwYaH++HVhvTBIdMxeJkjtehrEG+mW1vQvT1BHI6j01BpqDldzvog7rTFwv7SPWbCEvc2BwP7prNrj Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Fri, 26 Mar 2021 20:01:14 GMT Content-Type text/html; charset=utf-8 Content-Length 2407 Connection keep-alive Set-Cookie AWSALB=8X4jGMN3AzyMulLdIKVEl6dSHfYTpqUCcXTbbJj5pFWOPyWMAzvJGrvuXzcYg5Tj6ASWYCR3iBN5VnTKI1SfQ1iaU11n27TWb49lrjvbcvPJudqAd3KTRw7khT6R; Expires=Fri, 02 Apr 2021 20:01:14 GMT; Path=/ AWSALBCORS=8X4jGMN3AzyMulLdIKVEl6dSHfYTpqUCcXTbbJj5pFWOPyWMAzvJGrvuXzcYg5Tj6ASWYCR3iBN5VnTKI1SfQ1iaU11n27TWb49lrjvbcvPJudqAd3KTRw7khT6R; Expires=Fri, 02 Apr 2021 20:01:14 GMT; Path=/; SameSite=None Server Apache Vary X-Forwarded-Proto,Accept-Encoding AMFplus-Ver 1.4.0.0 Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade Redirect headers Date Fri, 26 Mar 2021 20:01:13 GMT Content-Type text/html; charset=utf-8 Content-Length 20 Connection keep-alive Set-Cookie AWSALB=XfZQuAx8ULXTj3V+jf6BAVPEDXb7ER5OpobNQ5SZggMwdEdwYaH++HVhvTBIdMxeJkjtehrEG+mW1vQvT1BHI6j01BpqDldzvog7rTFwv7SPWbCEvc2BwP7prNrj; Expires=Fri, 02 Apr 2021 20:01:13 GMT; Path=/ AWSALBCORS=XfZQuAx8ULXTj3V+jf6BAVPEDXb7ER5OpobNQ5SZggMwdEdwYaH++HVhvTBIdMxeJkjtehrEG+mW1vQvT1BHI6j01BpqDldzvog7rTFwv7SPWbCEvc2BwP7prNrj; Expires=Fri, 02 Apr 2021 20:01:13 GMT; Path=/; SameSite=None Server Apache Vary X-Forwarded-Proto,Accept-Encoding AMFplus-Ver 1.4.0.0 Location http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Content-Encoding gzip Referrer-Policy no-referrer-when-downgrade
GET H/1.1	200 OK	print_this.gif echo7.bluehornet.com/two/phase2/bhecho_files/images/ Redirect Chain http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif	4 KB 5 KB	201ms 199ms	Image image/gif	44.240.21.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif Requested by Host: echo7.bluehornet.com URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Protocol HTTP/1.1 Server 44.240.21.16 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-21-16.us-west-2.compute.amazonaws.com Software Apache / Resource Hash `020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9` Request headers Referer http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers Date Fri, 26 Mar 2021 20:01:14 GMT Referrer-Policy no-referrer-when-downgrade Last-Modified Fri, 26 Feb 2021 14:25:26 GMT Server Apache ETag "11c0-5bc3e0a0a6180" Vary X-Forwarded-Proto Content-Type image/gif Cache-Control max-age=2592000 AMFplus-Ver 1.4.0.0 Connection keep-alive Accept-Ranges bytes Content-Length 4544 Expires Sun, 25 Apr 2021 20:01:14 GMT Redirect headers Location http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif Date Fri, 26 Mar 2021 20:01:14 GMT Server Apache Connection keep-alive Content-Length 281 Content-Type text/html; charset=iso-8859-1
GET H2	200	256_header_imageREV.jpg www.cintas.com/fs-images/default-source/emails/202101/	172 KB 173 KB	629ms 133ms	Image image/jpeg	52.240.149.243 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.cintas.com/fs-images/default-source/emails/202101/256_header_imageREV.jpg Requested by Host: echo7.bluehornet.com URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.240.149.243 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `72b591b3b9e05fef2af49c6f9d47057131a4e7dee3ae14a431c836a6e544343c` Request headers Referer http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Fri, 26 Mar 2021 20:01:14 GMT etag "41664ef4e4edd61:0" last-modified Mon, 18 Jan 2021 21:57:46 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type image/jpeg access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes content-length 176367 request-context appId=cid-v1:4007a34e-dcf2-4f87-bdd1-4fed6ca9ecc0
GET H2	200	256_products1.jpg www.cintas.com/fs-images/default-source/emails/202101/	135 KB 135 KB	628ms 133ms	Image image/jpeg	52.240.149.243 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.cintas.com/fs-images/default-source/emails/202101/256_products1.jpg Requested by Host: echo7.bluehornet.com URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.240.149.243 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `29eb1f1345bc33df66073c31724a535b6570f1f0d364fb3b7158854e5a031b16` Request headers Referer http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Fri, 26 Mar 2021 20:01:14 GMT etag "97e22227a4ead61:0" last-modified Thu, 14 Jan 2021 18:36:20 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type image/jpeg access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes content-length 138195 request-context appId=cid-v1:4007a34e-dcf2-4f87-bdd1-4fed6ca9ecc0
GET H2	200	256_products2.jpg www.cintas.com/fs-images/default-source/emails/202101/	109 KB 109 KB	641ms 147ms	Image image/jpeg	52.240.149.243 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.cintas.com/fs-images/default-source/emails/202101/256_products2.jpg Requested by Host: echo7.bluehornet.com URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.240.149.243 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `a83b36690c4b1e38ab33e00897e2a088407217cfbea5d25ea425f713dcb42de7` Request headers Referer http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Fri, 26 Mar 2021 20:01:14 GMT etag "96326767b1d71:0" last-modified Fri, 12 Feb 2021 20:13:00 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type image/jpeg access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes content-length 111469 request-context appId=cid-v1:4007a34e-dcf2-4f87-bdd1-4fed6ca9ecc0
GET H2	200	ctas_red_learn_more.jpg www.cintas.com/fs-images/default-source/emails/	5 KB 5 KB	741ms 247ms	Image image/jpeg	52.240.149.243 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.cintas.com/fs-images/default-source/emails/ctas_red_learn_more.jpg Requested by Host: echo7.bluehornet.com URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.240.149.243 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `12c539a5d3482ab5ed3e3c4da06d66dcd354e5dab3627942d085c051bfd0c1f2` Request headers Referer http://echo7.bluehornet.com/hostedemail/email.htm?CID=40068394029&ch=DC033E964D844D24AB9A01C57C56782D&h=04577866ce5ee3c47422694ca4e86c4a&ei=JoGIpfuLN&st=25-MAR-21 User-Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.109 Safari/537.36 Response headers date Fri, 26 Mar 2021 20:01:14 GMT etag "56e71ace18b2d61:0" last-modified Tue, 03 Nov 2020 19:37:46 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type image/jpeg access-control-expose-headers Request-Context cache-control max-age=2678400 accept-ranges bytes content-length 4641 request-context appId=cid-v1:4007a34e-dcf2-4f87-bdd1-4fed6ca9ecc0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			echo7.bluehornet.com/	1970-01-19 17:16:33	Name: AWSALB Value: aNHnoT84SmCNfdUkCKSo+Qf91jOhQQcdiP2QJHnbLmJGMAEpYWgu7Kyqk9qtzyq9BBP4+xlCOUxQFJ9a72xATglf+zxsgWIOY3SsjRz94XL7ElV+aFqrNhLr4Ck4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

echo7.bluehornet.com
es.sonicurlprotection-sjl.com
www.cintas.com
4.16.47.153
44.240.21.16
52.240.149.243
020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9
12c539a5d3482ab5ed3e3c4da06d66dcd354e5dab3627942d085c051bfd0c1f2
29eb1f1345bc33df66073c31724a535b6570f1f0d364fb3b7158854e5a031b16
72b591b3b9e05fef2af49c6f9d47057131a4e7dee3ae14a431c836a6e544343c
9526aa598d7d670ae6426938c0e91f3d7ab0d8d44c431004ce87a8ed532c7ce9
a83b36690c4b1e38ab33e00897e2a088407217cfbea5d25ea425f713dcb42de7

echo7.bluehornet.com Open in urlscan Pro 44.240.21.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

67 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

430 kBTransfer

436 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

echo7.bluehornet.com Open in urlscan Pro
44.240.21.16 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

430 kB
Transfer

436 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions