e-in21.gtolink.in Open in urlscan Pro
3.109.77.51 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://e-in21.gtolink.in/t/em/49384/11/afba5efb-0df0-4144-8da2-e62eb11a9eee
Effective URL:
https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-...
Submission: On February 26 via manual (February 26th 2024, 11:02:57 am UTC) from IN — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 3.109.77.51, located in Mumbai, India and belongs to AMAZON-02, US. The main domain is e-in21.gtolink.in.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 20th 2023. Valid for: a year.

This is the only time e-in21.gtolink.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	3.109.77.51 3.109.77.51	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
9	95.216.43.245 95.216.43.245	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
19	6

2 3.109.77.51 (Mumbai, India) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-109-77-51.ap-south-1.compute.amazonaws.com

e-in21.gtolink.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.216.43.245 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.43.216.95.clients.your-server.de

owfekl.stripocdn.email	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	stripocdn.email owfekl.stripocdn.email	287 KB
3	gstatic.com fonts.gstatic.com	59 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	2 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 242	746 B
2	gtolink.in 1 redirects e-in21.gtolink.in	38 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 592	19 KB
19	6

	Domain	Requested by
9	owfekl.stripocdn.email	e-in21.gtolink.in
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	e-in21.gtolink.in
2	bam.nr-data.net	e-in21.gtolink.in
2	e-in21.gtolink.in	1 redirects
1	js-agent.newrelic.com	e-in21.gtolink.in
19	6

This site contains no links.

Subject Issuer	Validity	Valid
*.gtolink.in Amazon RSA 2048 M02	`2023-07-20` - `2024-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.stripocdn.email Sectigo RSA Domain Validation Secure Server CA	`2023-12-01` - `2024-12-09`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee
Frame ID: 6A1B3EEE7DF66FF8F30D864050B6CAD0
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TO Preview 24

Page URL History Show full URLs

https://e-in21.gtolink.in/t/em/49384/11/afba5efb-0df0-4144-8da2-e62eb11a9eee HTTP 302
https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

405 kB
Transfer

509 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://e-in21.gtolink.in/t/em/49384/11/afba5efb-0df0-4144-8da2-e62eb11a9eee HTTP 302
https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request EmailView.aspx Show response
e-in21.gtolink.in/l/
Redirect Chain

https://e-in21.gtolink.in/t/em/49384/11/afba5efb-0df0-4144-8da2-e62eb11a9eee
https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

115 KB
37 KB

407ms
406ms

Document
text/html

3.109.77.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.109.77.51 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-109-77-51.ap-south-1.compute.amazonaws.com
Software: /
Resource Hash: 00680a49e0c2115123d53c9ef46c25878959301c944a43ccb50137c125a4ab97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-length: 37974
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 11:02:52 GMT
vary: Accept-Encoding

Redirect headers

access-control-allow-origin: *
cache-control: private,private,max-age=0
content-length: 337
content-type: text/html; charset=utf-8
date: Mon, 26 Feb 2024 11:02:52 GMT
location: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee
strict-transport-security: max-age=31536000

GET
H2 200 css2
fonts.googleapis.com/ 794 B
798 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Righteous&display=swap

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5e5a9ac8a8293996ac2bbcc605ea27e2771dd8236801de7da91654e07c08d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 11:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 10:59:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 11:02:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
668 B 38ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 11:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 10:25:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 11:02:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ 412 B
390 B 37ms
17ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Notable&display=swap

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5718c74875c3b4cb7231df0feec690236ddd7d63c13d6d59a71cdd86527769a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 26 Feb 2024 11:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:02:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Feb 2024 11:02:53 GMT

GET
H2 200 taxspannerlogo70.png
owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/ 23 KB
23 KB 227ms
123ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/taxspannerlogo70.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

5f976d2b3013063118925a85b2ea7031455faa31542878c97644d204431df7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: 8eVGDtOQzh0jzR9vKlQy3h6KaWuaf6VZ
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 294
content-length: 23302
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 05:39:42 GMT
server: nginx
etag: "3a6f08967b445c805e63b23e1ea43c87"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 70
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: taxspanner-logo-70.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9%2Fimages%2Fstripothumbnailurltaxspannerlogo70.png

GET
H2 200 to_testimonials1.png
owfekl.stripocdn.email/content/guids/CABINET_ee75051ffbf87f44e31c531441ae5996586b52ce0c02b466f39a7e313cc7267b/images/ 140 KB
140 KB 239ms
123ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_ee75051ffbf87f44e31c531441ae5996586b52ce0c02b466f39a7e313cc7267b/images/to_testimonials1.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

e8913536e241c14ef70293145012041a7365834be321bf0086221faecd717d60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: T2Y1hLE.o2QFdyzfzucJCF35AfCDpVEY
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 711
content-length: 142909
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Nov 2023 07:26:03 GMT
server: nginx
etag: "92e1fc3cd4915f7e0bcb4de1e6f3fee5"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 485
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: TO+Testimonials-1.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_ee75051ffbf87f44e31c531441ae5996586b52ce0c02b466f39a7e313cc7267b%2Fimages%2Fstripothumbnailurlto_testimonials1.png

GET
H2 200 to_testimonials2.png
owfekl.stripocdn.email/content/guids/CABINET_ee75051ffbf87f44e31c531441ae5996586b52ce0c02b466f39a7e313cc7267b/images/ 86 KB
87 KB 194ms
78ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_ee75051ffbf87f44e31c531441ae5996586b52ce0c02b466f39a7e313cc7267b/images/to_testimonials2.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

10c904fba218030d70216c6ebd78c52396b71390d7727a54c363d8af8f8d24fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: ND1dJH4Zy.NjswsNq894Oetrrjl1WID4
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 706
content-length: 88361
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Nov 2023 07:26:03 GMT
server: nginx
etag: "7d93858ca64631fd85c56483b2677fb2"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 378
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: TO+Testimonials-2.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_ee75051ffbf87f44e31c531441ae5996586b52ce0c02b466f39a7e313cc7267b%2Fimages%2Fstripothumbnailurlto_testimonials2.png

GET
H2 200 whatsapp256.png
owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/ 10 KB
10 KB 228ms
124ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/whatsapp256.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

cf88500f10dd87da17bbf894f14101f1bcfc7347f884ab38134e2f4cde502bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: 5o0m1VLIFgI0XF0rRMONNBE.cnQwSWzt
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 256
content-length: 9763
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 05:39:42 GMT
server: nginx
etag: "94de8bfe7bb1b418ea2d5eaf7ee1b7ae"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 256
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: whatsapp-256.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9%2Fimages%2Fstripothumbnailurlwhatsapp256.png

GET
H2 200 frame_17575796.png
owfekl.stripocdn.email/content/guids/CABINET_b67cb1b9d2d0938c943f035f230f5d9ece9cdea07b184b1725025e20f69f59ec/images/ 393 B
815 B 227ms
124ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_b67cb1b9d2d0938c943f035f230f5d9ece9cdea07b184b1725025e20f69f59ec/images/frame_17575796.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

839c231f255badeece75772498e4126b57779aecad53a84dd9fa503e1d9306a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: Fw25CkdcGZ0K7OwDF5ZLDsSCBJBOYyqP
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 393
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jan 2023 12:23:15 GMT
server: nginx
etag: "ac7a55c7806eadd3f7ae14fde39cdb07"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Frame+17575796.png

GET
H2 200 frame_17575797.png
owfekl.stripocdn.email/content/guids/CABINET_b67cb1b9d2d0938c943f035f230f5d9ece9cdea07b184b1725025e20f69f59ec/images/ 762 B
1 KB 227ms
124ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_b67cb1b9d2d0938c943f035f230f5d9ece9cdea07b184b1725025e20f69f59ec/images/frame_17575797.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

0f693d76efaa3ef2fa648b75ff4636f431ed362dd91420780f9bca9b846aa112

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: YeY2Whs8MVwvsZR75VD7boO4OFcC.u0H
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 762
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jan 2023 12:23:15 GMT
server: nginx
etag: "0dbe35f89951ae0f27679a4b3fc150f9"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Frame+17575797.png

GET
H2 200 frame_17575798.png
owfekl.stripocdn.email/content/guids/CABINET_b67cb1b9d2d0938c943f035f230f5d9ece9cdea07b184b1725025e20f69f59ec/images/ 969 B
1 KB 68ms
68ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_b67cb1b9d2d0938c943f035f230f5d9ece9cdea07b184b1725025e20f69f59ec/images/frame_17575798.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

372467163ee1bd66b18552ba1075574898c8e747f54d4e8955adb26157dcd0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: _fyjT_EPH3j1kWfvvokiIgBSnbAq14Ko
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 0
content-length: 969
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Jan 2023 12:23:15 GMT
server: nginx
etag: "5a8da5770cce46a17dcde527f90717a6"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 0
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: Frame+17575798.png

GET
H2 200 linkedin256.png
owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/ 7 KB
8 KB 68ms
68ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/linkedin256.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

e3ba1636c4b24b27ecc5c58e0e44fcaa5a90da8155c64c0771787b127ea3870a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: eAIOihjwWfPPK9iiLRLvrHxbEHn_E63g
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 256
content-length: 7534
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 05:39:42 GMT
server: nginx
etag: "0f1d646d1efd909cc0b432f4158ce2b1"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 256
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: linkedIn-256.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9%2Fimages%2Fstripothumbnailurllinkedin256.png

GET
H2 200 taxspannerlogowhite70.png
owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/ 14 KB
15 KB 69ms
69ms Image
image/png 95.216.43.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://owfekl.stripocdn.email/content/guids/CABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9/images/taxspannerlogowhite70.png

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

95.216.43.245 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.245.43.216.95.clients.your-server.de

Software

nginx /

Resource Hash

612dc71b34a48324cca94a7d1b3a7cc5456e004bd4dc66839c33ed59afacaf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
x-amz-version-id: omqM5ouxl9C6y_5jwiy3MqAu7TucUZ4X
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-node-name: cdn7.stripocdn.email
x-cache-status: HIT
x-amz-meta-orgignalwidth: 303
content-length: 14586
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Jan 2024 05:39:42 GMT
server: nginx
etag: "263c3cfa2f16d4ebe3a25973c8e368f0"
x-frame-options: SAMEORIGIN
x-amz-meta-orgignalheigth: 70
content-type: image/png
access-control-allow-origin: *
x-amz-meta-stripooriginalfilename: taxspanner-logo-white-70.png
x-amz-meta-stripothumbnailurl: https%3A%2F%2Fdoc.stripocdn.email%2Fcontent%2Fguids%2FCABINET_cf4cfeb759fc6076ad9529d2c2edd94ddc00ee0a7519ffd5dd1469f82b0d0db9%2Fimages%2Fstripothumbnailurltaxspannerlogowhite70.png

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 35ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e-in21.gtolink.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 534101
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 06:41:12 GMT

GET
H2 200 1cXxaUPXBpj2rGoU7C9WiHGF.woff2
fonts.gstatic.com/s/righteous/v17/ 12 KB
13 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/righteous/v17/1cXxaUPXBpj2rGoU7C9WiHGF.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Righteous&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e-in21.gtolink.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:41:49 GMT
x-content-type-options: nosniff
age: 444064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12608
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:51:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:41:49 GMT

GET
H2 200 gNMEW3N_SIqx-WX9yHQiFQ.woff2
fonts.gstatic.com/s/notable/v18/ 14 KB
14 KB 26ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notable/v18/gNMEW3N_SIqx-WX9yHQiFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Notable&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

079ebd908b701d2016f6b8264b0203a59147d0789689c5b416356eb0724e23e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://e-in21.gtolink.in
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:34:10 GMT
x-content-type-options: nosniff
age: 444523
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14264
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Feb 2025 07:34:10 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
19 KB 28ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1216.min.js

Requested by

Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

x-amz-version-id: MElzWumrf8lREc3kORDlSWHVtEZAK4m8
content-encoding: br
via: 1.1 varnish
date: Mon, 26 Feb 2024 11:02:53 GMT
strict-transport-security: max-age=300
x-amz-request-id: TY9JRGV4PP0WZF1F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 19141
x-amz-id-2: hEx4r1hU0Wtc9uyNqrGzlfmOtUja5/eGieVcA+fwEhwWqw6lxZH8PA35IqgTThXsiATCjwG/mzc=
x-served-by: cache-fra-eddf8230124-FRA
last-modified: Wed, 18 Oct 2023 21:31:16 GMT
server: AmazonS3
x-timer: S1708945373.456015,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 335952

GET
H/1.1 200 c4b2371635 Show response
bam.nr-data.net/1/ 56 B
402 B 473ms
447ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c4b2371635?a=1133621906&v=1216.487a282&to=ZwMAYRBSX0dUBUFfW15JI2YyHFRZVA9ZQF1VEUxUEUNJ&rst=1264&ck=0&ref=https://e-in21.gtolink.in/l/EmailView.aspx&ap=95&be=863&fe=1229&dc=901&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1708945372202,%22n%22:0,%22r%22:0,%22re%22:441,%22f%22:441,%22dn%22:441,%22dne%22:441,%22c%22:441,%22ce%22:441,%22rq%22:442,%22rp%22:848,%22rpe%22:850,%22dl%22:851,%22di%22:901,%22ds%22:901,%22de%22:901,%22dc%22:1229,%22l%22:1229,%22le%22:1230%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=909&fcp=909&jsonp=NREUM.setToken
Requested by: Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 978cb457b9642722b602ab2f8442966b720f56959197ed53553128b628876c99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e-in21.gtolink.in/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 11:02:53 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 56
x-served-by: cache-fra-eddf8230075-FRA

POST
H/1.1 200 c4b2371635 Show response
bam.nr-data.net/events/1/ 24 B
344 B 119ms
117ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/c4b2371635?a=1133621906&v=1216.487a282&to=ZwMAYRBSX0dUBUFfW15JI2YyHFRZVA9ZQF1VEUxUEUNJ&rst=1741&ck=0&ref=https://e-in21.gtolink.in/l/EmailView.aspx
Requested by: Host: e-in21.gtolink.in
URL: https://e-in21.gtolink.in/l/EmailView.aspx?oId=49384&aid=81bc6236-cdb3-4ee6-ab4c-661d8f587e1b&eid=afba5efb-0df0-4144-8da2-e62eb11a9eee
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://e-in21.gtolink.in/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 26 Feb 2024 11:02:54 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://e-in21.gtolink.in
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230075-FRA

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			e-in21.gtolink.in/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: wqqecmhgkqsucnbceifw3vz1
			e-in21.gtolink.in/	1970-01-21 04:18:25	Name: ORG49384 Value: d9f2a835-c512-11eb-b051-02c8554500f4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
e-in21.gtolink.in
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
owfekl.stripocdn.email
151.101.194.137
162.247.243.29
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2003
3.109.77.51
95.216.43.245
00680a49e0c2115123d53c9ef46c25878959301c944a43ccb50137c125a4ab97
079ebd908b701d2016f6b8264b0203a59147d0789689c5b416356eb0724e23e7
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f693d76efaa3ef2fa648b75ff4636f431ed362dd91420780f9bca9b846aa112
10c904fba218030d70216c6ebd78c52396b71390d7727a54c363d8af8f8d24fd
372467163ee1bd66b18552ba1075574898c8e747f54d4e8955adb26157dcd0ab
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5718c74875c3b4cb7231df0feec690236ddd7d63c13d6d59a71cdd86527769a1
5f976d2b3013063118925a85b2ea7031455faa31542878c97644d204431df7bb
612dc71b34a48324cca94a7d1b3a7cc5456e004bd4dc66839c33ed59afacaf24
839c231f255badeece75772498e4126b57779aecad53a84dd9fa503e1d9306a0
978cb457b9642722b602ab2f8442966b720f56959197ed53553128b628876c99
99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
cf88500f10dd87da17bbf894f14101f1bcfc7347f884ab38134e2f4cde502bd3
e3ba1636c4b24b27ecc5c58e0e44fcaa5a90da8155c64c0771787b127ea3870a
e8913536e241c14ef70293145012041a7365834be321bf0086221faecd717d60
f5e5a9ac8a8293996ac2bbcc605ea27e2771dd8236801de7da91654e07c08d39

e-in21.gtolink.in Open in urlscan Pro 3.109.77.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

6 IPs

4 Countries

405 kBTransfer

509 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Indicators

e-in21.gtolink.in Open in urlscan Pro
3.109.77.51 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

405 kB
Transfer

509 kB
Size

2
Cookies

19 HTTP transactions
0 data transactions