echo7.bluehornet.com Open in urlscan Pro
44.228.70.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://echo7.bluehornet.com/p/v68OmF72N4
Effective URL:
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a...
Submission: On October 24 via api (October 24th 2021, 5:02:56 am UTC) from BE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 44.228.70.130, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is echo7.bluehornet.com.

This is the only time echo7.bluehornet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	44.228.70.130 44.228.70.130	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	104.199.50.148 104.199.50.148	15169 (GOOGLE) (GOOGLE)
6	172.67.219.191 172.67.219.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.154.240 172.67.154.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
17	6

4 44.228.70.130 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-70-130.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.50.148 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 148.50.199.104.bc.googleusercontent.com

donipreziosi.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.219.191 (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.154.240 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cg-platform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	netoplaycdn.com cms2.netoplaycdn.com files.netoplaycdn.com	73 KB
4	gstatic.com fonts.gstatic.com	91 KB
4	bluehornet.com 2 redirects echo7.bluehornet.com	13 KB
2	cg-platform.com cdn.cg-platform.com	13 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	donipreziosi.it donipreziosi.it	7 KB
17	6

	Domain	Requested by
4	fonts.gstatic.com	fonts.googleapis.com
4	cms2.netoplaycdn.com	echo7.bluehornet.com
4	echo7.bluehornet.com	2 redirects echo7.bluehornet.com
2	cdn.cg-platform.com	echo7.bluehornet.com
2	files.netoplaycdn.com	echo7.bluehornet.com
2	fonts.googleapis.com	echo7.bluehornet.com
1	donipreziosi.it	echo7.bluehornet.com
17	7

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-18` - `2022-08-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Frame ID: 093167776D21F8A86BEC560CE6082454
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ricevi il tuo bonus di 5 euro senza deposito + bonus aggiuntivo del 100% con il tuo primo deposito fino a 200 euro!

Page URL History Show full URLs

http://echo7.bluehornet.com/p/v68OmF72N4 HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

196 kB
Transfer

226 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://echo7.bluehornet.com/p/v68OmF72N4 HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif HTTP 301
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set email.htm Show response
echo7.bluehornet.com/hostedemail/
Redirect Chain

http://echo7.bluehornet.com/p/v68OmF72N4
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21

32 KB
6 KB

350ms
350ms

Document
text/html

44.228.70.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: HTTP/1.1
Server: 44.228.70.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-70-130.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: e4fc4b729235751df5a6b66e0e6757b965155a38b269d0761a3a259d51bbe806

Request headers

Host: echo7.bluehornet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Cookie: AWSALB=C7R4+n10tVWsGQAHk4Eh78Bj21Lz33GIB6ZwFKTMCDXZ52OBicf0gnM4D+D36AZkrwUx9N2cGP2dRU3kG0WeYEI6A8LAgE84MVJ/QNJ2d8KGyjQw1xORxDVppYFi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 24 Oct 2021 05:02:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 5509
Connection: keep-alive
Set-Cookie: AWSALB=sPe/WDWR6vMx7ZC3t9pSf+Cx6QM35dCTsi8QyA1iL3jpfP9mtszgK11yoq9jEV1KqP2u/SpXa5hNRFCCT/3BETgHjbWr3NRjZNrz/Wntq8iFFNJsaObASAH/nkhu; Expires=Sun, 31 Oct 2021 05:02:51 GMT; Path=/ AWSALBCORS=sPe/WDWR6vMx7ZC3t9pSf+Cx6QM35dCTsi8QyA1iL3jpfP9mtszgK11yoq9jEV1KqP2u/SpXa5hNRFCCT/3BETgHjbWr3NRjZNrz/Wntq8iFFNJsaObASAH/nkhu; Expires=Sun, 31 Oct 2021 05:02:51 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade

Redirect headers

Date: Sun, 24 Oct 2021 05:02:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 20
Connection: keep-alive
Set-Cookie: AWSALB=C7R4+n10tVWsGQAHk4Eh78Bj21Lz33GIB6ZwFKTMCDXZ52OBicf0gnM4D+D36AZkrwUx9N2cGP2dRU3kG0WeYEI6A8LAgE84MVJ/QNJ2d8KGyjQw1xORxDVppYFi; Expires=Sun, 31 Oct 2021 05:02:51 GMT; Path=/ AWSALBCORS=C7R4+n10tVWsGQAHk4Eh78Bj21Lz33GIB6ZwFKTMCDXZ52OBicf0gnM4D+D36AZkrwUx9N2cGP2dRU3kG0WeYEI6A8LAgE84MVJ/QNJ2d8KGyjQw1xORxDVppYFi; Expires=Sun, 31 Oct 2021 05:02:51 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Location: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1

200
OK

Cookie set print_this.gif
echo7.bluehornet.com/two/phase2/bhecho_files/images/
Redirect Chain

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

4 KB
5 KB

169ms
169ms

Image
image/gif

44.228.70.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: HTTP/1.1
Server: 44.228.70.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-228-70-130.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Cookie: AWSALB=HRkenUS96ey83nm129JBvetgQ447I8YuKqsN0xA+67mUuu02I2cMU1xE2ywBb9+9S40Q/UEpnhkRVox9nabqGMmkGaREYRhASiY05VlAYDVUdTLZhjw/RfMSpjCY
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 05:02:52 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 29 Sep 2021 04:21:17 GMT
Server: Apache
ETag: "11c0-5cd1aa9502940"
Vary: X-Forwarded-Proto
Content-Type: image/gif
Set-Cookie: AWSALB=U7NF0nq0S0JmJhDgpIPXICScINZXofAtM0/w1q5W/u654CN31mgSxGENgoGb7cZCH3LTNneCddRTOOewSGX1ed7DT/lQP7nx/Ooug6CkqjrraPrynnWsCA4MM56H; Expires=Sun, 31 Oct 2021 05:02:52 GMT; Path=/ AWSALBCORS=U7NF0nq0S0JmJhDgpIPXICScINZXofAtM0/w1q5W/u654CN31mgSxGENgoGb7cZCH3LTNneCddRTOOewSGX1ed7DT/lQP7nx/Ooug6CkqjrraPrynnWsCA4MM56H; Expires=Sun, 31 Oct 2021 05:02:52 GMT; Path=/; SameSite=None
Cache-Control: max-age=2592000
AMFplus-Ver: 1.4.0.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4544
Expires: Tue, 23 Nov 2021 05:02:52 GMT

Redirect headers

Location: http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif
Date: Sun, 24 Oct 2021 05:02:52 GMT
Connection: keep-alive
Server: Apache
Set-Cookie: AWSALB=HRkenUS96ey83nm129JBvetgQ447I8YuKqsN0xA+67mUuu02I2cMU1xE2ywBb9+9S40Q/UEpnhkRVox9nabqGMmkGaREYRhASiY05VlAYDVUdTLZhjw/RfMSpjCY; Expires=Sun, 31 Oct 2021 05:02:52 GMT; Path=/ AWSALBCORS=HRkenUS96ey83nm129JBvetgQ447I8YuKqsN0xA+67mUuu02I2cMU1xE2ywBb9+9S40Q/UEpnhkRVox9nabqGMmkGaREYRhASiY05VlAYDVUdTLZhjw/RfMSpjCY; Expires=Sun, 31 Oct 2021 05:02:52 GMT; Path=/; SameSite=None
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 40ms
17ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Requested by

Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 04:28:59 GMT
server: ESF
date: Sun, 24 Oct 2021 05:02:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 05:02:52 GMT

GET
H/1.1 200
OK doniPreziosi.png
donipreziosi.it/logos/ 6 KB
7 KB 124ms
14ms Image
image/png 104.199.50.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://donipreziosi.it/logos/doniPreziosi.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: HTTP/1.1
Server: 104.199.50.148 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 148.50.199.104.bc.googleusercontent.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0674e4a26c5d034a7cbaf119e3fbeab42c387c4d8531459f0be5061fb6a5c5b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 24 Oct 2021 05:02:52 GMT
Last-Modified: Tue, 21 Jul 2020 10:15:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "19a9-5aaf0e8474463"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 6569

GET
H2 200 css
fonts.googleapis.com/ 6 KB
739 B 40ms
18ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

e1a263d15446d1a5873173ac4aafb33f51ec0e03ac80957dd642722321aaddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 24 Oct 2021 03:59:41 GMT
server: ESF
date: Sun, 24 Oct 2021 05:02:52 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sun, 24 Oct 2021 05:02:52 GMT

GET
H2 200 Header.jpg
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/en/ 5 KB
6 KB 66ms
21ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/en/Header.jpg
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19403c614ec9fbd62b586d4fa3494b8ae72723c0a93746dac15bb0df6bbb6307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=Tm2W7g==, md5=u8IX2a79vGoRjwaT2/aExg==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3532
x-guploader-uploadid: ADPycdsngZg49J8UaybakCsnfBoRd2irmxzTucrU5WNMGhOpv9bYAQtXgNsvzLBSaUsSKkXiYKQWQ7uEx8ynvLNmvVyiWL3jpQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5461
last-modified: Mon, 07 Jun 2021 11:23:37 GMT
server: cloudflare
etag: "bbc217d9aefdbc6a118f0693dbf684c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8u%2Bg%2Bjd9uTmNFJXKVS%2FnqYJkyd0HrrgrzVvH50U7LMb9QAOY9zDDbcTpphmDdT4aefCjSZtOLQD4hPm5TQqZjwwiJstIz%2BEaL9ovFPKn88BMc94NsZqrpyNtzfExzwYB2%2B3bs6Bbvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623065017555769
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 5461
accept-ranges: bytes
cf-ray: 6a30a7c798e82774-PRG
expires: Sun, 24 Oct 2021 05:04:00 GMT

GET
H2 200 bottom-shadow.png
files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/ 1 KB
2 KB 151ms
96ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/bottom-shadow.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6955b9a94d0b688dae2110ed1e7d0d5cbaa6e6fb9550ba891676f053c527a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=ptMt2A==, md5=82i4VB0QJVmWSErfUNMe9A==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtGXvTTW74kO-xF80VgXlJTyUf-ueqK_QlWZvwpLtHBaRjCfIPKwWZKs859k_h19W4CuEFyu7_LQym0kEuTkk8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1220
last-modified: Sun, 22 Sep 2019 08:18:10 GMT
server: cloudflare
etag: "f368b8541d10255996484adf50d31ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky9l6lvkrkFLfm0u2YFxcj55DE0jD%2FpALDajgAuJUvBomTcJ2AwOfPGFYYzEYP%2F%2FED5JHZ1p8Nl5eD6QHXkq76b2kwfuT9v46fMT5RXVqkMtUECVv1SzTsNHJ5beuu8iSmT7uZBw%2FiY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1569140290261438
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1220
accept-ranges: bytes
cf-ray: 6a30a7c7ad3f4131-PRG
expires: Sun, 24 Oct 2021 06:02:52 GMT

GET
H2 200 circle.png
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/ 14 KB
15 KB 93ms
49ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/circle.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7b922896e1fa5bd2b702deb1b050df79ae133707447660283823e1fe1381f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=5A8GmA==, md5=6oAvghSJaXiwcTNgWsNWUA==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3533
x-guploader-uploadid: ADPycdugFKMHHWGE4m9mdFIvYSUuC7xj475VhwT5RnJQDBCJXE0wKbHfO817Ce-Jw7eNWDfjXdhrazc9EUuCOOr5V-nP1XW1Cg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14400
last-modified: Mon, 07 Jun 2021 11:45:30 GMT
server: cloudflare
etag: "ea802f8214896978b07133605ac35650"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4XEcgwMkLSFlxzgk%2BTCB58mjEQw8bpmfMnL%2BZd%2BAyJ5gR23QoY4fv1o6Zk824x0d66%2Frqoxo229cKbfni9OHsztMgZkb1bP%2BPb0bARV2mqBT72OVaJEUwZWy1LpRpEF%2F1XA%2FgDJ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623066330482971
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 14400
accept-ranges: bytes
cf-ray: 6a30a7c798e92774-PRG
expires: Sun, 24 Oct 2021 05:03:59 GMT

GET
H2 200 top-shadow.png
files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/ 1 KB
2 KB 178ms
123ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/top-shadow.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6e8799feaf280d2b5328b3bfee3624c26fff70cf7314e130dfb1900a099274

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VDyv8A==, md5=telMsJbwSjSjQ7J2SCteWQ==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdu5aJVZ8MhkhZoVUN-vx09G0xn9oTiidppZMcvqoBiWrJdK98i0nTblO2q4h2yhuyDyLyUZGIao31YMH2gFsrs
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1100
last-modified: Sun, 22 Sep 2019 08:18:10 GMT
server: cloudflare
etag: "b5e94cb096f04a34a343b276482b5e59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65f3UJNA%2FpWYr8dAi4KUhk8vriZg3j02ISpVtclKBTtQl0S6f0WzHkSZrieo27KJlGBjPt2JrnxwyVDgtBvE86QREhPp4eYv2OcM7Fwz7Tv3pAuSlu9ZlsVLk1wjRP93NYBjxyKFSEU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1569140290261400
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1100
accept-ranges: bytes
cf-ray: 6a30a7c7ad404131-PRG
expires: Sun, 24 Oct 2021 06:02:52 GMT

GET
H2 200 btn.png
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/ 4 KB
4 KB 66ms
21ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/btn.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3da29d6c6ee7b4ef6b05131a4117f4e29115ee3afc9b74ac566f95fbf3dda872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=SqtdHg==, md5=GAie7Je3njdWZ3I48oTfRw==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3533
x-guploader-uploadid: ADPycdtwl2pNZvgb6RKDp9l620HPnBN4WjyhnqOt2rOezdDLzMTzwYUPQyMt5lVYGJ8rYkOl3stRgYZMuCAsss8q4uk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3938
last-modified: Mon, 07 Jun 2021 11:45:30 GMT
server: cloudflare
etag: "18089eec97b79e3756677238f284df47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JPSvNrVitWD01EDn%2F4HVp1R7xor0Mwty54vW7epM2tg%2FVqzN37rckdKmGRNqKc3GcrZk93qfBjIbgCP61piuihUCU3LeAgDUE2NJPzkcA%2BLFSKGtEhV%2BHZ9Ng5lSR4Ux%2F9kT3UH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623066330486007
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 3938
accept-ranges: bytes
cf-ray: 6a30a7c798ea2774-PRG
expires: Sun, 24 Oct 2021 05:03:59 GMT

GET
H2 200 main.jpg
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/ 43 KB
44 KB 66ms
22ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/main.jpg
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58dda8f0d23619b357ad63dc7b711df36699b2f3645df6a831ed9315993cb657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=HIpUgA==, md5=6iZx3v+v+EhQ5B/GmHa3rQ==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3533
x-guploader-uploadid: ADPycdvvsaCiHznxbjZFJ9eXGPOlRVmnNXyU9FOqeXtd8rJHHDDJGWpLHi0VwQZtEKfziDL-mqXZ_RNg4FgJm525YTM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44324
last-modified: Mon, 07 Jun 2021 11:45:30 GMT
server: cloudflare
etag: "ea2671deffaff84850e41fc69876b7ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zwxZAYdK%2BpeSXyLZHgr88buuvJ01RgWbzziTihRg5fLsOTNLPHClzHMLy8BmwdkJ52YNmCDX5Tv85UUuDBPrK8hIZFMoIHkvcEAe0ILGu3%2FtqsZPV5CD%2FIJfW8IheiP%2BIKVShrESVA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623066330483917
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 44324
accept-ranges: bytes
cf-ray: 6a30a7c798ec2774-PRG
expires: Sun, 24 Oct 2021 05:03:59 GMT

GET
H2 200 sec-IT_trans.png
cdn.cg-platform.com/security/ 4 KB
5 KB 127ms
69ms Image
image/png 172.67.154.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cg-platform.com/security/sec-IT_trans.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.154.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345fc0a66d089b559408d58c8e599c892613843100695852ea7b9cc593ce9575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=AILwIA==, md5=AlFTXwCa2i88++TzKLVHzw==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduetPX8p7m7DWEP44rmZRMm2aC_xR3TOnb5RE_ndODBha52Yp5kxHa2t8XZykOhoeUD02CJyP2rSEb-SHlzT5A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4330
last-modified: Sun, 21 Jul 2019 13:34:30 GMT
server: cloudflare
etag: "0251535f009ada2f3cfbe4f328b547cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNTGDgNNSzNTjfz%2ByN48ZRPbD77kzNBzl3qHAn06c54Fqpz0ZSNhWXDjrDXbzS7wOzW3PoRURDciWBisaw5draAH6yMcnYhe257VrtNlOMemDw4Ru5a8mfjnS6Gy5gYSYZn%2BFTgu"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1563716070671730
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 4330
accept-ranges: bytes
cf-ray: 6a30a7c7eb8a412b-PRG
expires: Sun, 24 Oct 2021 06:02:52 GMT

GET
H2 200 PMs-Italy-desktop.png
cdn.cg-platform.com/payment-methods/ 7 KB
8 KB 104ms
45ms Image
image/png 172.67.154.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cg-platform.com/payment-methods/PMs-Italy-desktop.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.154.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ecc206dd824ad8e1dfb70342067a109b32719024890c431bb4a779f712b5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185533962&ch=823F1A69953B3B6D912609B16ECE3A17&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=68OmF72N4&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=7apZLg==, md5=6///H9PiTlRf7g1Wp3XjGA==
date: Sun, 24 Oct 2021 05:02:52 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdt5GepMY8Z_pEel9oN9KvoYPcnH53L_QiKcdYEMVcFBkkaZj-RgEyPSivaM_RSHvUr9gU93-wp5pEAo-0OWh22lyOG3HA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7397
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: cloudflare
etag: "ebffff1fd3e24e545fee0d56a775e318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ubANp2G88dcjUPOPAKzzetviFROO4ctIFoh8HOgi5B4u6mtpVb80hkX1WtrR5oBI9Wm9M6H8DlZCLjc2bE8%2BKQlW1KVgcDonTrxHv4oq1bpqj8xw0R2Dua6k2c14raVtgereIRpo"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611826890377885
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 7397
accept-ranges: bytes
cf-ray: 6a30a7c7eb8b412b-PRG
expires: Sun, 24 Oct 2021 05:29:31 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 49ms
26ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 05:35:04 GMT
x-content-type-options: nosniff
age: 257268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 05:35:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 30ms
7ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 18 Oct 2021 17:27:37 GMT
x-content-type-options: nosniff
age: 473715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 18 Oct 2022 17:27:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 43ms
21ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:36:17 GMT
x-content-type-options: nosniff
age: 213995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:36:17 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 50ms
28ms Font
font/woff2 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 215901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:04:31 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			echo7.bluehornet.com/	1970-01-19 22:20:56	Name: AWSALB Value: U7NF0nq0S0JmJhDgpIPXICScINZXofAtM0/w1q5W/u654CN31mgSxGENgoGb7cZCH3LTNneCddRTOOewSGX1ed7DT/lQP7nx/Ooug6CkqjrraPrynnWsCA4MM56H

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cg-platform.com
cms2.netoplaycdn.com
donipreziosi.it
echo7.bluehornet.com
files.netoplaycdn.com
fonts.googleapis.com
fonts.gstatic.com
104.199.50.148
142.250.181.227
142.250.184.234
172.67.154.240
172.67.219.191
44.228.70.130
020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9
0674e4a26c5d034a7cbaf119e3fbeab42c387c4d8531459f0be5061fb6a5c5b9
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f7b922896e1fa5bd2b702deb1b050df79ae133707447660283823e1fe1381f9
1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05
19403c614ec9fbd62b586d4fa3494b8ae72723c0a93746dac15bb0df6bbb6307
27f6955b9a94d0b688dae2110ed1e7d0d5cbaa6e6fb9550ba891676f053c527a
345fc0a66d089b559408d58c8e599c892613843100695852ea7b9cc593ce9575
3da29d6c6ee7b4ef6b05131a4117f4e29115ee3afc9b74ac566f95fbf3dda872
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
58dda8f0d23619b357ad63dc7b711df36699b2f3645df6a831ed9315993cb657
8b6e8799feaf280d2b5328b3bfee3624c26fff70cf7314e130dfb1900a099274
a5ecc206dd824ad8e1dfb70342067a109b32719024890c431bb4a779f712b5be
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e1a263d15446d1a5873173ac4aafb33f51ec0e03ac80957dd642722321aaddb0
e4fc4b729235751df5a6b66e0e6757b965155a38b269d0761a3a259d51bbe806

echo7.bluehornet.com Open in urlscan Pro 44.228.70.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

196 kBTransfer

226 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

echo7.bluehornet.com Open in urlscan Pro
44.228.70.130 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

196 kB
Transfer

226 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions