echo7.bluehornet.com Open in urlscan Pro
54.149.239.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://echo7.bluehornet.com/p/vJgZmF72NX
Effective URL:
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a...
Submission: On October 25 via api (October 25th 2021, 6:12:49 pm UTC) from BE — Scanned from DE

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 54.149.239.182, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is echo7.bluehornet.com.

This is the only time echo7.bluehornet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	54.149.239.182 54.149.239.182	16509 (AMAZON-02) (AMAZON-02)
2	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	104.199.50.148 104.199.50.148	15169 (GOOGLE) (GOOGLE)
4	172.67.219.191 172.67.219.191	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.24.167 104.21.24.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.154.240 172.67.154.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
17	7

4 54.149.239.182 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-239-182.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f170.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.50.148 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 148.50.199.104.bc.googleusercontent.com

donipreziosi.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.219.191 (United States)

ASN13335 (CLOUDFLARENET, US)

cms2.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.24.167 (United States)

ASN13335 (CLOUDFLARENET, US)

files.netoplaycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.154.240 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cg-platform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	netoplaycdn.com cms2.netoplaycdn.com files.netoplaycdn.com	73 KB
4	gstatic.com fonts.gstatic.com	91 KB
4	bluehornet.com 2 redirects echo7.bluehornet.com	13 KB
2	cg-platform.com cdn.cg-platform.com	13 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	donipreziosi.it donipreziosi.it	7 KB
17	6

	Domain	Requested by
4	fonts.gstatic.com	fonts.googleapis.com
4	cms2.netoplaycdn.com	echo7.bluehornet.com
4	echo7.bluehornet.com	2 redirects echo7.bluehornet.com
2	cdn.cg-platform.com	echo7.bluehornet.com
2	files.netoplaycdn.com	echo7.bluehornet.com
2	fonts.googleapis.com	echo7.bluehornet.com
1	donipreziosi.it	echo7.bluehornet.com
17	7

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-18` - `2022-08-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Frame ID: 535BF96FFAB22F17556F8826EE4651BB
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ricevi il tuo bonus di 5 euro senza deposito + bonus aggiuntivo del 100% con il tuo primo deposito fino a 200 euro!

Page URL History Show full URLs

http://echo7.bluehornet.com/p/vJgZmF72NX HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=... Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

82 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

196 kB
Transfer

226 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://echo7.bluehornet.com/p/vJgZmF72NX HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif HTTP 301
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set email.htm Show response
echo7.bluehornet.com/hostedemail/
Redirect Chain

http://echo7.bluehornet.com/p/vJgZmF72NX
http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21

32 KB
6 KB

370ms
369ms

Document
text/html

54.149.239.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: HTTP/1.1
Server: 54.149.239.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-239-182.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: eaa6c115b14f38ab1e447ed19ffa30ac11fef797e6ba579eca85fa965a53bee4

Request headers

Host: echo7.bluehornet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Cookie: AWSALB=zcd8WsTFDlYFY65XOLG2dZP3BwTEQYC95l7vhDWKnIA1aqVT97ANKOWe5c5EvcNV45aYMU5KZGfebBcsk9EI6gZv85auYTgdA4OTkWKEQSnVNZfMhIfDY7ygfjsF
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Mon, 25 Oct 2021 18:12:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 5509
Connection: keep-alive
Set-Cookie: AWSALB=TShQCoIWADEmOSyNYv8O/CJ0wyLCRwuxCyuroAeYI8rQnejNGH/J2Q4jIFPZ3cQ9xthPDWpzRsKX0THS56PdE0YE3uDNhkKVYmevdJQyk0aKdXummMQY5OxtYKEl; Expires=Mon, 01 Nov 2021 18:12:43 GMT; Path=/ AWSALBCORS=TShQCoIWADEmOSyNYv8O/CJ0wyLCRwuxCyuroAeYI8rQnejNGH/J2Q4jIFPZ3cQ9xthPDWpzRsKX0THS56PdE0YE3uDNhkKVYmevdJQyk0aKdXummMQY5OxtYKEl; Expires=Mon, 01 Nov 2021 18:12:43 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade

Redirect headers

Date: Mon, 25 Oct 2021 18:12:43 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 20
Connection: keep-alive
Set-Cookie: AWSALB=zcd8WsTFDlYFY65XOLG2dZP3BwTEQYC95l7vhDWKnIA1aqVT97ANKOWe5c5EvcNV45aYMU5KZGfebBcsk9EI6gZv85auYTgdA4OTkWKEQSnVNZfMhIfDY7ygfjsF; Expires=Mon, 01 Nov 2021 18:12:43 GMT; Path=/ AWSALBCORS=zcd8WsTFDlYFY65XOLG2dZP3BwTEQYC95l7vhDWKnIA1aqVT97ANKOWe5c5EvcNV45aYMU5KZGfebBcsk9EI6gZv85auYTgdA4OTkWKEQSnVNZfMhIfDY7ygfjsF; Expires=Mon, 01 Nov 2021 18:12:43 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Location: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1

200
OK

Cookie set print_this.gif
echo7.bluehornet.com/two/phase2/bhecho_files/images/
Redirect Chain

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

4 KB
5 KB

182ms
182ms

Image
image/gif

54.149.239.182
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: HTTP/1.1
Server: 54.149.239.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-239-182.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Cookie: AWSALB=aT3iRiZ3SmTZDH7QBlgiPNCjCJTKweyISMyDYoRd14p1U/9OqH3IYVcies/QegPKw5sLFDkHwX44/0+KpZFI6k/g2yIFL/eNzs8JNHQ8DRjtUc9ISv9ijiV+cEgw
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 18:12:44 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 29 Sep 2021 04:21:17 GMT
Server: Apache
ETag: "11c0-5cd1aa9502940"
Vary: X-Forwarded-Proto
Content-Type: image/gif
Set-Cookie: AWSALB=GnSCLqWcEWjGEW8An9WF+V1UkjzG4189NVdyh8045QrgxLItZKHhu34IPTKDlrVNxFJBbFVBFk9Kx/K0wPMYm/JX2ROijYH5hzKxoSyL4dhDnix7GfM9CNN7KoPe; Expires=Mon, 01 Nov 2021 18:12:44 GMT; Path=/ AWSALBCORS=GnSCLqWcEWjGEW8An9WF+V1UkjzG4189NVdyh8045QrgxLItZKHhu34IPTKDlrVNxFJBbFVBFk9Kx/K0wPMYm/JX2ROijYH5hzKxoSyL4dhDnix7GfM9CNN7KoPe; Expires=Mon, 01 Nov 2021 18:12:44 GMT; Path=/; SameSite=None
Cache-Control: max-age=2592000
AMFplus-Ver: 1.4.0.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4544
Expires: Wed, 24 Nov 2021 18:12:44 GMT

Redirect headers

Location: http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif
Date: Mon, 25 Oct 2021 18:12:44 GMT
Connection: keep-alive
Server: Apache
Set-Cookie: AWSALB=aT3iRiZ3SmTZDH7QBlgiPNCjCJTKweyISMyDYoRd14p1U/9OqH3IYVcies/QegPKw5sLFDkHwX44/0+KpZFI6k/g2yIFL/eNzs8JNHQ8DRjtUc9ISv9ijiV+cEgw; Expires=Mon, 01 Nov 2021 18:12:44 GMT; Path=/ AWSALBCORS=aT3iRiZ3SmTZDH7QBlgiPNCjCJTKweyISMyDYoRd14p1U/9OqH3IYVcies/QegPKw5sLFDkHwX44/0+KpZFI6k/g2yIFL/eNzs8JNHQ8DRjtUc9ISv9ijiV+cEgw; Expires=Mon, 01 Nov 2021 18:12:44 GMT; Path=/; SameSite=None
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 71ms
27ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Requested by

Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 16:39:08 GMT
server: ESF
date: Mon, 25 Oct 2021 18:12:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 18:12:44 GMT

GET
H/1.1 200
OK doniPreziosi.png
donipreziosi.it/logos/ 6 KB
7 KB 112ms
27ms Image
image/png 104.199.50.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://donipreziosi.it/logos/doniPreziosi.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: HTTP/1.1
Server: 104.199.50.148 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 148.50.199.104.bc.googleusercontent.com
Software: Apache/2.4.10 (Debian) /
Resource Hash: 0674e4a26c5d034a7cbaf119e3fbeab42c387c4d8531459f0be5061fb6a5c5b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 25 Oct 2021 18:12:44 GMT
Last-Modified: Tue, 21 Jul 2020 10:15:49 GMT
Server: Apache/2.4.10 (Debian)
ETag: "19a9-5aaf0e8474463"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=10, max=1000
Content-Length: 6569

GET
H2 200 css
fonts.googleapis.com/ 6 KB
739 B 71ms
27ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,900

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

e1a263d15446d1a5873173ac4aafb33f51ec0e03ac80957dd642722321aaddb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 17:02:43 GMT
server: ESF
date: Mon, 25 Oct 2021 18:12:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Mon, 25 Oct 2021 18:12:44 GMT

GET
H2 200 Header.jpg
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/en/ 5 KB
6 KB 318ms
104ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/en/Header.jpg
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19403c614ec9fbd62b586d4fa3494b8ae72723c0a93746dac15bb0df6bbb6307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=Tm2W7g==, md5=u8IX2a79vGoRjwaT2/aExg==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3473
x-guploader-uploadid: ADPycduZ9YgbuEtnw1xp6qxQ01B2K1diBj99EaOG2Pg0gjlk2xvb5OYlPPng70RL3IBkt6eT1hfS-UTDJEdE_HCnjM9bsEzcKA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5461
last-modified: Mon, 07 Jun 2021 11:23:37 GMT
server: cloudflare
etag: "bbc217d9aefdbc6a118f0693dbf684c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC%2Fs0QmI6em8dxQGKzAtLZf2Ql8rk2QmEFQeAY0WXFQWKNwGVEWXeQTA%2F66OaWacmPQgMgWGMKmeKRokylqT%2FLXEzNJvb6l%2BDRK9LSmYcCWu0KMDQ2UR6im8Oaw%2FZWdSl5%2FzRJj7%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623065017555769
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 5461
accept-ranges: bytes
cf-ray: 6a3d6a3198d75973-IAD
expires: Mon, 25 Oct 2021 18:14:51 GMT

GET
H2 200 bottom-shadow.png
files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/ 1 KB
2 KB 80ms
32ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/bottom-shadow.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f6955b9a94d0b688dae2110ed1e7d0d5cbaa6e6fb9550ba891676f053c527a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=ptMt2A==, md5=82i4VB0QJVmWSErfUNMe9A==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1139
x-guploader-uploadid: ADPycdtnBr5xWekzAPCjsNw0spXNlx1mXToXwY9-zHo3Qti_YERWpHoUHBa_0DnxDUtXzcQKghLO1ZhLCjQK1vXrT2wNXBj6rw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1220
last-modified: Sun, 22 Sep 2019 08:18:10 GMT
server: cloudflare
etag: "f368b8541d10255996484adf50d31ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mz5i0FvU0LD47FATKqvKLPR6CltJlZ%2Fvu9CjdprkDWmFFA3VpKHuboroDe7%2B0LVqiYdGfGGm93nZgq8tGew5FEIBy1IjxhgMdK0WHSRxbbPUEQU%2Fss7knKSZCmmOw4%2Fui3s2Pu4VhUs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1569140290261438
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1220
accept-ranges: bytes
cf-ray: 6a3d6a304abc3bc2-CDG
expires: Mon, 25 Oct 2021 18:53:45 GMT

GET
H2 200 circle.png
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/ 14 KB
15 KB 422ms
208ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/circle.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f7b922896e1fa5bd2b702deb1b050df79ae133707447660283823e1fe1381f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=5A8GmA==, md5=6oAvghSJaXiwcTNgWsNWUA==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3473
x-guploader-uploadid: ADPycdv-nfzXYakm850zK2ELfHbyLfJeoUFBvKPqcSqUH2AMLAyjgHA1YyfBN44A60mY1feiE9pIcvUhUa4ZMQmy4tjHPLz75g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14400
last-modified: Mon, 07 Jun 2021 11:45:30 GMT
server: cloudflare
etag: "ea802f8214896978b07133605ac35650"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcDRwTzco%2BvF7lg0uWkhrkm4w%2F7CqCesTsIqhxwpuX%2F5AROKKJPvUWJkAUxA3Dq5uOQO16NbQCFMbH%2B97QYqSGPnHCcFIYCE6S6HM5wp11PHi4I%2B91Msz5s9g1OMFHtTtOrL8SHPhA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623066330482971
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 14400
accept-ranges: bytes
cf-ray: 6a3d6a3198db5973-IAD
expires: Mon, 25 Oct 2021 17:52:43 GMT

GET
H2 200 top-shadow.png
files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/ 1 KB
2 KB 74ms
26ms Image
image/png 104.21.24.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.netoplaycdn.com/mailers/affiliates/gratorama/generic-slot/top-shadow.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.167 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6e8799feaf280d2b5328b3bfee3624c26fff70cf7314e130dfb1900a099274

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=VDyv8A==, md5=telMsJbwSjSjQ7J2SCteWQ==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 268
x-guploader-uploadid: ADPycduWINT7jjtkvIrU_Ey8Ro9caB1ByfuatiPLVxSq9O_bYZzuX_53-A1bfGzCrVONL4hBRlmhYQ1KxWHdKq-AI0o
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1100
last-modified: Sun, 22 Sep 2019 08:18:10 GMT
server: cloudflare
etag: "b5e94cb096f04a34a343b276482b5e59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCZ%2BLyNcmSP9PNZ8%2FMh1kLu0%2F7S%2FsHtF%2FDoA2zPWxfMh8FyEvlnCzsSeDXF9o0nfJN%2Ft9lbC9YJlq3RLPK9DDUOCZ3Y51ZTx1dS%2BUuxBY3Uk6cgSmNkcedDMG5VKsIuUzaw3FuOIRNA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1569140290261400
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 1100
accept-ranges: bytes
cf-ray: 6a3d6a304ac33bc2-CDG
expires: Mon, 25 Oct 2021 19:08:16 GMT

GET
H2 200 btn.png
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/ 4 KB
4 KB 417ms
203ms Image
image/png 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/btn.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3da29d6c6ee7b4ef6b05131a4117f4e29115ee3afc9b74ac566f95fbf3dda872

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=SqtdHg==, md5=GAie7Je3njdWZ3I48oTfRw==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3473
x-guploader-uploadid: ADPycdtAwpiQsmBODmSHexYBuPPkVg8U7ig0ElgO9fXCcmJjFefm0AZoKIYolSk9ZjSAtf1Fd77ed7R0LEzoMamaHih8ppVqEA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3938
last-modified: Mon, 07 Jun 2021 11:45:30 GMT
server: cloudflare
etag: "18089eec97b79e3756677238f284df47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzS1YTpWj5jd2qV%2FodQGoMx1NYn5L9yRMDse73x22jyelZwtStuxav4vDJvQa1b%2FN8nIRQZnZCjultnbrbfq9%2BmacGubOFiEuw4%2B53fXg2oMmtnrgwOvVZGwadlTv%2FbfFUJIA6FNvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623066330486007
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 3938
accept-ranges: bytes
cf-ray: 6a3d6a3198dc5973-IAD
expires: Mon, 25 Oct 2021 17:52:43 GMT

GET
H2 200 main.jpg
cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/ 43 KB
44 KB 318ms
104ms Image
image/jpeg 172.67.219.191
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms2.netoplaycdn.com/Mailers/winspark/wildLeprechaun/it/euro/main.jpg
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.219.191 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58dda8f0d23619b357ad63dc7b711df36699b2f3645df6a831ed9315993cb657

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=HIpUgA==, md5=6iZx3v+v+EhQ5B/GmHa3rQ==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3473
x-guploader-uploadid: ADPycduYnuSCPtQzen6zfaW_XDBefa32lexULIV7GjIZtZCKYOMmgAjCyRROHdRqAXLPvfQytSfeMGhl2QZuPUuNEmS14vjNsw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44324
last-modified: Mon, 07 Jun 2021 11:45:30 GMT
server: cloudflare
etag: "ea2671deffaff84850e41fc69876b7ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qZO%2BZVd3sDjkE2VMTkjaR7NbJh40LmIup8bKPjaCkADdPcGLu5tkF4qJN61YybdqvmJdNTM2DhcZF5FM3EIN45z9blwy%2FpPeNufR%2Bl3ct7BqcO3WGkvjkrMy6BVIZmk%2Bd8elpcVJOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623066330483917
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 44324
accept-ranges: bytes
cf-ray: 6a3d6a3198e05973-IAD
expires: Mon, 25 Oct 2021 17:52:43 GMT

GET
H2 200 sec-IT_trans.png
cdn.cg-platform.com/security/ 4 KB
5 KB 61ms
23ms Image
image/png 172.67.154.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cg-platform.com/security/sec-IT_trans.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.154.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 345fc0a66d089b559408d58c8e599c892613843100695852ea7b9cc593ce9575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=AILwIA==, md5=AlFTXwCa2i88++TzKLVHzw==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 610
x-guploader-uploadid: ADPycdstS5-Sr6syPG8rZa80mSfXd_IRHsMAr8iNUyrsdIEcVNnf5hSY5__IUunjl6wf_Uhu-4HR0bodIoPRruM5XoxFbe3HZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4330
last-modified: Sun, 21 Jul 2019 13:34:30 GMT
server: cloudflare
etag: "0251535f009ada2f3cfbe4f328b547cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYxq2fuyS3uwon5rdR%2BHkxV3msVOCTV8Pdtc%2FQRZQ36Ny00eQWG5A8Z3kcuPu1tFznekjvvexAGe2bpQc4aYNS4RjvrGbxnX%2FdJ1xifJVKCvT71QUDuCqKtwWbDAZ%2BYU3KoOpwUN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1563716070671730
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 4330
accept-ranges: bytes
cf-ray: 6a3d6a30aae33a93-CDG
expires: Mon, 25 Oct 2021 19:02:34 GMT

GET
H2 200 PMs-Italy-desktop.png
cdn.cg-platform.com/payment-methods/ 7 KB
8 KB 79ms
41ms Image
image/png 172.67.154.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.cg-platform.com/payment-methods/PMs-Italy-desktop.png
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.154.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5ecc206dd824ad8e1dfb70342067a109b32719024890c431bb4a779f712b5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=44185532415&ch=805169521B8C86AB334908FB2643C0B0&h=ac3578fdee716d5f7f3a2bb0d7d224cc&ei=JgZmF72NX&st=23-OCT-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=7apZLg==, md5=6///H9PiTlRf7g1Wp3XjGA==
date: Mon, 25 Oct 2021 18:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1561
x-guploader-uploadid: ADPycdufgpXUujkkuKAT3gIJR3wQwQZuxsnME-2cATLdibz98-CAYvOkXpBERRlOR2psr7j4sPeQaaNStYDi-Jg4C1c
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7397
last-modified: Thu, 28 Jan 2021 09:41:30 GMT
server: cloudflare
etag: "ebffff1fd3e24e545fee0d56a775e318"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4rgUhHZfZ%2BWZzTNaj%2BaNjKsBK5odzr7TWkOvu5%2F9tr%2FazbheSqvZfoxLwWe8BwnoVFSsC1T6HKnqavTYBc35FjA%2B95HIxcnLBvF%2FhqYrAUV%2Bfcq7hY5LT4CUIsSfuVU%2FRy0Rh7DH"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611826890377885
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 7397
accept-ranges: bytes
cf-ray: 6a3d6a30aae43a93-CDG
expires: Mon, 25 Oct 2021 18:46:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 97ms
47ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 02:15:41 GMT
x-content-type-options: nosniff
age: 403023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15724
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 02:15:41 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 71ms
21ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 16:31:41 GMT
x-content-type-options: nosniff
age: 438063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Oct 2022 16:31:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 88ms
39ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 01:55:14 GMT
x-content-type-options: nosniff
age: 317850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 01:55:14 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 107ms
58ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://echo7.bluehornet.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 18:26:14 GMT
x-content-type-options: nosniff
age: 344790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 18:26:14 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			echo7.bluehornet.com/	1970-01-19 22:23:10	Name: AWSALB Value: GnSCLqWcEWjGEW8An9WF+V1UkjzG4189NVdyh8045QrgxLItZKHhu34IPTKDlrVNxFJBbFVBFk9Kx/K0wPMYm/JX2ROijYH5hzKxoSyL4dhDnix7GfM9CNN7KoPe

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cg-platform.com
cms2.netoplaycdn.com
donipreziosi.it
echo7.bluehornet.com
files.netoplaycdn.com
fonts.googleapis.com
fonts.gstatic.com
104.199.50.148
104.21.24.167
142.250.186.99
172.67.154.240
172.67.219.191
216.58.212.170
54.149.239.182
020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9
0674e4a26c5d034a7cbaf119e3fbeab42c387c4d8531459f0be5061fb6a5c5b9
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f7b922896e1fa5bd2b702deb1b050df79ae133707447660283823e1fe1381f9
1541f1f36a00c93fe07fc6d90d9ddded61e111aebebb7942752b1f7e84f29a05
19403c614ec9fbd62b586d4fa3494b8ae72723c0a93746dac15bb0df6bbb6307
27f6955b9a94d0b688dae2110ed1e7d0d5cbaa6e6fb9550ba891676f053c527a
345fc0a66d089b559408d58c8e599c892613843100695852ea7b9cc593ce9575
3da29d6c6ee7b4ef6b05131a4117f4e29115ee3afc9b74ac566f95fbf3dda872
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
58dda8f0d23619b357ad63dc7b711df36699b2f3645df6a831ed9315993cb657
8b6e8799feaf280d2b5328b3bfee3624c26fff70cf7314e130dfb1900a099274
a5ecc206dd824ad8e1dfb70342067a109b32719024890c431bb4a779f712b5be
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e1a263d15446d1a5873173ac4aafb33f51ec0e03ac80957dd642722321aaddb0
eaa6c115b14f38ab1e447ed19ffa30ac11fef797e6ba579eca85fa965a53bee4

echo7.bluehornet.com Open in urlscan Pro 54.149.239.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

196 kBTransfer

226 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

echo7.bluehornet.com Open in urlscan Pro
54.149.239.182 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

196 kB
Transfer

226 kB
Size

1
Cookies

17 HTTP transactions
0 data transactions