links.em.hiddenvalley.com Open in urlscan Pro
13.32.99.3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request MailView Show response links.em.hiddenvalley.com/servlet/	45 KB 7 KB	771ms 590ms	Document text/html	13.32.99.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-3.fra60.r.cloudfront.net Software Apache / Resource Hash 5890cc8427d9cfa50ecc16ba5ab0265cddb2c524f48f2db1e19dbff044f2976e Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html;charset=UTF-8 date Sat, 15 Apr 2023 17:30:25 GMT pragma no-cache server Apache vary Accept-Encoding via 1.1 544814e402956ba93c0a2d2b923e94c2.cloudfront.net (CloudFront) x-amz-cf-id 40zk8rhyOwONYm6hSZ7idUl0U-07jqshDiw2vXjCG_LcWxSaZzl2MQ== x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront x-robots-tag noindex
GET H2	200	css2 fonts.googleapis.com/	20 KB 963 B	299ms 47ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 929ddfb07d86e3e73e9ef469c951a2341e8a69d27f0c1935332d94609414fe28 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 15 Apr 2023 17:30:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 15 Apr 2023 17:30:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 15 Apr 2023 17:30:26 GMT
GET H2	200	css2 fonts.googleapis.com/	11 KB 1 KB	297ms 46ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4d01e2699055e9af1e2a71d0ff3f6344ecf4f06608a5c3a2577e201f173a1b66 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 15 Apr 2023 17:30:26 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 15 Apr 2023 17:30:26 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 15 Apr 2023 17:30:26 GMT
GET H2	200	63ed3615df718-1676490261.9152.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	34 KB 35 KB	241ms 8ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/63ed3615df718-1676490261.9152.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 63bea672973bd727be36e328c3cef8d09e96e793c12c1475c46f2ff8f9115271 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id J0flvo8VgCLzJ8ty.22jneeJN_6zeDSq date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK89KPQHGE2KC1YA age 4702 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 34963 x-amz-id-2 /JTNtmNn0kHnRHnBJc1AmXJK2yIAmo4FUtVoEWacDolqb1LCFm4yNuHq9+HWTCUuuXgicZrhDIk= x-served-by cache-iad-kcgs7200088-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.513527,VS0,VE2 etag "f3f11f1d22e67e0fd56173cfb2284a2e" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 4513, 1
GET H2	200	63eee40b45e79-1676600331.2863.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	393 KB 393 KB	241ms 9ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/63eee40b45e79-1676600331.2863.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 01a4bf1e2b048929fafacdc7e8637106afb122cc85d40b98650c55d2ad0be32a Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id Q9e05IAPZK_NSL_qg4teiOH3irVB2k_D date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id MFRSE7PE4N78M34P age 1519 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 401976 x-amz-id-2 v4Fjzzh9CD1OuXOeJWRmFYE81C0beHSA0sfSXuCHrJLHFDeG0WbdCSdjt34QKO/cOa8Bkd0XpVY= x-served-by cache-iad-kjyo7100042-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.513504,VS0,VE2 etag "15917650dcefa059facf0eb07a3e5c15" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 82321, 1
GET H2	200	60621f3b4e2d3-1617043259.3202.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	9 KB 9 KB	255ms 22ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/60621f3b4e2d3-1617043259.3202.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c6cad2614ec08929a80d27f84f77f3031c74f33068e4ad79f20fe1afac62519b Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id bpa0NaYRj6qp5j3DL_IqpRg3EzItpGqX date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK89ZW3T5BSZQD4Z age 1850 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 8760 x-amz-id-2 llTS8yTifLaz42rBU8fs6HpB++gtaIBPG/H8mZXXLUVKBHm5bMZ/jva7ZH+E9hG0s7ie42pCPyI= x-served-by cache-iad-kjyo7100097-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.514656,VS0,VE1 etag "890c3884e05f9078641ca6460830835b" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 4535, 1
GET H2	200	60621f437bca0-1617043267.507.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	9 KB 9 KB	247ms 15ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/60621f437bca0-1617043267.507.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a5ca2eb86545fa9b993834e5b36e4e64a8849757b911f59d2cb85634fb5d9d31 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id 15DvPwfEVfnNH3Xu307WwbfXGL.xcYhf date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK898427V4PQNDCA age 1850 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 8839 x-amz-id-2 E4M6jzqgIQEch23Bq5G02XJstLmAOiCR178bQPXUIcfUJVnlzvi59plTLf5NXiThLEGHyV0f9Qs= x-served-by cache-iad-kiad7000038-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.514231,VS0,VE1 etag "6bc62a39d1827c06ce111ae90a5c3e0c" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 20957, 1
GET H2	200	60621f4baa447-1617043275.6974.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	9 KB 9 KB	254ms 22ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/60621f4baa447-1617043275.6974.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash d29d9dc9f599f673d528170f6574b06dddb8ccf4b7d850066af14061eddceaa8 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id 5a8edvWllEp9ZQ_NaRUxgN43JanUnWow date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK8AE5JWV7K72RHQ age 1850 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 9404 x-amz-id-2 E+yTfx+24/rhiq9Nf2e7/Q7smQzXu3gH8RZwWiMXuSoZ00cvZpIdOYhN2LLUy5FGR8yBtyQTryk= x-served-by cache-iad-kiad7000028-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.514221,VS0,VE2 etag "51e0b1a1f97a5c6e818653758863ffd3" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 25140, 1
GET H2	200	60621f52cb571-1617043282.8329.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	8 KB 9 KB	254ms 22ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/60621f52cb571-1617043282.8329.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 826065035a8fd0ee30deff02505c1f24a0c4e1644e71da1f2eeea6a4937ec924 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id 5VOgXGpfS3IQiW4RfpWnmBPROUwcapsZ date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK848D03ACWSBJEM age 1850 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 8467 x-amz-id-2 P0RhMjooJHIjFvl47LU5IeOUt4H7B4T7CXGgXs3MTRVTq1gsEA9xSKGS6otH7BIAx+y2B98ME7A= x-served-by cache-iad-kjyo7100156-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.514231,VS0,VE1 etag "4f779700f6e3920dff82493722587f14" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 22548, 1
GET H2	200	63eee7facd21d-1676601338.8402.gif www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	80 KB 81 KB	24ms 23ms	Image image/gif	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/63eee7facd21d-1676601338.8402.gif Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 320ada5cda5d6eaf5fcefb74ad5c5867529a2936c9e9724fc82259c0930b2f45 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id _AZwJiuITSx6obp00F1YfKFY7G2t5EVj date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK8E2G7B3HNC5F1S age 1912 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 82145 x-amz-id-2 UGqsYa4qmhG0FYBAIT2SgYBQXxJiKBFGdlN4EzONPVM3/8OEX6wVsiXvCZm5uqKmZkCM0gH67Vw= x-served-by cache-iad-kcgs7200160-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.529827,VS0,VE6 etag "ce2480af2f7a8a7a9c2a94a6134a736c" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/gif access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 20131, 1
GET H2	200	6057ed77e9f78-1616375159.9583.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	74 KB 75 KB	21ms 21ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/6057ed77e9f78-1616375159.9583.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash ce957c6b786966f65e69dfe8dc92b42f8cfee5f715dccc0d372ea298a7c02130 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id zsDDd5xwTXlxnu66yykwvEzfwolnFGfq date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK83VQHXZGQG9YZ1 age 1912 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 76140 x-amz-id-2 H7KeIgk9F7K8o/OhOs+SREgOW4uYqlcRG9JQa1KD02bAwZRwZwbinHUQTCr7R2n/1wsOG40wKBx3J4AvJ1Dcko/Ec5ZFTrR3Ihzb2bge6f8= x-served-by cache-iad-kjyo7100030-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.529995,VS0,VE2 etag "55b0c273dcb9b79c8dc47f25f96224fa" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 4540, 1
GET H2	200	6057eda6b25d3-1616375206.7306.png www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	50 KB 50 KB	22ms 22ms	Image image/png	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/6057eda6b25d3-1616375206.7306.png Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 95d46b8541284fd11a0c68103aa80b6387abf144e2e76bca374db8763121bd70 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id QsSVwMK5xbmasphBzfy_KJJ3_l.uNk.q date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK8A78ATC132HZHH age 4612 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 51136 x-amz-id-2 aegPKJAVT6viDk0lBD6i21Pyje3Z2F6GgnQECWmQgSwcckx8gP9xZhI5EtrHDfEJYb//d5KHEew= x-served-by cache-iad-kjyo7100020-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.529972,VS0,VE2 etag "67a23ee17681b7bf150a76a13feb198b" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/png access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 4424, 1
GET H/1.1	200 OK	ajl2YWFGL2thS2Jydnl1cHVJQW94T2Jva2d6VHErN0xoc1JCMWVHdTBoV2M2TDJTZUhZY2QzMEdGR1NrcngxaTNRcUJpdGU1cVdGWTNQdmNmUXBuMkRiWkI2Y3RlekVEN1Q2NDlkZDBacnM4TGF0TzAwZkw5UUJHWGViZjVvcXNmeDkwcStYNUptcjNRTWxtOUlrd... open.mkt41.net/eos/v1/	45 B 422 B	333ms 102ms	Image image/gif	18.66.97.83 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://open.mkt41.net/eos/v1/ajl2YWFGL2thS2Jydnl1cHVJQW94T2Jva2d6VHErN0xoc1JCMWVHdTBoV2M2TDJTZUhZY2QzMEdGR1NrcngxaTNRcUJpdGU1cVdGWTNQdmNmUXBuMkRiWkI2Y3RlekVEN1Q2NDlkZDBacnM4TGF0TzAwZkw5UUJHWGViZjVvcXNmeDkwcStYNUptcjNRTWxtOUlrd09PN2dLYnhpRDNLeDFKWFAxU2JoRStxRWRBdUpSczZrQnc9PQS2 Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.66.97.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-97-83.fra56.r.cloudfront.net Software istio-envoy / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sat, 15 Apr 2023 17:30:26 GMT Via 1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront) server istio-envoy X-Amz-Cf-Pop FRA56-P2 X-Cache Miss from cloudfront Content-Type image/gif x-envoy-upstream-service-time 1 Connection keep-alive Content-Length 45 X-Amz-Cf-Id sf-IdAhxF5QpuLl-1VS8nVLDb3cq6WU8UchXuO8HFn6H33cC4Rqpqg==
GET H2	200	61398724437b2-1631160100.2764.jpg www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	38 KB 38 KB	97ms 96ms	Image image/jpeg	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/61398724437b2-1631160100.2764.jpg Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 3f35df5f7e30fc68093aa33fa4a58ad0a6e6069134536d678832264a39c19147 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id 5dLk.CQwqZCccjeMgWZIEV4.Ifha5Ix. date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id NSEB2324S7JE4DSR age 1295 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 38598 x-amz-id-2 pPNO6HUQj2fY1KaVEpM+LXcRMxzFigYiwaixfg/zzjJssEGhgJDqPlvLz4lYftRp+9jgBE6aPic= x-served-by cache-iad-kcgs7200021-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.565030,VS0,VE89 etag "3973890cea456238125717c4fc2fdaa7" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 10885, 1
GET H2	200	61398a58d9090-1631160920.889.jpg www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	122 KB 123 KB	9ms 9ms	Image image/jpeg	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/61398a58d9090-1631160920.889.jpg Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 23db72d37f82326f2461b60cebbf0314c5747acf70e9550aab700ed24f4ea9e4 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id xHhHlzVwxLbII1m.wVS65x3f6S6FfYva date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id BK804WDX7S9VNA0T age 4702 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 125345 x-amz-id-2 4xJG80rF44fOTLMo/e6WK9M4qWUS3jTitqeQ+Ur0FxrnM6kn8KFk7tTAMl4YMOHLmmAbj8g57Ks= x-served-by cache-iad-kcgs7200142-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.565004,VS0,VE1 etag "7d11ee54da154b7e6528ea9bdc0f7bd5" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 4396, 1
GET H2	200	62294b033e701-1646873347.2557.jpg www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/	140 KB 140 KB	206ms 206ms	Image image/jpeg	2a04:4e42:4d::322 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://www.emailimagecdnr7fb.com/g5qnfoctpx/en_us/images/62294b033e701-1646873347.2557.jpg Requested by Host: links.em.hiddenvalley.com URL: https://links.em.hiddenvalley.com/servlet/MailView?ms=NzI3OTk1NjUS1&r=NTcwNjY1NDUxMzQyS0&j=MjM0MDk3NDIzMAS2&mt=1&rt=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a04:4e42:4d::322 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash a4bd9ec559f97b4ad02bc82fba2c20648c57df2c040a58cb951a9203d6e132b7 Security Headers Name Value Strict-Transport-Security max-age=31557600 Request headers accept-language de-DE,de;q=0.9 Referer https://links.em.hiddenvalley.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-amz-version-id omVYZA4LO6KJFY2ZVxQqYjX9PHTn1D.y date Sat, 15 Apr 2023 17:30:26 GMT strict-transport-security max-age=31557600 x-cdn fastly-01, fastly-01 x-amz-request-id V6PM34D2XS92GEH8 age 0 x-amz-server-side-encryption AES256 x-cache HIT, MISS content-length 143275 x-amz-id-2 9iN2mMRuv1IhtZyQiyddgkGLQlVoilm7Tlg77Zn9G9ra2aAGO2ZMLWcAbMwXKFft3ibaSHuTKPo= x-served-by cache-iad-kjyo7100120-IAD, cache-fra-eddf8230086-FRA last-modified Fri, 17 Feb 2023 20:26:20 GMT server AmazonS3 x-timer S1681579827.565323,VS0,VE199 etag "38d68aa18dde7b9b6b5431de6ec37d76" access-control-max-age 3000 access-control-allow-methods GET,HEAD content-type image/jpeg access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes access-control-allow-headers * x-cache-hits 52844, 0
GET H2	200	HTxwL3I-JCGChYJ8VI-L6OO_au7B47b1z3bWuQ.woff2 fonts.gstatic.com/s/barlowcondensed/v12/	21 KB 21 KB	148ms 69ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B47b1z3bWuQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Barlow+Condensed:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8beab59bb49ab049063f8ffe199da96fc4c1ae44799eb4bb999ca7ee07d075bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://links.em.hiddenvalley.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 13:19:23 GMT x-content-type-options nosniff age 360663 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21452 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:33:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 13:19:23 GMT
GET H2	200	7cHqv4kjgoGqM7E3_-gs51os.woff2 fonts.gstatic.com/s/barlow/v12/	20 KB 21 KB	164ms 85ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://links.em.hiddenvalley.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 10:31:14 GMT x-content-type-options nosniff age 370752 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20960 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:18:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 10:31:14 GMT
GET H2	200	7cHqv4kjgoGqM7E3t-4s51os.woff2 fonts.gstatic.com/s/barlow/v12/	21 KB 22 KB	115ms 36ms	Font font/woff2	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Barlow:ital,wght@0,400;0,500;0,600;0,700;0,800;1,400;1,500;1,600;1,700;1,800;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://links.em.hiddenvalley.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Thu, 13 Apr 2023 02:07:58 GMT x-content-type-options nosniff age 228148 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21724 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:29:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Apr 2024 02:07:58 GMT

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
links.em.hiddenvalley.com
open.mkt41.net
www.emailimagecdnr7fb.com
13.32.99.3
18.66.97.83
2a00:1450:4001:827::2003
2a00:1450:4001:82f::200a
2a04:4e42:4d::322
01a4bf1e2b048929fafacdc7e8637106afb122cc85d40b98650c55d2ad0be32a
23db72d37f82326f2461b60cebbf0314c5747acf70e9550aab700ed24f4ea9e4
320ada5cda5d6eaf5fcefb74ad5c5867529a2936c9e9724fc82259c0930b2f45
3f35df5f7e30fc68093aa33fa4a58ad0a6e6069134536d678832264a39c19147
4d01e2699055e9af1e2a71d0ff3f6344ecf4f06608a5c3a2577e201f173a1b66
5890cc8427d9cfa50ecc16ba5ab0265cddb2c524f48f2db1e19dbff044f2976e
63bea672973bd727be36e328c3cef8d09e96e793c12c1475c46f2ff8f9115271
65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
826065035a8fd0ee30deff02505c1f24a0c4e1644e71da1f2eeea6a4937ec924
8beab59bb49ab049063f8ffe199da96fc4c1ae44799eb4bb999ca7ee07d075bd
929ddfb07d86e3e73e9ef469c951a2341e8a69d27f0c1935332d94609414fe28
95d46b8541284fd11a0c68103aa80b6387abf144e2e76bca374db8763121bd70
a4bd9ec559f97b4ad02bc82fba2c20648c57df2c040a58cb951a9203d6e132b7
a5ca2eb86545fa9b993834e5b36e4e64a8849757b911f59d2cb85634fb5d9d31
c6cad2614ec08929a80d27f84f77f3031c74f33068e4ad79f20fe1afac62519b
ce957c6b786966f65e69dfe8dc92b42f8cfee5f715dccc0d372ea298a7c02130
d29d9dc9f599f673d528170f6574b06dddb8ccf4b7d850066af14061eddceaa8
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4