echo7.bluehornet.com Open in urlscan Pro
34.210.169.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://echo7.bluehornet.com/p/vJmSK4JuNI
Effective URL:
http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5...
Submission: On March 20 via api (March 20th 2021, 5:18:01 am UTC) from BE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 14 HTTP transactions. The main IP is 34.210.169.53, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is echo7.bluehornet.com.

This is the only time echo7.bluehornet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	34.210.169.53 34.210.169.53	16509 (AMAZON-02) (AMAZON-02)
1	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	81.31.156.40 81.31.156.40	47242 (COLTENGIN...) (COLTENGINE COLTENGINE Network)
1 2	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
1 2	34.253.72.70 34.253.72.70	16509 (AMAZON-02) (AMAZON-02)
1	2001:41d0:301... 2001:41d0:301:3::28	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
14	9

4 34.210.169.53 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-169-53.us-west-2.compute.amazonaws.com

echo7.bluehornet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 81.31.156.40 (Italy)

ASN47242 (COLTENGINE COLTENGINE Network, IT)

www.vidmotion.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.174.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

loud.dideloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.72.70 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-72-70.eu-west-1.compute.amazonaws.com

tracking.tuttooa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:301:3::28 (France)

ASN16276 (OVH, FR)

windtre.trackdem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	bluehornet.com 2 redirects echo7.bluehornet.com	10 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	vidmotion.it www.vidmotion.it	615 KB
2	tuttooa.com 1 redirects tracking.tuttooa.com	2 KB
2	dideloud.com 1 redirects loud.dideloud.com	2 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	trackdem.com windtre.trackdem.com
1	fontawesome.com use.fontawesome.com	13 KB
14	8

	Domain	Requested by
4	echo7.bluehornet.com	2 redirects echo7.bluehornet.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.vidmotion.it	echo7.bluehornet.com
2	tracking.tuttooa.com	1 redirects echo7.bluehornet.com
2	loud.dideloud.com	1 redirects echo7.bluehornet.com
2	fonts.googleapis.com	echo7.bluehornet.com
1	windtre.trackdem.com	echo7.bluehornet.com
1	use.fontawesome.com	echo7.bluehornet.com
14	8

This site contains no links.

Subject Issuer	Validity	Valid
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
vidmotion.it R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
tracking.tuttooa.com Amazon	`2020-07-02` - `2021-08-02`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Frame ID: 721F61E5D3976A126FC6FE309C0FA86C
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://echo7.bluehornet.com/p/vJmSK4JuNI HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Page Statistics

14
Requests

71 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

9
IPs

5
Countries

686 kB
Transfer

742 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://echo7.bluehornet.com/p/vJmSK4JuNI HTTP 302
http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif HTTP 301
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

Request Chain 7

http://loud.dideloud.com/aff_c?offer_id=2706&aff_id=1&file_id=4501&aff_sub=OfferteinLove HTTP 302
https://tracking.tuttooa.com/aff_c?offer_id=1681&aff_id=2115&file_id=691&aff_sub=OfferteinLove&aff_sub5=10242bc4ec9e631a83245ea23f33ca HTTP 302
http://windtre.trackdem.com/?nombre=&apellidos=&email=&affID=2115&utm_content=1023140c5f8559f2a8adeff2a6a312

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set email.htm Show response
echo7.bluehornet.com/hostedemail/
Redirect Chain

http://echo7.bluehornet.com/p/vJmSK4JuNI
http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21

13 KB
4 KB

373ms
373ms

Document
text/html

34.210.169.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Protocol: HTTP/1.1
Server: 34.210.169.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-169-53.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: c7ee1437e938608348ea4fe11831a2170e57648cec1e1d68be0856e05d98bf21

Request headers

Host: echo7.bluehornet.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: AWSALB=eRtrJc/rCRPjAv0OmmsRXFLnIvG2+99gABwBqV0cqV7tKLqRAA7nGaUlmtbHVtGDpi8jTdyjXXXJc4bIVa2TKO7p2u9nQR7LS/Gi41keUupx7zcMdSdYtrYSdwLV
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:17:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2921
Connection: keep-alive
Set-Cookie: AWSALB=1pYNOcOpBAnvjwTWh1AQYp+fOsQMghEWugSByJrxjDxjwxu8VxcZF1Fy6x+XVc4li4nkR+eJqrVFe3/exOAu8djD0fxczE9bH3Pob8+E4AkShzqheNycq+/L7qlj; Expires=Sat, 27 Mar 2021 05:17:40 GMT; Path=/ AWSALBCORS=1pYNOcOpBAnvjwTWh1AQYp+fOsQMghEWugSByJrxjDxjwxu8VxcZF1Fy6x+XVc4li4nkR+eJqrVFe3/exOAu8djD0fxczE9bH3Pob8+E4AkShzqheNycq+/L7qlj; Expires=Sat, 27 Mar 2021 05:17:40 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade

Redirect headers

Date: Sat, 20 Mar 2021 05:17:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 20
Connection: keep-alive
Set-Cookie: AWSALB=eRtrJc/rCRPjAv0OmmsRXFLnIvG2+99gABwBqV0cqV7tKLqRAA7nGaUlmtbHVtGDpi8jTdyjXXXJc4bIVa2TKO7p2u9nQR7LS/Gi41keUupx7zcMdSdYtrYSdwLV; Expires=Sat, 27 Mar 2021 05:17:40 GMT; Path=/ AWSALBCORS=eRtrJc/rCRPjAv0OmmsRXFLnIvG2+99gABwBqV0cqV7tKLqRAA7nGaUlmtbHVtGDpi8jTdyjXXXJc4bIVa2TKO7p2u9nQR7LS/Gi41keUupx7zcMdSdYtrYSdwLV; Expires=Sat, 27 Mar 2021 05:17:40 GMT; Path=/; SameSite=None
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Location: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade

GET
H/1.1

200
OK

print_this.gif
echo7.bluehornet.com/two/phase2/bhecho_files/images/
Redirect Chain

http://echo7.bluehornet.com/phase2/bhecho_files/images/print_this.gif
http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif

4 KB
5 KB

184ms
183ms

Image
image/gif

34.210.169.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Protocol: HTTP/1.1
Server: 34.210.169.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-169-53.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 20 Mar 2021 05:17:41 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 26 Feb 2021 14:25:26 GMT
Server: Apache
ETag: "11c0-5bc3e0a0a6180"
Vary: X-Forwarded-Proto
Content-Type: image/gif
Cache-Control: max-age=2592000
AMFplus-Ver: 1.4.0.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4544
Expires: Mon, 19 Apr 2021 05:17:41 GMT

Redirect headers

Location: http://echo7.bluehornet.com/two/phase2/bhecho_files/images/print_this.gif
Date: Sat, 20 Mar 2021 05:17:40 GMT
Server: Apache
Connection: keep-alive
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
13 KB 28ms
26ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Origin: http://echo7.bluehornet.com
Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:17:40 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 16:48:32 GMT
server: NetDNA-cache/2.2
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
695 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;700;900&display=swap

Requested by

Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a1567c1550d9254c04eaeb4a0be4a40eeda5f8cc79a7e4185266ea10965f99e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 04:51:21 GMT
server: ESF
date: Sat, 20 Mar 2021 05:17:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Mar 2021 05:17:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
726 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fe5d7b929d5aa92a807001a2a617c16d0ba546095c4933dd7d319668ac8dc1a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 05:17:40 GMT
server: ESF
date: Sat, 20 Mar 2021 05:17:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 20 Mar 2021 05:17:40 GMT

GET
H2 200 logo-windtre.png
www.vidmotion.it/clienti/Landing/img/ 54 KB
54 KB 304ms
121ms Image
image/png 81.31.156.40
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vidmotion.it/clienti/Landing/img/logo-windtre.png

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

81.31.156.40 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),

Reverse DNS

Software

Resource Hash

e24ba860977a4a2f7dcaa159d81e50806ec5ecf5cef24b0abec3338c40a1cbf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:17:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 10:05:40 GMT
etag: "d610-6045f6f4-8f1fe3a7d9bfd83e;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
vary: User-Agent
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 54800
x-xss-protection: 1; mode=block
expires: Sat, 27 Mar 2021 05:17:40 GMT

GET
H2 200 logo-tqn.png
www.vidmotion.it/clienti/Landing/img/ 303 KB
303 KB 356ms
174ms Image
image/png 81.31.156.40
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vidmotion.it/clienti/Landing/img/logo-tqn.png

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

81.31.156.40 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),

Reverse DNS

Software

Resource Hash

cc91c406793d9d505e007422d7b6524d2fa051a7d9f64d0025b5666a1acc351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:17:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 10:05:39 GMT
etag: "4bce1-6045f6f3-a9df3b214948ec91;;;"
x-frame-options: SAMEORIGIN
content-type: image/png
vary: User-Agent
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 310497
x-xss-protection: 1; mode=block
expires: Sat, 27 Mar 2021 05:17:40 GMT

GET
H2 200 ipad-ragazza-3.jpg
www.vidmotion.it/clienti/Landing/img/ 257 KB
257 KB 356ms
174ms Image
image/jpeg 81.31.156.40
COLTENGINE COLTEN...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.vidmotion.it/clienti/Landing/img/ipad-ragazza-3.jpg

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

81.31.156.40 , Italy, ASN47242 (COLTENGINE COLTENGINE Network, IT),

Reverse DNS

Software

Resource Hash

b6b75c8a05fddb0274e57c0adca77b6d67d403afd6ee4b535538289315abde01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 05:17:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Mar 2021 17:51:06 GMT
etag: "403d8-604a588a-9fa532f28ec09351;;;"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
vary: User-Agent
cache-control: public, max-age=604800
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 263128
x-xss-protection: 1; mode=block
expires: Sat, 27 Mar 2021 05:17:40 GMT

GET
H/1.1

200
OK

/
windtre.trackdem.com/
Redirect Chain

http://loud.dideloud.com/aff_c?offer_id=2706&aff_id=1&file_id=4501&aff_sub=OfferteinLove
https://tracking.tuttooa.com/aff_c?offer_id=1681&aff_id=2115&file_id=691&aff_sub=OfferteinLove&aff_sub5=10242bc4ec9e631a83245ea23f33ca
http://windtre.trackdem.com/?nombre=&apellidos=&email=&affID=2115&utm_content=1023140c5f8559f2a8adeff2a6a312

0
0

53ms
18ms

Image
text/html

2001:41d0:301:3::28
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://windtre.trackdem.com/?nombre=&apellidos=&email=&affID=2115&utm_content=1023140c5f8559f2a8adeff2a6a312
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Protocol: HTTP/1.1
Server: 2001:41d0:301:3::28 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 05:17:41 GMT
Server: nginx
Tracking_id: 1023140c5f8559f2a8adeff2a6a312
X-Robots-Tag: noindex, nofollow
Location: http://windtre.trackdem.com/?nombre=&apellidos=&email=&affID=2115&utm_content=1023140c5f8559f2a8adeff2a6a312
P3p: CP="NOI CUR OUR NOR INT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Length: 308
X-Request-Id: 3516e55bb687ced6bee5199d12ee5463
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_i
tracking.tuttooa.com/ 43 B
466 B 494ms
46ms Image
image/gif 34.253.72.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.tuttooa.com/aff_i?offer_id=1681&aff_id=2115&file_id=6919
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.72.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-72-70.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 05:17:41 GMT
Server: nginx
Tracking_id: 1027a4f1fb3c227d34cb99970e5560
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Length: 43
X-Request-Id: a496106d0a28ce5537c56ab2a137a072
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK aff_i
loud.dideloud.com/ 43 B
466 B 110ms
55ms Image
image/gif 52.210.174.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://loud.dideloud.com/aff_i?offer_id=2706&aff_id=1&file_id=4501&aff_sub=OfferteinLove
Requested by: Host: echo7.bluehornet.com
URL: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
Protocol: HTTP/1.1
Server: 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c

Request headers

Referer: http://echo7.bluehornet.com/hostedemail/email.htm?CID=39993457563&ch=B3045FFC2DF883FAD58497F67DACE733&h=b3b5db31ced0e851f2f5d1c45582ca1c&ei=JmSK4JuNI&st=18-MAR-21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 20 Mar 2021 05:17:40 GMT
Server: nginx
Tracking_id: 1029074ae20911eb92c75b94e26b3b
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Tune-SDK-Version
Content-Length: 43
X-Request-Id: 18c71b7f34ee8516b5fddeb67919736f
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://echo7.bluehornet.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:17 GMT
server: sffe
age: 204098
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15712
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://echo7.bluehornet.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 206709
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:52:31 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;700;900&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://echo7.bluehornet.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 196550
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:41:50 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			echo7.bluehornet.com/	1970-01-19 17:07:02	Name: AWSALB Value: A305QkmT1b2T4d/HQubTufclETzyexMEJOu7c0Fn5gg9CgQjYeqoLmfPs//MPZynUdu7+GWvUhlvXRP9Ym7PjAv33XyTl2WJWwjbFicCSg+JbD9ff1DPAZklvet/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

echo7.bluehornet.com
fonts.googleapis.com
fonts.gstatic.com
loud.dideloud.com
tracking.tuttooa.com
use.fontawesome.com
windtre.trackdem.com
www.vidmotion.it
2001:41d0:301:3::28
23.111.9.35
2a00:1450:4001:800::2003
2a00:1450:4001:811::2003
2a00:1450:4001:82a::200a
34.210.169.53
34.253.72.70
52.210.174.128
81.31.156.40
020af3ee451a9e49f74342f5c989d826406f4ef131c1d4612fd62d4c9eef01d9
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2a1567c1550d9254c04eaeb4a0be4a40eeda5f8cc79a7e4185266ea10965f99e
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b6b75c8a05fddb0274e57c0adca77b6d67d403afd6ee4b535538289315abde01
c7ee1437e938608348ea4fe11831a2170e57648cec1e1d68be0856e05d98bf21
cc91c406793d9d505e007422d7b6524d2fa051a7d9f64d0025b5666a1acc351e
e24ba860977a4a2f7dcaa159d81e50806ec5ecf5cef24b0abec3338c40a1cbf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
fe5d7b929d5aa92a807001a2a617c16d0ba546095c4933dd7d319668ac8dc1a7

echo7.bluehornet.com Open in urlscan Pro 34.210.169.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

71 %HTTPS

44 %IPv6

8 Domains

8 Subdomains

9 IPs

5 Countries

686 kBTransfer

742 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

Indicators

echo7.bluehornet.com Open in urlscan Pro
34.210.169.53 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

71 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

9
IPs

5
Countries

686 kB
Transfer

742 kB
Size

1
Cookies

14 HTTP transactions
0 data transactions