urlscan.io logo urlscan.io
SecurityTrails logo

s.bluemail.info Open in urlscan Pro
108.139.47.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://s.bluemail.info/ws/MoGrArrX1wF
Effective URL: https://s.bluemail.info/ws/MoGrArrX1wF
Submission: On September 10 via manual — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 6 domains to perform 25 HTTP transactions. The main IP is 108.139.47.119, located in United States and belongs to AMAZON-02, US. The main domain is s.bluemail.info.
TLS certificate: Issued by Amazon RSA 2048 M03 on August 28th 2024. Valid for: a year.
This is the only time s.bluemail.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    108.139.47.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-119.jfk50.r.cloudfront.net
s.bluemail.info
1    2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    142.250.72.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net
pagead2.googlesyndication.com
2    2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    142.251.41.4 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
13 bluemail.info
s.bluemail.info
127 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
210 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 gstatic.com
fonts.gstatic.com
46 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
832 B
25 6
Domain Requested by
13 s.bluemail.info s.bluemail.info
3 pagead2.googlesyndication.com s.bluemail.info
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com tpc.googlesyndication.com
1 fonts.googleapis.com s.bluemail.info
25 7

This site contains links to these domains. Also see Links.

Domain
bluemail.me
Subject Issuer Validity Valid
*.bluemail.info
Amazon RSA 2048 M03		 2024-08-28 -
2025-09-26		 a year crt.sh
upload.video.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://s.bluemail.info/ws/MoGrArrX1wF
Frame ID: A568C5F119623547B0A1797889A1ABB4
Requests: 21 HTTP requests in this frame

Frame: data://truncated
Frame ID: B28828B427A50B328ACAD766F8C989BC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240909/r20110914/zrt_lookup_fy2021.html
Frame ID: E33D0C88B12CE9EBF0D6B557D949E516
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458219577324346&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725954269&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fs.bluemail.info%2Fws%2FMoGrArrX1wF&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_24~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725955052609&bpp=5&bdt=1895&idt=794&shv=r20240909&mjsv=m202409040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=524273975582&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086548%2C44795922%2C95338226%2C95341663&oid=2&pvsid=193183920605828&tmod=866209080&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=824
Frame ID: DF6A5067E9A613A4083EC60B0BEBB187
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B00A2D34ED3E5658AE0A20B66ABC85A8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 59D8762E7A994C07C5F94B28842CA235
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FW: Cloud Calling Facility Usage Sep24 - BlueMail

Page URL History Show full URLs

  1. http://s.bluemail.info/ws/MoGrArrX1wF HTTP 307
    https://s.bluemail.info/ws/MoGrArrX1wF Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:<html [^>]*xmlns:w="urn:schemas-microsoft-com:office:word"|<w:WordDocument>|<div [^>]*class="?WordSection1[" >]|<style[^>]*>[^>]*@page WordSection1)
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

96 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

9
IPs

1
Countries

446 kB
Transfer

1203 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://s.bluemail.info/ws/MoGrArrX1wF HTTP 307
    https://s.bluemail.info/ws/MoGrArrX1wF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request MoGrArrX1wF
s.bluemail.info/ws/
Redirect Chain
  • http://s.bluemail.info/ws/MoGrArrX1wF
  • https://s.bluemail.info/ws/MoGrArrX1wF
68 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2944cd48f30377dfa56bcaf255ca1c9ef147644f7e7da878a6fc1c6e98d170a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
date
Tue, 10 Sep 2024 07:57:31 GMT
etag
W/"b27bda277fb27b4ae8d305339afa3e33"
last-modified
Tue, 10 Sep 2024 07:44:29 GMT
server
AmazonS3
vary
accept-encoding Origin
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
x-amz-cf-id
MW8P2awkj0nzwsYn1g0NQD9LUGVqYj8cNx4LO0LRuO_uLIFn5LjM6g==
x-amz-cf-pop
JFK50-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront

Redirect headers

Location
https://s.bluemail.info/ws/MoGrArrX1wF
Non-Authoritative-Reason
HttpsUpgrades
css2
fonts.googleapis.com/ 		1 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 10 Sep 2024 07:57:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Sep 2024 07:21:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 10 Sep 2024 07:57:31 GMT
jquery.min.js
s.bluemail.info/res/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/js/jquery.min.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:44 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:14:33 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75947
etag
W/"c9f5aeeca3ad37bf2aa006139b935f0a"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
puZEMfZeIidsBE7NLxWINJiL_giqBLL6r5IjEysSyhO9ttxPCHnE9w==
tether.min.js
s.bluemail.info/res/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/js/tether.min.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:44 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:15:10 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75948
etag
W/"ecdfd3dc464ceda5f483bb5c96a6e3d2"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CWJJhg8KaDUY-y9WeorXS6oywFIsfNIIPnbBjI-9stiQQc454WJhyQ==
bootstrap.min.js
s.bluemail.info/res/js/ 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/js/bootstrap.min.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:44 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:13:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75947
etag
W/"0827a0bdcd9a917990eee461a77dd33e"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
azo74kfuYz-difOlaOYcLSYw_r_yqx6J7UZS6XHJbctYSQU-kpmt5g==
moment.min.js
s.bluemail.info/res/js/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/js/moment.min.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
001564a706fd2bd3f1b9bbd1ac732493ac2659c207504f5e0713592d7610f389

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:45 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:14:01 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75947
etag
W/"5ff1de69e6fd137a6dd511205ea7c49e"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
oMSq6ZPPyZE-UDtw_M7ewUoblNNwS-TKEpF8OeMK0OKu6Z1lQ59XFA==
mobile-detect.min.js
s.bluemail.info/res/js/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/js/mobile-detect.min.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:45 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:14:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75947
etag
W/"ad5e6902874557b076942e11a9416b43"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
CP1Y0CRTU-LBneo1f2UPNfBl_5g130Gg911d_nAOTAV3RNstMf0CvA==
values.js
s.bluemail.info/res/data/ 		846 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/data/values.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb89fe136171de063d855c4fd8fac588a60472d6423426ad79c1ec942d9efc81

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:45 GMT
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:17:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75947
etag
"b1457e24f0622048ac4e005abe828d68"
vary
Origin
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
846
x-amz-cf-id
mzBbVKmgtCIN85uCvzBHY94QskMb1ZvOWAdhD1zP9lrKTV-ZGMIiVw==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5458219577324346
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
0ca1fcaa574f8926465c998f0026015e4e1a22ff1253b5172aabc851d2e1f82c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
Origin
https://s.bluemail.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 07:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52131
x-xss-protection
0
server
cafe
etag
18001895026145745104
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 10 Sep 2024 07:57:32 GMT
nscripts.js
s.bluemail.info/res/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/js/nscripts.js
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
de7a57138581ef44a3b5e193ba6deba28c4a5d9278c7ad865bc071336af7b5a5

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:45 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 10:59:04 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75948
etag
W/"7f8a0aef339d18ae0d666ba600307268"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
O692L5OpScDEsnJUG9b275V7Q6GVfe_RSAPslAJkX5aGXexueR5RYw==
styles.css
s.bluemail.info/res/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/css/styles.css
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce6cd0d2e7c75f0536e518b76ea9d34b1bf9d05454ed1a62338a203e87f1ecbe

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:45 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Tue, 29 Nov 2022 10:58:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75948
etag
W/"27d81b05d7d8657734ba84640bdbdfc7"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
XDsZq7_ly1Nym357qRpoSPoYQQEKBTvAr4vVwM6lryUuvMH0DGou3w==
bootstrap.min.css
s.bluemail.info/res/css/ 		141 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/res/css/bootstrap.min.css
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e466c61b2e6d6693ed9b95775c99c364815dc053276ca77e7abe9e973e2b3d7

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:46 GMT
content-encoding
gzip
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 17:31:34 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75947
etag
W/"4e26a993a07fdb4696e3ecfa036e67c0"
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
raDzosfo0ZanKg3hChzKhy4gk0aUHT6WTg5h6jn3ZVXtOvUjX583wQ==
default_profile_avatar.png
s.bluemail.info/res/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bluemail.info/res/img/default_profile_avatar.png
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3db510f3044035ee56c2822b1321f8e5f1b30a621980a4d7ac8a219ab04ff94

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 11:49:38 GMT
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Fri, 28 Oct 2022 10:50:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
72475
etag
"059b1fe1c6fc5a391b71dafdf597158c"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3982
x-amz-cf-id
y7L9RbSZdP3-qECrJKo9lqltfzfR61RD1axDC8lMBW7v0SnaU7Ns2g==
logoBmail.png
s.bluemail.info/res/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.bluemail.info/res/img/logoBmail.png
Requested by
Host: s.bluemail.info
URL: https://s.bluemail.info/ws/MoGrArrX1wF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03206f8724efaf904f5b6bb4c8347a992d78ff13a0dff7a327d3a89ff312bf7e

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:54 GMT
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Fri, 25 Nov 2022 12:32:08 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75939
etag
"5e6bf2d407116f6ea0eb2599f6a71a78"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3835
x-amz-cf-id
sHpNAaE7PqBM-NNROnux5p_V49Fh2OFXMoTQFkkaqE8jkQN4QytHYA==
truncated
/ Frame B288 		62 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00832644d9ef84ce55028e66fba9faf17e73372b9115e7cbe3c8bf77ed6ed0fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/html;charset=utf-8
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s.bluemail.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 06 Sep 2024 13:52:08 GMT
x-content-type-options
nosniff
age
324324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Sep 2025 13:52:08 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s.bluemail.info
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Thu, 05 Sep 2024 14:39:32 GMT
x-content-type-options
nosniff
age
407880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Sep 2025 14:39:32 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409040101/ 		417 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409040101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5458219577324346
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
646591a1f1cbe96928bdf2c1a64600e4fd41185159d1aa1e6b32aa416c75de81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 07:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
143301
x-xss-protection
0
pragma
no-cache
server
cafe
etag
4380913637758776133
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240909/r20110914/ Frame E33D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240909/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

age
52905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4122
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Sep 2024 17:15:48 GMT
etag
15484670657486016084
expires
Mon, 23 Sep 2024 17:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5458219577324346&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1725954269&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x1080_l%7C212x1080_r&format=0x0&url=https%3A%2F%2Fs.bluemail.info%2Fws%2FMoGrArrX1wF&pra=5&wgl=1&aihb=0&asro=0&ailel=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=32~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=32_24~29_18~30_19&aiixl=32_9~29_5~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1725955052609&bpp=5&bdt=1895&idt=794&shv=r20240909&mjsv=m202409040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=524273975582&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31086548%2C44795922%2C95338226%2C95341663&oid=2&pvsid=193183920605828&tmod=866209080&uas=0&nvt=1&fsapi=1&fc=1920&brdim=120%2C120%2C120%2C120%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=824
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 07:57:33 GMT
expires
Tue, 10 Sep 2024 07:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240909&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
b66fe521e856d2f913e72c3ddd616273c79cffafaffd36e4111927a294f574ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 07:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12954
x-xss-protection
0
favicon.ico
s.bluemail.info/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://s.bluemail.info/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-119.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5f397018f0584ed33cc743b543ef426e6c5a07249e4ee643136c71e43bb5136

Request headers

Referer
https://s.bluemail.info/ws/MoGrArrX1wF
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Mon, 09 Sep 2024 10:51:54 GMT
via
1.1 335df4b8ee16f1aabffbb7f53461c35c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Nov 2022 15:38:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
75940
etag
"ff8610c536e6d5ec9fe1629c38579ef4"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/x-icon
accept-ranges
bytes
content-length
1534
x-amz-cf-id
GjHJgHCEksYCth6XOUDiJ8jsRUfS-YrFYESaM7OyJBChtu1SMpQQ4w==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409040101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 07:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 10 Sep 2024 07:57:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B00A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1791
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 07:27:43 GMT
expires
Wed, 10 Sep 2025 07:27:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 59D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.4 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kMCLQDyTBGgu8m_xbVU6Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s.bluemail.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kMCLQDyTBGgu8m_xbVU6Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Tue, 10 Sep 2024 07:57:34 GMT
expires
Tue, 10 Sep 2024 07:57:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240909&jk=193183920605828&bg=!V1SlVBvNAAYJ21f7Kds7ADQBe5WfOFXefDRMK1Bvhh03XnAeL7sg1Sgn4Xupvm1tF00jsgeDplAerQTZDa8UpAtRQSyoAgAAAE9SAAAABGgBB34ANmxsEaZUTA_DGDyTz1jVRA-9HsRj9qjgMqoMUb5F1xX-ojdOci5fFVQaTdVhPxLXM5PGKf2DoAoAG5QTidoA4oM_VZlEJQ0MCvRzQ7yAB-1JVHDd8ZkCqsrkd-thPSPsQSbfRcH7GEc4svUAu3YqhqRZ4rmJGuhAz6IliIznltPNQr61gqa0JRq0UiRTONDTrf12UBw31VAFQXY0VnoHAzk8v-cm1EY7k-sgU5SpPvoLRP9ydCoiuEZEOTuF5G1ioTvihpVJoi2EaMGQXoLG3mek8liZnV3LuIiIXi4FQsUzKEVcJdzIz891aUE6bX0CQ-JX2h1I6LqbXYwtoL7fH_26q-kQwBv4efk8DV6e82ARd8XN95FXNRMsG7Cul15pDqG-Ek73ccUAKssWuXCMQslSG2KAE_o66pXm8jLV19sjedpVv4IUAewTDDiBcDWaPDSQ4o0ayCrbIrECO5nMInpDiVdlDjCZNaxeRe4bgWjR2j7Fg_ZI01dCxDFKlT2M5Rxc_I4x4IJFvoYJ7KE4pjfWywfxIGCCZyBt7reJbUv526WrnocsIAj_4cgfoGNf9819EiHGTqoE1jrcZE9Tk680cdNh0LDch4n2cYrkTa9kFHsMZwfnURHmCITbSgFRikz8JfqDiA2YAnMeLs6hsbhyi_r-iozJpzdxxaRsdjSIkRds-qNi0E9-77DF-3dlqXR5RrJHIDfrDj8h03dRHD0GGcxVhySUD7gHhOjhdfQA2VF2Zj6-KLybw9MFMLV9T9Df4-aKmk6eanU1BvUqiOc7DzV0sznDf7pbFMTu6_ptfFWrPoicOHhe5UFfS4ocEBxnyL62LzWDtQ76SsVf-wfXNjnjKtPhaZ9_7PwtLQdr8YSutKyuyljvjXKYQtem_Npm-JZMtNxR-bOE1hRug___OTyVWmJH-wY5PAuzAcBcSTO1WDJMsmel-JdcfHqSrEjet0Sik8w18vUgb7TngXcpuY8PmLCODP4qxZ083S9RSW_8GAuG9f3SR9T45-saKBg

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery function| Tether function| moment function| MobileDetect object| config_values object| values function| openInApp function| readMore function| sendToAnalytics function| detectWebView function| findOffset object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac number| tmod object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s.bluemail.info
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
108.139.47.119
142.250.72.98
142.251.40.194
142.251.41.4
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80d::2003
2607:f8b0:4006:822::200a
001564a706fd2bd3f1b9bbd1ac732493ac2659c207504f5e0713592d7610f389
00832644d9ef84ce55028e66fba9faf17e73372b9115e7cbe3c8bf77ed6ed0fb
03206f8724efaf904f5b6bb4c8347a992d78ff13a0dff7a327d3a89ff312bf7e
0ca1fcaa574f8926465c998f0026015e4e1a22ff1253b5172aabc851d2e1f82c
2944cd48f30377dfa56bcaf255ca1c9ef147644f7e7da878a6fc1c6e98d170a9
3e466c61b2e6d6693ed9b95775c99c364815dc053276ca77e7abe9e973e2b3d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
646591a1f1cbe96928bdf2c1a64600e4fd41185159d1aa1e6b32aa416c75de81
6c5dbafb6c6411ed476ce3eb558ba96a7c9656ef62ce1f823ed5d7fcf4c1af6e
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a5f397018f0584ed33cc743b543ef426e6c5a07249e4ee643136c71e43bb5136
b66fe521e856d2f913e72c3ddd616273c79cffafaffd36e4111927a294f574ec
c3db510f3044035ee56c2822b1321f8e5f1b30a621980a4d7ac8a219ab04ff94
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
ce6cd0d2e7c75f0536e518b76ea9d34b1bf9d05454ed1a62338a203e87f1ecbe
de7a57138581ef44a3b5e193ba6deba28c4a5d9278c7ad865bc071336af7b5a5
eb89fe136171de063d855c4fd8fac588a60472d6423426ad79c1ec942d9efc81
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
fc8b081ba3d5a5270fb663b4856ce474277a52421f98a3b8aa385100c342a3d8