urlscan.io logo urlscan.io
SecurityTrails logo

webmail1.earthlink.net Open in urlscan Pro
2606:4700::6812:1908  Public Scan

Go To Rescan Add Verdict Report
URL: https://webmail1.earthlink.net/newaddme
Submission: On April 28 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 18 domains to perform 39 HTTP transactions. The main IP is 2606:4700::6812:1908, located in United States and belongs to CLOUDFLARENET, US. The main domain is webmail1.earthlink.net. The Cisco Umbrella rank of the primary domain is 105316.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 29th 2023. Valid for: a year.
This is the only time webmail1.earthlink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700::6812:1908 (United States)

ASN13335 (CLOUDFLARENET, US)
webmail1.earthlink.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    65.9.90.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-90-93.prg50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    18.155.153.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-153-62.ham50.r.cloudfront.net
ats.rlcdn.com
1    23.215.22.18 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-22-18.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    3.214.165.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-165-89.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    54.77.31.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-31-84.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    13.32.99.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-35.fra60.r.cloudfront.net
geo.privacymanager.io
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
Apex Domain
Subdomains		 Transfer
10 earthlink.net
webmail1.earthlink.net — Cisco Umbrella Rank: 105316
2 MB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
150 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4186
a.ad.gt — Cisco Umbrella Rank: 4166
4 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
63 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
458 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
18 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
12 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 16
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
1 gstatic.com
www.gstatic.com
165 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
409 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2374
606 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3273
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2476
35 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3425
455 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
90 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
6 KB
39 18
Domain Requested by
10 webmail1.earthlink.net webmail1.earthlink.net
3 c.amazon-adsystem.com webmail1.earthlink.net
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net webmail1.earthlink.net
securepubads.g.doubleclick.net
2 id.hadron.ad.gt cdn.hadronid.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 www.google.com webmail1.earthlink.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 a.ad.gt cdn.hadronid.net
1 id5-sync.com cdn.id5-sync.com
1 www.gstatic.com www.google.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 geo.privacymanager.io ats.rlcdn.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com webmail1.earthlink.net
1 cdn.hadronid.net webmail1.earthlink.net
1 tags.crwdcntrl.net webmail1.earthlink.net
1 secure.cdn.fastclick.net webmail1.earthlink.net
1 ats.rlcdn.com webmail1.earthlink.net
1 www.google.de webmail1.earthlink.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com webmail1.earthlink.net
1 cdnjs.cloudflare.com webmail1.earthlink.net
39 22

This site contains links to these domains. Also see Links.

Domain
help.earthlink.net
Subject Issuer Validity Valid
webmail1.earthlink.net
Cloudflare Inc ECC CA-3		 2023-03-29 -
2024-03-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://webmail1.earthlink.net/newaddme
Frame ID: E817BAEBDCABE1D467EB74BF213226B2
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EarthLink Mail

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

39
Requests

100 %
HTTPS

59 %
IPv6

18
Domains

22
Subdomains

23
IPs

4
Countries

2269 kB
Transfer

9085 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request newaddme
webmail1.earthlink.net/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8a19da306924c3d393d24bb13c24a4ad4f66e10568b78db638d3623bdefa6c
Security Headers
Name Value
X-Frame-Options Deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3024000,no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7bf271f50e4c9201-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 28 Apr 2023 21:37:12 GMT
expires
Fri, 02 Jun 2023 21:37:12 GMT
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
vary
Accept-Encoding
x-envoy-upstream-service-time
3
x-frame-options
Deny
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
100315
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWlyoD%2BE2MCRol8x3BQsv9h3tMV4UrMMYVqS3dvetaXGurtKAu9Rp0O2uKdeV%2FNv8UoiEbJyaQ5ZV7iU0gmoX7yU8%2BTOwWxxxdkSsGwOkqMmP64rmQVgxnU4T49hX2LKZ%2FS7GhWL1l3TuRHh0Ii1PtJx"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bf271f5f9ea9159-FRA
expires
Wed, 17 Apr 2024 21:37:12 GMT
appconfig.js
webmail1.earthlink.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/appconfig.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0df3bf98e2863f09c8354c7766cc83721c8a67f0e212ab1f6a2f9d74a5af4727
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 15:08:29 GMT
server
cloudflare
etag
W/"644a8fed-967"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=3024000,no-store, no-cache, must-revalidate
x-envoy-upstream-service-time
2
cf-ray
7bf271f5cec99201-FRA
expires
Fri, 02 Jun 2023 21:37:12 GMT
gtm.js
www.googletagmanager.com/ 		265 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
095b084a0dc241783fcc3742a911c628105d9edc90494e3410d07a8a9622ebce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91879
x-xss-protection
0
last-modified
Fri, 28 Apr 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Apr 2023 21:37:13 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21c70eb695d823db53b93e2e9b7b52ff99f28bc3bdf7a2968ba9bb6c25ae58e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24757
x-xss-protection
0
server
cafe
etag
968 / 19475 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 28 Apr 2023 21:37:13 GMT
tinymce.min.js
webmail1.earthlink.net/tinymce/5.10.1/ 		382 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/tinymce/5.10.1/tinymce.min.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a3087fcc6e64ed4f95bf17bb66a95367ab66caeeb698f11233265af9280898
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:53:19 GMT
server
cloudflare
etag
W/"644a8c5f-5f9e0"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
6
cf-ray
7bf271f5cecd9201-FRA
expires
Sat, 27 Apr 2024 21:37:12 GMT
main.f40cdfad.chunk.css
webmail1.earthlink.net/static/css/ 		3 MB
285 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/css/main.f40cdfad.chunk.css
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4081d9bcbac59e928b089df56235173ca5ce75cf4636400a3dbe94be2de3ece
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
W/"644a8cc4-2e1e8b"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
10
cf-ray
7bf271f5cecc9201-FRA
expires
Sat, 27 Apr 2024 21:37:12 GMT
2.06474d9c.chunk.js
webmail1.earthlink.net/static/js/ 		3 MB
957 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/js/2.06474d9c.chunk.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37202aea8b68e35f7d397068886c4ba829415e27ce6588b48a490fdb5871a9d3
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
W/"644a8cc4-30e17b"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
8
cf-ray
7bf271f5cecf9201-FRA
expires
Sat, 27 Apr 2024 21:37:12 GMT
main.7261f8ea.chunk.js
webmail1.earthlink.net/static/js/ 		739 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/js/main.7261f8ea.chunk.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4bbf54f3c6814faaa820bb454d8edfbe7b7b9074e03437fd8911d199fcfbb12
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
W/"644a8cc4-b8bc5"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
7
cf-ray
7bf271f5ced09201-FRA
expires
Sat, 27 Apr 2024 21:37:12 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:11:45 GMT
content-encoding
gzip
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, PRG50-C1
age
1529
x-amz-server-side-encryption
AES256
etag
W/"e301ce991ef543783521cd0156a962ee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
ygdYr6r8iCgxkN5Qvyhkj1D7ZIMVPQiOtzEmWnvc30tcUobGTuM8uA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/735757482/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735757482/?random=1682717833630&cv=11&fst=1682717833630&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&label=6BQDCPqhlqIBEKqJ694C&hn=www.googleadservices.com&frm=0&tiba=EarthLink%20Mail&auid=1454309833.1682717834&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b49262964e0164913bb96f2600a1a3772bd71606e5a076cb61e26540426a55b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1239
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 28 Apr 2023 20:35:44 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3689
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Fri, 28 Apr 2023 22:35:44 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwebmail1.earthlink.net&pubid=f1370e72-d76e-48d2-af88-e7bd5a89f19e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
Server /
Resource Hash
1af3daf274b8917e6c0876343966972f64d051414b0c7c4b95670767039e8a00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:33:20 GMT
via
1.1 b9288402a0a891e0bbaca832ecabae60.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PRG50-C1
age
233
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://webmail1.earthlink.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3444
x-amz-cf-id
k8V2LNHUCfpZixISkFiaZmc-raa24S-kL3IfhtQRFpQcr7rFT5xsmw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.90.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-90-93.prg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 23:57:46 GMT
x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
77968
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
7XUeloYwRot3_FJeHiY3NalHxm5EkwzsOGHhjx6wVX1ko7hD-ffPqw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 12:58:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
31140
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 27 Apr 2024 12:58:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		121 B
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=webmail1.earthlink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ec7c2a0a16c747297caecd7939aa82fdad12ba8f7274d069c7a3f4b981cf2b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90
x-xss-protection
0
expires
Fri, 28 Apr 2023 21:37:13 GMT
5.5f2260dc.chunk.js
webmail1.earthlink.net/static/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/js/5.5f2260dc.chunk.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd80ff3a574257bb42a9902894fb7db8482fcb606871cb43eab0e8011a94b2bc
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
W/"644a8cc4-28cf"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
cf-ray
7bf271fc6ba19201-FRA
expires
Sat, 27 Apr 2024 21:37:13 GMT
Spinner.3f259006.gif
webmail1.earthlink.net/static/media/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail1.earthlink.net/static/media/Spinner.3f259006.gif
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
"644a8cc4-b15c"
x-frame-options
Deny
content-type
image/gif
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
accept-ranges
bytes
cf-ray
7bf271fc7bab9201-FRA
content-length
45404
expires
Sat, 27 Apr 2024 21:37:13 GMT
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1505488921&t=pageview&_s=1&dl=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ul=en-us&de=UTF-8&dt=EarthLink%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=479301038&gjid=735612382&cid=1199805804.1682717834&tid=UA-2513835-10&_gid=317363793.1682717834&_r=1&_slc=1&gtm=45He34q0n81TVQ6RM9&cd1=0&cd19=1199805804.1682717834&z=271942706
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 21:37:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://webmail1.earthlink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/735757482/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/735757482/?random=1682717833630&cv=11&fst=1682715600000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&label=6BQDCPqhlqIBEKqJ694C&frm=0&tiba=EarthLink%20Mail&fmt=3&is_vtc=1&random=1633685214&rmt_tld=0&ipr=y
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 21:37:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/735757482/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/735757482/?random=1682717833630&cv=11&fst=1682715600000&bg=ffffff&guid=ON&async=1&gtm=45He34q0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&label=6BQDCPqhlqIBEKqJ694C&frm=0&tiba=EarthLink%20Mail&fmt=3&is_vtc=1&random=1633685214&rmt_tld=1&ipr=y
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 21:37:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ats.js
ats.rlcdn.com/ 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.153.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-153-62.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding
br
via
1.1 b8b95510d85e7e4b69b927da534dc290.cloudfront.net (CloudFront)
date
Fri, 28 Apr 2023 02:44:15 GMT
x-amz-cf-pop
HAM50-P2
age
67979
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
e16bd58aa55fcc98af3b10870aad5974
last-modified
Thu, 19 Jan 2023 10:03:36 GMT
server
AmazonS3
etag
W/"0820c3a8da5dbe428619a7328c53b95f"
vary
Accept-Encoding
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
sNYVQFhbHJKN4eEkAbZy4WgFIUsIlbp72JgAAAsl8ptOsarDKKYd8Q==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-215-22-18.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Fri, 28 Apr 2023 21:52:13 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-68.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 00:30:12 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:13:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
76022
x-amz-server-side-encryption
AES256
etag
W/"dc01f342ec44b3f8f5767d7b93fe1ac8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
FSQCYKq0VzhSyUkb5p8ob7lQWd2NI0qct0UeCmB9lYAkmbziG4P4OA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ref=&_it=amazon&partner_id=486
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
1900
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7bf271fcc84c920e-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QQHBKKDC4K9EXW7F
age
121
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bf271fcc91c9122-FRA
x-amz-id-2
4mcYKQ5Hb3U2OaIpwisHn+DXiPFTI0FN2tidCE6GVNrf0qEvGkxvwQERDCwB3ajVcoF/DwRqbqs=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.165.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-165-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Fri, 28 Apr 2023 21:37:14 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.165.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-165-89.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://webmail1.earthlink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 28 Apr 2023 21:37:13 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ 		60 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.31.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-31-84.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d081292830c8c8aeb0962c8e2397d126e7587e02f7a762bb61baf6f1971891cf

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 28 Apr 2023 21:37:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://webmail1.earthlink.net
cache-control
no-cache
x-server
10.45.16.154
access-control-allow-credentials
true
content-length
60
expires
0
hadron.json
id.hadron.ad.gt/v1/ 		98 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=486&sync=0&domain=webmail1.earthlink.net&url=https://webmail1.earthlink.net/newaddme
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ref=&_it=amazon&partner_id=486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cddcbe86f7662bb734e0a8096bc8606b1cd7a5cc05d43b04fc2c8568d69728d2

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7bf271fddd531992-FRA
hadron.json
id.hadron.ad.gt/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=486&sync=0&domain=webmail1.earthlink.net&url=https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://webmail1.earthlink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7bf271fd2c671992-FRA
content-length
0
content-type
application/json
date
Fri, 28 Apr 2023 21:37:13 GMT
debug
OPTIONS block
expires
Sat, 27 Apr 2024 21:37:13 GMT
server
cloudflare
api.js
www.google.com/recaptcha/ 		909 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/static/js/2.06474d9c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b7b3bcb7ca2dda80f450fdefe1da9071b2970c0d56fca3d97c33a7e2147f634
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
581
x-xss-protection
1; mode=block
expires
Fri, 28 Apr 2023 21:37:13 GMT
earthlink-spamblocker-header.e45b44a7.png
webmail1.earthlink.net/static/media/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail1.earthlink.net/static/media/earthlink-spamblocker-header.e45b44a7.png
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8666771f6c3766a00276f79eec73f9acec74be7e5d43a66eab4704d2f6901d79
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
"644a8cc4-4678"
x-frame-options
Deny
content-type
image/png
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
accept-ranges
bytes
cf-ray
7bf271fd3c279201-FRA
content-length
18040
expires
Sat, 27 Apr 2024 21:37:13 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7f1de81b6622b1776fecf9fc68373b2ece8b96ee8cb7619def0efe2f483e623

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
earthlink-spamblocker-footer.6bbce986.png
webmail1.earthlink.net/static/media/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail1.earthlink.net/static/media/earthlink-spamblocker-footer.6bbce986.png
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1908 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa5daa2d803df4b87e87c9fa50cf04d7428a37cd5796400b462e689364187f2
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:13 GMT
cf-cache-status
DYNAMIC
last-modified
Thu, 27 Apr 2023 14:55:00 GMT
server
cloudflare
etag
"644a8cc4-276f"
x-frame-options
Deny
content-type
image/png
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
4
accept-ranges
bytes
cf-ray
7bf271fd3c289201-FRA
content-length
10095
expires
Sat, 27 Apr 2024 21:37:13 GMT
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-35.fra60.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 01:27:24 GMT
via
1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
72589
x-amzn-requestid
6ed26245-b6a1-4ba2-8d05-92bc3793bad4
x-amzn-trace-id
Root=1-644b20fc-03eac98158dcfee200ef4fb6;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
EEIXbGBqjoEFauA=
content-length
28
x-amz-cf-id
qCazf8z06_K8o81LPjlijTWGOmsHHyRccmuKufm3PYelLubCBdDiUQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
dc250bc5914223b1926d14bb2f4edd3b82a9e13dcb9f5f9b3d9812b0d53c750d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://webmail1.earthlink.net
date
Fri, 28 Apr 2023 21:37:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/ 		410 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4PnKmGB9wRHh1i04o7YUICeI/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webmail1.earthlink.net/
Origin
https://webmail1.earthlink.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 15:02:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23691
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168688
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 01:25:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 15:02:22 GMT
1347.json
id5-sync.com/g/v2/ 		216 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1347.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a0644b6479807ad542b316a6b182079bc929d29f75a988c3790c7a90c7aa84c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://webmail1.earthlink.net
date
Fri, 28 Apr 2023 21:37:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
486
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/486?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ref=&_it=amazon&partner_id=486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
571d74c4d7190a5574933c0b4d2568d7c7c476ed87630dbc03c2e75bd044d132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 21:37:14 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Fri, 28 Apr 2023 20:11:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7bf271febd531c60-FRA

Verdicts & Comments Add Verdict or Comment

153 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| AppConfig object| tinymce object| tinyMCE object| apstag object| webpackJsonpwebmail-earthlink function| setImmediate function| clearImmediate object| regeneratorRuntime object| DD_LOGS function| saveAs function| _ object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO string| GoogleAnalyticsObject function| ga boolean| apstagLOADED object| apscustom object| _aps object| googletag object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| lotame_sync_16576 function| ha undefined| google_measure_js_timing function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| hadron boolean| __halo_loaded__ object| PublisherCommonId object| ats object| ID5 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| au

8 Cookies

Domain/Path Name / Value
webmail1.earthlink.net/ Name: _dd_s
Value: logs=1&id=644f0106-b2ce-4c2c-a364-dc7072f38bd9&created=1682717833604&expire=1682718733604
.earthlink.net/ Name: _gcl_au
Value: 1.1.1454309833.1682717834
.earthlink.net/ Name: _ga
Value: GA1.2.1199805804.1682717834
.earthlink.net/ Name: _gid
Value: GA1.2.317363793.1682717834
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.earthlink.net/ Name: _gat_UA-2513835-10
Value: 1
.earthlink.net/ Name: lotame_domain_check
Value: earthlink.net
webmail1.earthlink.net/ Name: _lr_geo_location
Value: DE

1 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ats.rlcdn.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cdnjs.cloudflare.com
geo.privacymanager.io
googleads.g.doubleclick.net
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tags.crwdcntrl.net
webmail1.earthlink.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.32.99.35
162.19.138.117
162.19.138.82
18.155.153.62
23.215.22.18
2606:4700:10::6816:3556
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700::6811:180e
2606:4700::6812:1908
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::2002
3.214.165.89
54.77.31.84
65.9.66.68
65.9.90.93
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
095b084a0dc241783fcc3742a911c628105d9edc90494e3410d07a8a9622ebce
0df3bf98e2863f09c8354c7766cc83721c8a67f0e212ab1f6a2f9d74a5af4727
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1aa5daa2d803df4b87e87c9fa50cf04d7428a37cd5796400b462e689364187f2
1af3daf274b8917e6c0876343966972f64d051414b0c7c4b95670767039e8a00
1b7b3bcb7ca2dda80f450fdefe1da9071b2970c0d56fca3d97c33a7e2147f634
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21c70eb695d823db53b93e2e9b7b52ff99f28bc3bdf7a2968ba9bb6c25ae58e3
2f1d9b491b08daadc738115c579f9cc1b85b29078fdefe99ad994f9db0f5da22
37202aea8b68e35f7d397068886c4ba829415e27ce6588b48a490fdb5871a9d3
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
4ec7c2a0a16c747297caecd7939aa82fdad12ba8f7274d069c7a3f4b981cf2b7
571d74c4d7190a5574933c0b4d2568d7c7c476ed87630dbc03c2e75bd044d132
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8666771f6c3766a00276f79eec73f9acec74be7e5d43a66eab4704d2f6901d79
8b49262964e0164913bb96f2600a1a3772bd71606e5a076cb61e26540426a55b
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
a0644b6479807ad542b316a6b182079bc929d29f75a988c3790c7a90c7aa84c0
a2a3087fcc6e64ed4f95bf17bb66a95367ab66caeeb698f11233265af9280898
a4bbf54f3c6814faaa820bb454d8edfbe7b7b9074e03437fd8911d199fcfbb12
b4a0aeb3f2db12edff7b757d79dc72c1964f48040a73651ca0e6f24c775f1264
b7f1de81b6622b1776fecf9fc68373b2ece8b96ee8cb7619def0efe2f483e623
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
cd80ff3a574257bb42a9902894fb7db8482fcb606871cb43eab0e8011a94b2bc
cddcbe86f7662bb734e0a8096bc8606b1cd7a5cc05d43b04fc2c8568d69728d2
d081292830c8c8aeb0962c8e2397d126e7587e02f7a762bb61baf6f1971891cf
dc250bc5914223b1926d14bb2f4edd3b82a9e13dcb9f5f9b3d9812b0d53c750d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e81437bacb2eadf8e9892f7c4423437a86ed8249bf77dcf71770909857779174
eb8a19da306924c3d393d24bb13c24a4ad4f66e10568b78db638d3623bdefa6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4081d9bcbac59e928b089df56235173ca5ce75cf4636400a3dbe94be2de3ece