webmail1.earthlink.net Open in urlscan Pro
2606:4700::6812:1808 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/P77zCADQpGcEgPlnFGZoAM?domain=webmail1.earthlink.net
Effective URL:
https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Submission Tags: falconsandbox
Submission: On June 15 via api (June 15th 2023, 3:59:47 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 26 domains to perform 66 HTTP transactions. The main IP is 2606:4700::6812:1808, located in United States and belongs to CLOUDFLARENET, US. The main domain is webmail1.earthlink.net. The Cisco Umbrella rank of the primary domain is 70123.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 29th 2023. Valid for: a year.

This is the only time webmail1.earthlink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.113 207.211.31.113	14135 (NAVISITE-...) (NAVISITE-EAST-2)
11	2606:4700::68... 2606:4700::6812:1808	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.107.138 108.138.107.138	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	13.35.93.28 13.35.93.28	16509 (AMAZON-02) (AMAZON-02)
1	184.31.67.214 184.31.67.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.238.4.43 18.238.4.43	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
1	3.92.38.212 3.92.38.212	14618 (AMAZON-AES) (AMAZON-AES)
1	18.238.4.16 18.238.4.16	16509 (AMAZON-02) (AMAZON-02)
1 16	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
2 2	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	162.248.18.37 162.248.18.37	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
1 1	216.200.232.249 216.200.232.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	199.127.204.142 199.127.204.142	26120 (RHYTHMONE) (RHYTHMONE)
2 2	52.207.141.230 52.207.141.230	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
66	23

2 207.211.31.113 (United States) 2 redirects

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6812:1808 (United States)

ASN13335 (CLOUDFLARENET, US)

webmail1.earthlink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2008 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Flushing, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80f::200e (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81c::2004 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-28.jfk50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.67.214 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-67-214.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-43.phl51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.92.38.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-38-212.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.4.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-4-16.phl51.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::ac43:17ea (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.181.211 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.248.18.37 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.249 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.142 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.141.230 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-141-230.compute-1.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	ad.gt 1 redirects id.hadron.ad.gt — Cisco Umbrella Rank: 2463 a.ad.gt — Cisco Umbrella Rank: 3116 p.ad.gt — Cisco Umbrella Rank: 3654 ids.ad.gt — Cisco Umbrella Rank: 2558 pixels.ad.gt — Cisco Umbrella Rank: 3445	18 KB
11	earthlink.net webmail1.earthlink.net — Cisco Umbrella Rank: 70123	2 MB
7	gstatic.com www.gstatic.com fonts.gstatic.com	566 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	23 KB
6	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244	155 KB
5	google.com www.google.com — Cisco Umbrella Rank: 3	31 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 513	1 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 375	2 KB
3	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357	64 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	230 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 662	711 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 618	1 KB
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 1020	630 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 476	2 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 839 id5-sync.com — Cisco Umbrella Rank: 434	18 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1019 bcp.crwdcntrl.net — Cisco Umbrella Rank: 952	12 KB
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 9681	2 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1281	610 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 566	697 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 656	696 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1117	409 B
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 2038	610 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2645	10 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1371	17 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2151	73 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	6 KB
66	26

	Domain	Requested by
11	webmail1.earthlink.net	webmail1.earthlink.net
10	ids.ad.gt	1 redirects webmail1.earthlink.net
6	www.gstatic.com	www.google.com www.gstatic.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.google.com	webmail1.earthlink.net www.google.com www.gstatic.com
3	pixel.tapad.com	3 redirects
3	match.adsrvr.org	3 redirects
3	c.amazon-adsystem.com	webmail1.earthlink.net c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	webmail1.earthlink.net securepubads.g.doubleclick.net
3	www.googletagmanager.com	webmail1.earthlink.net www.googletagmanager.com
2	ad.360yield.com	2 redirects
2	sync.1rx.io	2 redirects
2	cm.g.doubleclick.net	1 redirects webmail1.earthlink.net
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	a.ad.gt	cdn.hadronid.net p.ad.gt
2	id.hadron.ad.gt	cdn.hadronid.net
2	protect-us.mimecast.com	2 redirects
1	pixels.ad.gt	p.ad.gt
1	id5-sync.com	cdn.id5-sync.com
1	fonts.gstatic.com	www.google.com
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.mathtag.com	1 redirects
1	token.rubiconproject.com	webmail1.earthlink.net
1	p.ad.gt	a.ad.gt
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	geo.privacymanager.io	ats.rlcdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.id5-sync.com	webmail1.earthlink.net
1	cdn.hadronid.net	webmail1.earthlink.net
1	tags.crwdcntrl.net	webmail1.earthlink.net
1	secure.cdn.fastclick.net	webmail1.earthlink.net
1	ats.rlcdn.com	webmail1.earthlink.net
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	cdnjs.cloudflare.com	webmail1.earthlink.net
66	35

This site contains no links.

Subject Issuer	Validity	Valid
webmail1.earthlink.net Cloudflare Inc ECC CA-3	`2023-03-29` - `2024-03-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Frame ID: 6A60D01A72F56901147C72C97A2401D9
Requests: 57 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt&co=aHR0cHM6Ly93ZWJtYWlsMS5lYXJ0aGxpbmsubmV0OjQ0Mw..&hl=en&type=image&v=SglpK98hSCn2CroR0bKRSJl5&theme=light&size=normal&badge=bottomright&cb=qyufte66yh4e
Frame ID: 59C2DBEAA00041D0D85B465C31A0AD4F
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt
Frame ID: 1167A0E2D223246E02D6EB80E8EC6671
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

EarthLink Mail

Page URL History Show full URLs

https://protect-us.mimecast.com/s/P77zCADQpGcEgPlnFGZoAM?domain=webmail1.earthlink.net HTTP 307
https://protect-us.mimecast.com/r/PMG25eHV2oIH9d4YW8HCTtTl0Yy6RzEeJvH4WEoeXeArrZetNkrPubZjZwVc0DSl-6X1SQhKJ2... HTTP 307
https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca Page URL

Detected technologies

TinyMCE (Rich Text Editors) Expand

Overall confidence: 100%
Detected patterns

/tiny_?mce(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

66
Requests

86 %
HTTPS

40 %
IPv6

26
Domains

35
Subdomains

23
IPs

2
Countries

2878 kB
Transfer

10651 kB
Size

33
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/P77zCADQpGcEgPlnFGZoAM?domain=webmail1.earthlink.net HTTP 307
https://protect-us.mimecast.com/r/PMG25eHV2oIH9d4YW8HCTtTl0Yy6RzEeJvH4WEoeXeArrZetNkrPubZjZwVc0DSl-6X1SQhKJ26dwEBkP4AM_ao9GrTZ2x_T-5neNAXZZ_MH_e6UmKt72EMcjN7p0ZQodOCnJUHRaFSsP7GFbyaiEbvnWaHnKZrvhE3VfK3TfLW7YWKCOEitjB7SG9jbGN7DA2wGDTSJm1W6DWCfrfbLhlBndu47yfFr7EODunHGoFtfsOIcIQBtFvJ_icwBpTabgck2w04iFjO37SYASvgyuG6lSZD3-N06oDLTsh3XPJLVCi2il07W9dSd1ws4mqcjZt_ngbQsAtRvhEp7NmMMJYKZuVpMBomf6eov5baWzaJaV95ZrAH2pDiSaBClgHvYtaUVoK51OwO7QGFLI_aeMIg_8klU_wAZqtKJPeWC2sScPyXEkBtbanAfRCJdhC1Qok00cK71ZdCBW43fxvn5rpXkfHcT4eJ57Q0Vslx5PjAB9h36IiVMPlRqOKMNAW4BdkZGIHH5HEHAczCI271u2w_NwlBecfrHzKG6pxzxYpQR9ofdk100Wxnm8mkseI5dQbcx1ysN0eTJZSL4viE4hW0MazxbM_YoIKV__4FyOU_bzDB7slCxJCkpxohUBeAQe1knV-ia1TUspdE_m2MmaFeLE4XU52ybyqT4sv2xmeK1p-XZvWm02-aOesFdasU238_qcgkPgOUCDPYviH3FpnKV356ZESDTnxDsuYxt9yvuoHPk5ug_q3JRoCnm2dW7pexFuCSFOPVpEbXSE8u3oQ7yOOazFxgA0m8jBQM4H06Ogf9Q0KVlpsM6x4iH5XPvnqJH4Qya1f0W58G2YkSd9Qyo1d1pYDplu-6nTQ98RyA8iYkD5gwMbMqz50fxpMeKdF4xwcmqO2teR2fvD2SqyGpR97Zz6siAm4bGSBDoJwdKP0PyUFB7AQpc-jXT8Ov6NhxVFUoQitkYGw0R-whJZmWSocpOg39D-fKKu-vw-R6rdG0e5zbR5h_I5waRyHFzAPClcMGsIlk4Ul6boe-JDrf-nr9kM157EtJjKH0B2bqkKdJtY_D79EO5XdjAFrtGOfejMp04nSNtlX6zJ3DCC0rT_0MgCgOnrYuQJNPxCI7PRmqfghBhaNy_dqKZ8FavYrGNy7eQxmxbmoe-cLeVGGKmKJozMFXwDsmpERJHkfkJqXjy4gYifvtDfvlStgkiJcoQeeK80XLsyVxvLV5I8SB2k9VGEN6GIWA7PlaFZgOpU3u0wcpQLDg7hxhr8-acObfCrUfWFlQAAid_VmiPleJ0yReW3Wnvy3fuFOfUjWRv9LflrPRJkdx7wPPwwSVGuS4chacVRzwSprHToUH9CoYMiY1kvu4V6PbnoiFQqJwv4UBcOdu0IqWy8_iVs9nZSW_Lev7uxpHEISY27ZnAkwT1QxRExQSfQgG2ZTKHToWjVcnNWt60U9AZOkRQ6FfNR5okcWP3VyVX3ZK_f4aUNMWqLw9wSTwjkBrZSQU4jMwBQf-j3q3p98vJ8NydUnhmRCgea6q4p-REZF0cz8nF_jby9eQ31BRMUY9n5QT5FiLtLCDdTODmVgOkcAnpTkExauUgnlGdqaEn956Let5--KfmoW2JBJcrkH5juoSrympt5psrDMzAAayinOs3D5Lc5MgMDSt9P33YEHHsKVmFVO2C7sbrrHoVdNFGgdVEQwas6cb5a0eaTFXO4FzjgAvSLBZkymJTqXf7OmbDUSN4wWbd_xoNgzyT5qNjcPMFYVjyvjYG5PxHkjaw-PHEM8vHlprWJ1kD09nWYhNHRBxPktrVcZqYWknb3-Zymc74DCIKEYEBvEGPyAamMV2hMU_A HTTP 307
https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&adnxs_id=2643485834104272745&gdpr=0

Request Chain 44

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001686844765-E5EB17U9-S3Q1&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001686844765-E5EB17U9-S3Q1&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf&id=AU1D-0100-001686844765-E5EB17U9-S3Q1

Request Chain 45

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001686844765-E5EB17U9-S3Q1 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001686844765-E5EB17U9-S3Q1 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=6EE3653F-B796-45D9-BCFE-96C59C8DCAD1&id=AU1D-0100-001686844765-E5EB17U9-S3Q1

Request Chain 47

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001686844765-E5EB17U9-S3Q1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001686844765-E5EB17U9-S3Q1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=577cc18f-654b-44e4-8694-1197443e3afc%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001686844765-E5EB17U9-S3Q1%252526tapad_id%25253D577cc18f-654b-44e4-8694-1197443e3afc%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf&ttd_puid=577cc18f-654b-44e4-8694-1197443e3afc%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001686844765-E5EB17U9-S3Q1%2526tapad_id%253D577cc18f-654b-44e4-8694-1197443e3afc%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&tapad_id=577cc18f-654b-44e4-8694-1197443e3afc

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001686844765-E5EB17U9-S3Q1 HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&google_gid=CAESEGfXiWzjZ2KkDYQtVYgE64g&google_cver=1&google_ula=450542624,0

Request Chain 49

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001686844765-E5EB17U9-S3Q1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Njg0NDc2NS1FNUVCMTdVOS1TM1Ex

Request Chain 50

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001686844765-E5EB17U9-S3Q1 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=2dac648b-355c-4900-94e8-35f0703233fb&id=AU1D-0100-001686844765-E5EB17U9-S3Q1

Request Chain 51

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26unruly_id%3D%5BRX_UUID%5D&cb=1686844764714 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26unruly_id%3DRX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&unruly_id=RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005

Request Chain 52

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&impr_uid=2b2b80b3-a8d9-43c2-9d70-3576c73c54c2

66 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request newaddme Show response
webmail1.earthlink.net/
Redirect Chain

https://protect-us.mimecast.com/s/P77zCADQpGcEgPlnFGZoAM?domain=webmail1.earthlink.net
https://protect-us.mimecast.com/r/PMG25eHV2oIH9d4YW8HCTtTl0Yy6RzEeJvH4WEoeXeArrZetNkrPubZjZwVc0DSl-6X1SQhKJ26dwEBkP4AM_ao9GrTZ2x_T-5neNAXZZ_MH_e6UmKt72EMcjN7p0ZQodOCnJUHRaFSsP7GFbyaiEbvnWaHnKZrvhE3...
https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

5 KB
3 KB

191ms
84ms

Document
text/html

2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e0174202e30b3c7813ab7ed239d5d1671f2df4f7a47dfec91e18594c3753a28

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=3024000,no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d7c0508ec29d157-BUF
content-encoding: gzip
content-type: text/html
date: Thu, 15 Jun 2023 15:59:20 GMT
expires: Thu, 20 Jul 2023 15:59:20 GMT
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
vary: Accept-Encoding
x-envoy-upstream-service-time: 3
x-frame-options: Deny

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Thu, 15 Jun 2023 15:59:20 GMT
Location: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 276 KB
94 KB 188ms
70ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a24db47c22a6aca99ddd07fb11ef482ddf92d23b8e7a96d7d772b5186f02b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96155
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 15:59:20 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 182ms
69ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6045997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDi1Mu2V%2F1e1zPqMTbttDSZr1qayGzkA%2FA1JkgBWiat8JRwD7GM5SC1eIn7S878ppLPcXIpF8m%2Bw0OOaGeCEZDGsLDJ395ZR0GNoi6gjAJ%2FmB6t0bNBnvFUp5ZwlS%2FaV0GOyo1Gd2meHg2axPgmTHntc"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d7c050a4fddd153-BUF
expires: Tue, 04 Jun 2024 15:59:20 GMT

GET
H2 200 appconfig.js Show response
webmail1.earthlink.net/ 2 KB
1 KB 105ms
72ms Script
application/javascript 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/appconfig.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31d317ae26548109eda79595a2ba00741ccae36dd104abe2457a8a3366603c41

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 05 Jun 2023 20:11:37 GMT
server: cloudflare
etag: W/"647e4179-988"
vary: Accept-Encoding
x-frame-options: Deny
content-type: application/javascript
cache-control: max-age=3024000,no-store, no-cache, must-revalidate
x-envoy-upstream-service-time: 8
cf-ray: 7d7c0509bc63d157-BUF
expires: Thu, 20 Jul 2023 15:59:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
26 KB 1768ms
56ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bbebfa7c07d9eef53236d84c136c697cbff26b87793477deaf7505c913709a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26058
x-xss-protection: 0
server: cafe
etag: 132 / 19523 / 31075332 / config-hash: 17480437215513226996
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 15 Jun 2023 15:59:22 GMT

GET
H2 200 tinymce.min.js Show response
webmail1.earthlink.net/tinymce/5.10.1/ 382 KB
131 KB 103ms
71ms Script
application/javascript 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/tinymce/5.10.1/tinymce.min.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a3087fcc6e64ed4f95bf17bb66a95367ab66caeeb698f11233265af9280898

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:21:54 GMT
server: cloudflare
etag: W/"646fb552-5f9e0"
vary: Accept-Encoding
x-frame-options: Deny
content-type: application/javascript
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 7
cf-ray: 7d7c0509bc64d157-BUF
expires: Fri, 14 Jun 2024 15:59:20 GMT

GET
H2 200 main.cc79ede3.chunk.css
webmail1.earthlink.net/static/css/ 3 MB
285 KB 450ms
418ms Stylesheet
text/css 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/static/css/main.cc79ede3.chunk.css

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51611712dafd985371a83872135de850f984047cd41ab2f161a7920bf47c8d14

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: W/"646fb5b7-2e2075"
vary: Accept-Encoding
x-frame-options: Deny
content-type: text/css
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 13
cf-ray: 7d7c0509bc62d157-BUF
expires: Fri, 14 Jun 2024 15:59:20 GMT

GET
H2 200 2.ab79264e.chunk.js Show response
webmail1.earthlink.net/static/js/ 3 MB
933 KB 99ms
70ms Script
application/javascript 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/static/js/2.ab79264e.chunk.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26e9009551c6b2fcd81077ae7e4b4538edb92b40d3c58a13ce0ae5b250a55d57

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: W/"646fb5b7-2fc5a9"
vary: Accept-Encoding
x-frame-options: Deny
content-type: application/javascript
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 7
cf-ray: 7d7c0509bc65d157-BUF
expires: Fri, 14 Jun 2024 15:59:20 GMT

GET
H2 200 main.d03184d5.chunk.js Show response
webmail1.earthlink.net/static/js/ 749 KB
225 KB 178ms
149ms Script
application/javascript 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/static/js/main.d03184d5.chunk.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bdad21e7dd1f7ab3fc95e70343bb5fe0d887a5cd778cdf0e712c2dcd6eac537

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: W/"646fb5b7-bb3f6"
vary: Accept-Encoding
x-frame-options: Deny
content-type: application/javascript
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 8
cf-ray: 7d7c0509bc66d157-BUF
expires: Fri, 14 Jun 2024 15:59:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
47 KB 62ms
56ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KCHLLQ7

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbf6931ff205be9613da12596f692e5bf0b285e18d915f456744ae4ff8ba8d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48492
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Jun 2023 15:59:21 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 235 KB
57 KB 1744ms
32ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f22620e32eac72fb1ff1b8b450dc8a9b72109889a6cc2c34a364a3bac697a49e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:45:24 GMT
content-encoding: gzip
via: 1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront), 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 19:47:47 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 839
x-amz-server-side-encryption: AES256
etag: W/"d0b9d816cec36bd9f5556c7b963d0257"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: WDarVaypSAYNXzXf1Q8NY3EN_OdPZZvIvo2G0Nl7qtqAZwoRfTApGQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/735757482/ 2 KB
2 KB 1804ms
233ms Script
text/javascript 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735757482/?random=1686844761083&cv=11&fst=1686844761083&bg=ffffff&guid=ON&async=1&gtm=45He36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&label=6BQDCPqhlqIBEKqJ694C&hn=www.googleadservices.com&frm=0&tiba=EarthLink%20Mail&auid=1035537782.1686844761&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a5f0c85a4b14a345bde7aea9b1d63a50e5b62c603347f299141982a60d81f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1393
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 1600ms
24ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Jun 2023 14:11:08 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6494
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 15 Jun 2023 16:11:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 113ms
97ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MK68Q01FHJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCHLLQ7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

49bdfbf3c18517fe1860ab03984b0c65c78e0553376fb48190bdb35ac674b463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89932
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 15 Jun 2023 15:59:22 GMT

GET
H2 200 5.04a3d16b.chunk.js Show response
webmail1.earthlink.net/static/js/ 10 KB
5 KB 68ms
68ms Script
application/javascript 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://webmail1.earthlink.net/static/js/5.04a3d16b.chunk.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c38953f0bf4757b71cb8e393592348e66672d24dbb5ff05b12e7cab01411fe73

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: W/"646fb5b7-28cf"
vary: Accept-Encoding
x-frame-options: Deny
content-type: application/javascript
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 2
cf-ray: 7d7c05179f3cd157-BUF
expires: Fri, 14 Jun 2024 15:59:22 GMT

GET
H2 200 Spinner.3f259006.gif
webmail1.earthlink.net/static/media/ 44 KB
44 KB 74ms
72ms Image
image/gif 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webmail1.earthlink.net/static/media/Spinner.3f259006.gif

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:22 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: "646fb5b7-b15c"
x-frame-options: Deny
content-type: image/gif
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 2
accept-ranges: bytes
cf-ray: 7d7c05183f5fd157-BUF
content-length: 45404
expires: Fri, 14 Jun 2024 15:59:22 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/ 407 KB
126 KB 62ms
21ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306120101/pubads_impl.js?cb=31075332

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9949ec515d627da556e6c4d4c909127a533a5622028fc81e9eeb9f00870e560f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 19:36:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73344
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128446
x-xss-protection: 0
server: cafe
etag: 17347100504976350628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 13 Jun 2024 19:36:59 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 121 B
115 B 126ms
42ms XHR
application/json 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=webmail1.earthlink.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ec7c2a0a16c747297caecd7939aa82fdad12ba8f7274d069c7a3f4b981cf2b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90
x-xss-protection: 0
expires: Thu, 15 Jun 2023 15:59:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 56ms
38ms XHR
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=289268643&t=pageview&_s=1&dl=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fid%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&ul=en-us&de=UTF-8&dt=EarthLink%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1710357225&gjid=594496431&cid=1321988527.1686844763&tid=UA-2513835-10&_gid=244454135.1686844763&_r=1&_slc=1&gtm=45He36c0n81TVQ6RM9&cd1=0&cd19=1321988527.1686844763&z=67975393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://webmail1.earthlink.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://webmail1.earthlink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/735757482/ 42 B
328 B 166ms
56ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/735757482/?random=1686844761083&cv=11&fst=1686841200000&bg=ffffff&guid=ON&async=1&gtm=45He36c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&label=6BQDCPqhlqIBEKqJ694C&frm=0&tiba=EarthLink%20Mail&fmt=3&is_vtc=1&random=2508869382&rmt_tld=0&ipr=y

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 909 B
903 B 138ms
44ms Script
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/static/js/2.ab79264e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b43394d4d0bd8330ff84a2c4da9ce7ceedfb175c747c678f6c013e0f6ffb3d67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 1; mode=block
expires: Thu, 15 Jun 2023 15:59:23 GMT

GET
H2 200 earthlink-spamblocker-header.e45b44a7.png
webmail1.earthlink.net/static/media/ 18 KB
18 KB 70ms
70ms Image
image/png 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webmail1.earthlink.net/static/media/earthlink-spamblocker-header.e45b44a7.png

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8666771f6c3766a00276f79eec73f9acec74be7e5d43a66eab4704d2f6901d79

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: "646fb5b7-4678"
x-frame-options: Deny
content-type: image/png
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 4
accept-ranges: bytes
cf-ray: 7d7c0519dfc7d157-BUF
content-length: 18040
expires: Fri, 14 Jun 2024 15:59:23 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7f1de81b6622b1776fecf9fc68373b2ece8b96ee8cb7619def0efe2f483e623

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 earthlink-spamblocker-footer.6bbce986.png
webmail1.earthlink.net/static/media/ 10 KB
10 KB 61ms
61ms Image
image/png 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webmail1.earthlink.net/static/media/earthlink-spamblocker-footer.6bbce986.png

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa5daa2d803df4b87e87c9fa50cf04d7428a37cd5796400b462e689364187f2

Security Headers

Name	Value
X-Frame-Options	Deny

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
cf-cache-status: DYNAMIC
last-modified: Thu, 25 May 2023 19:23:35 GMT
server: cloudflare
etag: "646fb5b7-276f"
x-frame-options: Deny
content-type: image/png
cache-control: max-age=31536000,public
x-envoy-upstream-service-time: 3
accept-ranges: bytes
cf-ray: 7d7c0519dfc8d157-BUF
content-length: 10095
expires: Fri, 14 Jun 2024 15:59:23 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 3 KB
4 KB 35ms
31ms XHR
application/json 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwebmail1.earthlink.net&pubid=f1370e72-d76e-48d2-af88-e7bd5a89f19e
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: 1af3daf274b8917e6c0876343966972f64d051414b0c7c4b95670767039e8a00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 13:18:00 GMT
via: 1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 9682
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://webmail1.earthlink.net
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 3444
x-amz-cf-id: eadgi62fk9sgkSRG09jrgovWX3KrCgsfB8VfPlL8v7iTdOPcxJ68Lg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 142ms
68ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 11:15:32 GMT
x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 17032
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: sJrfhNBVgGrrKO1130tS60Y8TgqMsCXhrBNcnJffehnFRliO3ryc4Q==

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 60ms
60ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MK68Q01FHJ&gtm=45je36c0&_p=289268643&cid=1321988527.1686844763&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1686844763&sct=1&seg=0&dl=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&dt=EarthLink%20Mail&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MK68Q01FHJ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://webmail1.earthlink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 simple Show response
webmail1.earthlink.net/mail/account/rferry@earthlink.net/addme/message/11ee-0b87-7a983c60-8eb4-00144ff8e7ca/ 210 B
310 B 475ms
474ms XHR
application/json 2606:4700::6812:1808
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://webmail1.earthlink.net/mail/account/rferry@earthlink.net/addme/message/11ee-0b87-7a983c60-8eb4-00144ff8e7ca/simple
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/static/js/2.ab79264e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1808 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 588ffd9cc324d42fb101c9017385bf53643ab07f2f178d0577a85869baba99e6

Request headers

Accept: application/json, text/plain, */*
Referer: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
accept-language: en-US,en;q=0.9
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3024000, no-store, no-cache, must-revalidate
x-envoy-upstream-service-time: 400
cf-ray: 7d7c051bc83ad157-BUF

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
73 KB 229ms
38ms Script
text/javascript 13.35.93.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-28.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: br
via: 1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
date: Thu, 15 Jun 2023 08:56:32 GMT
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P8
age: 25372
x-amz-server-side-encryption: AES256
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 4OxmttWcIs2cgg8J_zTyQBeObKskz5QeigFPdNMpGz1XkdhqE6Ahww==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 226ms
36ms Script
application/javascript 184.31.67.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.31.67.214 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-67-214.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Thu, 15 Jun 2023 16:14:23 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 38 KB
12 KB 231ms
41ms Script
text/javascript 18.238.4.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-43.phl51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 20:50:11 GMT
content-encoding: gzip
via: 1.1 20068bd484823d12a57ecea8a9946b6c.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:15 GMT
server: AmazonS3
x-amz-cf-pop: PHL51-P1
age: 68953
etag: W/"560498a44e7d42477433425cdafd6a16"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: d8FEeE6zMtpSSDXxiITJCpXMcGg_IgfO88ISjlckiOQZeOz9YbpVxg==

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 240ms
50ms Script
application/javascript 2606:4700:10::6816:34ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&ref=&_it=amazon&partner_id=486
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 May 2023 16:51:11 GMT
server: cloudflare
x-amz-request-id: D9H0BKD49BT4VXPH
age: 3645
etag: W/"82b3b53182a6a8dbe6684806275e839a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7d7c051dff254406-EWR
x-amz-id-2: NYMqTPppEBiG4bbM2+rgByDV6NSeJDUeioacPP/TyAP0fbAmvOO4RCVRrzA/p/xpSBZuJnb15Hs=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 58 KB
17 KB 196ms
43ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Jun 2023 14:15:50 GMT
server: cloudflare
x-amz-request-id: 1E14KX5PHRPM41BM
age: 2128
etag: W/"bd84c027369eea0cf742a8ca6f03b75c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7d7c051dfcf04368-EWR
x-amz-id-2: QSIivZ1ySL3kxhydk/98IXVNIRNkbpgRUlVNQkzP09UwRYsLFiNmcOAFunykocRj8gIXBLiarAg=

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ 416 KB
167 KB 181ms
28ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://webmail1.earthlink.net/
Origin: https://webmail1.earthlink.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170572
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 04:32:25 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
619 B 180ms
58ms XHR
application/json 3.92.38.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.38.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-38-212.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 9ce6c25e70099b473f7f1b58ea68974a42e2db9ce67b6a8e1e4a462daa499fb2

Request headers

Referer: https://webmail1.earthlink.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:24 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://webmail1.earthlink.net
cache-control: no-cache
x-server: 10.40.41.49
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
610 B 125ms
35ms Fetch
application/json 18.238.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-4-16.phl51.r.cloudfront.net
Software: /
Resource Hash: 8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 08:30:38 GMT
via: 1.1 5eb5e19c1a78889d10ff38f1551ed2aa.cloudfront.net (CloudFront), 1.1 4ceb2989b2985c33abee5da8ac0ecbcc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C1, PHL51-P1
age: 26926
x-amzn-requestid: b5ded12a-6f57-4239-adcc-e729c20e0122
x-amzn-trace-id: Root=1-648acc2e-0bd567de47abbac33c08fc79;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: GjTXRHyjjoEFfSQ=
content-length: 30
x-amz-cf-id: LgrCUBYKOPR7W28LHGfOJBohm7EbMiV-MjBhZ6BELP-FDmPPbeynLQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 131ms
54ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=486&sync=0&domain=webmail1.earthlink.net&url=https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://webmail1.earthlink.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7d7c05208864c45c-EWR
content-length: 0
content-type: application/json
date: Thu, 15 Jun 2023 15:59:24 GMT
debug: OPTIONS block
expires: Fri, 14 Jun 2024 15:59:24 GMT
server: cloudflare

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 98 B
288 B 46ms
43ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=486&sync=0&domain=webmail1.earthlink.net&url=https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&ref=&_it=amazon&partner_id=486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee588d798a4dc375d6873b3c4a88e21f9a633af4015845f8d842593ca8f504c0

Request headers

Referer: https://webmail1.earthlink.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 7d7c0520e8bdc45c-EWR

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 59C2 52 KB
29 KB 97ms
96ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt&co=aHR0cHM6Ly93ZWJtYWlsMS5lYXJ0aGxpbmsubmV0OjQ0Mw..&hl=en&type=image&v=SglpK98hSCn2CroR0bKRSJl5&theme=light&size=normal&badge=bottomright&cb=qyufte66yh4e

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/static/js/2.ab79264e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

121e495a1a39e3b50a27703f699d42537055a835bfc98aa0135a8ba394276b84

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xc3x-s20wxV9OasoHpaAKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://webmail1.earthlink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 29103
content-security-policy: script-src 'report-sample' 'nonce-xc3x-s20wxV9OasoHpaAKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 15:59:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
409 B 350ms
113ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

22fd8b2c37f0fee9bae3f306c7f93ad80dbbb30e3d2a111192e74373f60674e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://webmail1.earthlink.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://webmail1.earthlink.net
date: Thu, 15 Jun 2023 15:59:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 59C2 55 KB
24 KB 79ms
25ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt&co=aHR0cHM6Ly93ZWJtYWlsMS5lYXJ0aGxpbmsubmV0OjQ0Mw..&hl=en&type=image&v=SglpK98hSCn2CroR0bKRSJl5&theme=light&size=normal&badge=bottomright&cb=qyufte66yh4e

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 15:16:22 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 59C2 416 KB
167 KB 92ms
39ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170572
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 04:32:25 GMT

GET
H2 200 486 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 113ms
41ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/486?_it=amazon
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&ref=&_it=amazon&partner_id=486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a27da57f3800838ab17a5702bb7e890fe1e597a93ca72d5081f3404b019ab0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 15:57:12 GMT
server: cloudflare
age: 132
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7d7c0521de3642fd-EWR

GET
H2 200 486 Show response
p.ad.gt/api/v1/p/ 40 KB
12 KB 126ms
40ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/486
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/486?_it=amazon
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4ca57d8e66d3e14b371ab6906182c2dd836766169d5b1375442ea8bc60a363d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 15:56:59 GMT
server: cloudflare
age: 145
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7d7c0522eaa88c41-EWR

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&adnxs_id=2643485834104272745&gdpr=0

43 B
96 B

133ms
133ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&adnxs_id=2643485834104272745&gdpr=0
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c0526bf8b43ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

Date: Thu, 15 Jun 2023 15:59:24 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 96.9.249.42; 96.9.249.42; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1b122c1a-73c6-484f-972c-85957c86e85a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&adnxs_id=2643485834104272745&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001686844765-E5EB17U9-S3Q1&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001686844765-E5EB17U9-S3Q1&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf&id=AU1D-0100-001686844765-E5EB17U9-S3Q1

43 B
216 B

123ms
123ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05268f5343ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:24 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001686844765-E5EB17U9-S3Q1
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001686844765-E5EB17U9-S3Q1
https://ids.ad.gt/api/v1/pbm_match?pbm=6EE3653F-B796-45D9-BCFE-96C59C8DCAD1&id=AU1D-0100-001686844765-E5EB17U9-S3Q1

43 B
96 B

129ms
128ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=6EE3653F-B796-45D9-BCFE-96C59C8DCAD1&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05268f5143ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=6EE3653F-B796-45D9-BCFE-96C59C8DCAD1&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
date: Thu, 15 Jun 2023 15:59:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
696 B 156ms
36ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001686844765-E5EB17U9-S3Q1&gdpr=0
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001686844765-E5EB17U9-S3Q1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001686844765...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001686844765-E5EB17U9-S3Q1&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001686...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=577cc18f-654b-44e4-8694-1197443e3afc%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf&ttd_puid=577cc18f-654b-44e4-8694-1197443e3afc%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&tapad_id=577cc18f-654b-44e4-8694-1197443e3afc

43 B
96 B

119ms
119ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&tapad_id=577cc18f-654b-44e4-8694-1197443e3afc
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c0528392d43ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

date: Thu, 15 Jun 2023 15:59:25 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&tapad_id=577cc18f-654b-44e4-8694-1197443e3afc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&google_gid=CAESEGfXiWzjZ2KkDYQtVYgE64g&google_cver=1&google_ula=450542624,0

43 B
96 B

115ms
115ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&google_gid=CAESEGfXiWzjZ2KkDYQtVYgE64g&google_cver=1&google_ula=450542624,0
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05245c6643ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&google_gid=CAESEGfXiWzjZ2KkDYQtVYgE64g&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001686844765-E5EB17U9-S3Q1
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Njg0NDc2NS1FNUVCMTdVOS1TM1Ex

170 B
244 B

44ms
42ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Njg0NDc2NS1FNUVCMTdVOS1TM1Ex

Requested by

Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY4Njg0NDc2NS1FNUVCMTdVOS1TM1Ex
date: Thu, 15 Jun 2023 15:59:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c0522eadd43ee-EWR
content-type: text/html; charset=utf-8

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001686844765-E5EB17U9-S3Q1
https://ids.ad.gt/api/v1/mediamath_match?user_id=2dac648b-355c-4900-94e8-35f0703233fb&id=AU1D-0100-001686844765-E5EB17U9-S3Q1

43 B
96 B

118ms
117ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=2dac648b-355c-4900-94e8-35f0703233fb&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05244c6243ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

Date: Thu, 15 Jun 2023 15:59:24 GMT
Server: MT3 1031 59fd23a master ord ord-pixel-x31 config_version:"1969"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=2dac648b-355c-4900-94e8-35f0703233fb&id=AU1D-0100-001686844765-E5EB17U9-S3Q1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 15 Jun 2023 15:59:23 GMT

GET
H2

200

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26unruly_id%3D%5BRX_UUID%5D&cb=1686844764714
https://sync.targeting.unrulymedia.com/csync/RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26unruly_id%3D...
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&unruly_id=RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005

43 B
96 B

117ms
116ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&unruly_id=RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c0528392c43ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

Location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&unruly_id=RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005
Date: Thu, 15 Jun 2023 15:59:25 GMT
Content-Type: text/html
Connection: keep-alive
ETag: RXf692b911f9ef4b07b231b8cc42dc570f005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001686844765-E5EB17U9-S3Q1%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&impr_uid=2b2b80b3-a8d9-43c2-9d70-3576c73c54c2

43 B
96 B

161ms
160ms

Image
image/gif

2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&impr_uid=2b2b80b3-a8d9-43c2-9d70-3576c73c54c2
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05268f5543ee-EWR
content-length: 43
content-type: image/gif

Redirect headers

location: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&impr_uid=2b2b80b3-a8d9-43c2-9d70-3576c73c54c2
access-control-allow-origin: *
date: Thu, 15 Jun 2023 15:59:24 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
114 B 123ms
121ms Image
image/gif 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001686844765-E5EB17U9-S3Q1&halo_id=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm6g4ko6gywigwiew6kwomy
Requested by: Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme?a=rferry@earthlink.net&id=11ee-0b87-7a983c60-8eb4-00144ff8e7ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05233b3e43ee-EWR
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 59C2 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 59C2 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 59C2 2 KB
2 KB 27ms
27ms Image
image/png 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 10:27:06 GMT
x-content-type-options: nosniff
age: 451938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 17 Jun 2023 10:27:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 59C2 15 KB
16 KB 91ms
24ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sat, 10 Jun 2023 16:14:59 GMT
x-content-type-options: nosniff
age: 431065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 09 Jun 2024 16:14:59 GMT

POST
H/1.1 200 1347.json Show response
id5-sync.com/g/v2/ 601 B
1 KB 357ms
116ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1347.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

819c63a9ab08fb9f2b4352bf8e6240cbfb0eebcb4640e723537cd3e11f02454c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://webmail1.earthlink.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://webmail1.earthlink.net
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 59C2 102 B
133 B 63ms
62ms Other
text/javascript 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=SglpK98hSCn2CroR0bKRSJl5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

58f4ef3230aa0f2d13e67db42cfc271f4067c1afb88073758edc15ca79e477b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt&co=aHR0cHM6Ly93ZWJtYWlsMS5lYXJ0aGxpbmsubmV0OjQ0Mw..&hl=en&type=image&v=SglpK98hSCn2CroR0bKRSJl5&theme=light&size=normal&badge=bottomright&cb=qyufte66yh4e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 15 Jun 2023 15:59:24 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
655 B 28ms
28ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:31:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Jun 2023 16:31:30 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 15 Jun 2023 16:22:03 GMT

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
140 B 195ms
128ms XHR
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://webmail1.earthlink.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://webmail1.earthlink.net
date: Thu, 15 Jun 2023 15:59:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05283d214255-EWR
vary: Origin
content-type: text/html; charset=utf-8

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
109 B 243ms
141ms Script
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=30d952f59f3684ac0aa340095a478de5&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/486
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 15:59:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7d7c05286a390f74-EWR
content-type: text/html; charset=utf-8

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 1167 7 KB
1 KB 50ms
45ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

74fe24417dcfc06050983f81187ebb6ea6171a4baa644bd1976e1239765cf2d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YMxhBx7fyt-PUdaCcnA_KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://webmail1.earthlink.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1153
content-security-policy: script-src 'report-sample' 'nonce-YMxhBx7fyt-PUdaCcnA_KQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 15:59:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 1167 55 KB
24 KB 44ms
35ms Stylesheet
text/css 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 15:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Jun 2024 15:16:22 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/ Frame 1167 416 KB
167 KB 44ms
38ms Script
text/javascript 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/SglpK98hSCn2CroR0bKRSJl5/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=SglpK98hSCn2CroR0bKRSJl5&k=6LfLgRYTAAAAAEfb82lvO--w14_V2Jhdq-yyydSt

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 Flushing, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 04:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170572
x-xss-protection: 0
last-modified: Sun, 11 Jun 2023 18:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Jun 2024 04:32:25 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 42ms
42ms Ping
text/plain 2607:f8b0:4006:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MK68Q01FHJ&gtm=45je36c0&_p=289268643&cid=1321988527.1686844763&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1686844763&sct=1&seg=0&dl=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme%3Fa%3Drferry%40earthlink.net%26id%3D11ee-0b87-7a983c60-8eb4-00144ff8e7ca&dt=EarthLink%20Mail&en=scroll&epn.percent_scrolled=90&_et=93
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MK68Q01FHJ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://webmail1.earthlink.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Jun 2023 15:59:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://webmail1.earthlink.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.earthlink.net/	1970-01-20 14:43:40	Name: _gcl_au Value: 1.1.1035537782.1686844761
webmail1.earthlink.net/	1970-01-20 12:34:05	Name: _dd_s Value: logs=1&id=9074fb80-69cf-437e-bd83-5416c5eda00e&created=1686844761855&expire=1686845661855
.earthlink.net/	1970-01-20 12:35:31	Name: _gid Value: GA1.2.244454135.1686844763
.earthlink.net/	1970-01-20 12:34:04	Name: _gat_UA-2513835-10 Value: 1
.earthlink.net/	1970-01-20 22:10:04	Name: _ga_MK68Q01FHJ Value: GS1.1.1686844763.1.0.1686844763.0.0.0
.crwdcntrl.net/	1970-01-20 19:02:49	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 19:02:49	Name: _cc_id Value: d919b013470fc182603a9b6cf992a1e5
.earthlink.net/	1970-01-20 19:02:52	Name: _cc_id Value: d919b013470fc182603a9b6cf992a1e5
.earthlink.net/	1970-01-20 12:35:31	Name: panoramaId_expiry Value: 1686931164113
webmail1.earthlink.net/	1970-01-20 12:35:31	Name: _lr_geo_location Value: US
webmail1.earthlink.net/	1970-01-20 12:35:31	Name: _lr_geo_location_state Value: NY
.earthlink.net/	1970-01-20 21:19:40	Name: _au_1d Value: AU1D-0100-001686844765-E5EB17U9-S3Q1
.earthlink.net/	1970-01-20 21:19:40	Name: _au_last_seen_pixels Value: eyJhcG4iOjE2ODY4NDQ3NjQsInR0ZCI6MTY4Njg0NDc2NCwicHViIjoxNjg2ODQ0NzY0LCJydWIiOjE2ODY4NDQ3NjQsInRhcGFkIjoxNjg2ODQ0NzY0LCJhZHgiOjE2ODY4NDQ3NjQsImdvbyI6MTY4Njg0NDc2NCwibWVkaWFtYXRoIjoxNjg2ODQ0NzY0LCJ1bnJ1bHkiOjE2ODY4NDQ3NjQsImltcHIiOjE2ODY4NDQ3NjR9
.pubmatic.com/	1970-01-20 14:43:40	Name: KTPCACOOKIE Value: true
.adnxs.com/	1970-01-20 14:43:40	Name: uuid2 Value: 2643485834104272745
.mathtag.com/	1970-01-20 21:59:59	Name: uuid Value: 2dac648b-355c-4900-94e8-35f0703233fb
.tapad.com/	1970-01-20 14:00:28	Name: TapAd_TS Value: 1686844764619
.tapad.com/	1970-01-20 14:00:28	Name: TapAd_DID Value: 577cc18f-654b-44e4-8694-1197443e3afc
.doubleclick.net/	1970-01-20 22:10:04	Name: IDE Value: AHWqTUkqGCkLB8cFvWmWEmk6DHFq08s9VUpMajgq_v7xcDB-4cW-2ren-gUaZoJp_UM
.rubiconproject.com/	1970-01-20 21:19:40	Name: khaos Value: LIXBTIIM-1X-1BRO
.rubiconproject.com/	1970-01-20 21:19:40	Name: audit Value: 1\|6YgSoPMZUx4T31cOZWl4Z0M3Ce9YKIJMPfr0x1Ci7bjhj9K5Ghav9YdKKXTEza2iq8ywgYTUFTFBK03vAHceEHP0swe0RknJoRjbyWWLTN4j5+SvyefVPCu+9BhjuAhI+8ZTRQkUXcBCjgP9opYMpDXPgbABPM5DzY7yoJVHQ3jeJRBGYIPH7rKpUjWTmmg0
.adsrvr.org/	1970-01-20 21:21:07	Name: TDID Value: 1872bd2e-56c6-45c9-8c19-a29ae9a1f5cf
.ad.gt/	1970-01-20 22:10:04	Name: au_id Value: AU1D-0100-001686844765-E5EB17U9-S3Q1
.ad.gt/	1970-01-20 22:10:04	Name: g_hosted Value:
.1rx.io/	1970-01-20 21:19:40	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005%22%7D
.360yield.com/	1970-01-20 14:43:40	Name: tuuid Value: 2b2b80b3-a8d9-43c2-9d70-3576c73c54c2
.360yield.com/	1970-01-20 14:43:40	Name: tuuid_lu Value: 1686844764
.pubmatic.com/	1970-01-20 21:19:40	Name: KADUSERCOOKIE Value: 6EE3653F-B796-45D9-BCFE-96C59C8DCAD1
.id5-sync.com/	1970-01-20 14:43:40	Name: id5 Value: a0758634-a4b8-7026-ab4d-7807f5a89365#1686844765130#1
.adsrvr.org/	1970-01-20 21:21:07	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiElLzj8PD2OxAFGAEgASgCMgsIhIy_kIfx9jsQBTgBWgV0YXBhZGAC
.earthlink.net/	1970-01-20 22:10:04	Name: _ga Value: GA1.2.1321988527.1686844763
.targeting.unrulymedia.com/	1970-01-20 21:19:40	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f692b911-f9ef-4b07-b231-b8cc42dc570f-005%22%7D
.tapad.com/	1970-01-20 14:00:28	Name: TapAd_3WAY_SYNCS Value: 1!3999

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ad.360yield.com
ats.rlcdn.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
fonts.gstatic.com
geo.privacymanager.io
googleads.g.doubleclick.net
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
lb.eu-1-id5-sync.com
match.adsrvr.org
p.ad.gt
pixel.tapad.com
pixels.ad.gt
protect-us.mimecast.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
token.rubiconproject.com
webmail1.earthlink.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
108.138.107.138
13.35.93.28
142.251.40.98
162.19.138.116
162.19.138.120
162.248.18.37
18.238.4.16
18.238.4.43
184.31.67.214
199.127.204.142
207.211.31.113
216.200.232.249
2606:4700:10::6816:34ad
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700::6811:180e
2606:4700::6812:1808
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80f::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:824::2002
3.92.38.212
34.111.113.62
35.71.131.137
52.207.141.230
68.67.181.211
69.173.151.100
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdad21e7dd1f7ab3fc95e70343bb5fe0d887a5cd778cdf0e712c2dcd6eac537
121e495a1a39e3b50a27703f699d42537055a835bfc98aa0135a8ba394276b84
1a27da57f3800838ab17a5702bb7e890fe1e597a93ca72d5081f3404b019ab0c
1aa5daa2d803df4b87e87c9fa50cf04d7428a37cd5796400b462e689364187f2
1af3daf274b8917e6c0876343966972f64d051414b0c7c4b95670767039e8a00
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22fd8b2c37f0fee9bae3f306c7f93ad80dbbb30e3d2a111192e74373f60674e2
26e9009551c6b2fcd81077ae7e4b4538edb92b40d3c58a13ce0ae5b250a55d57
2ffd682978600218b840e3c6f9aeee91c676f7867e43723056e5873043332cb7
31d317ae26548109eda79595a2ba00741ccae36dd104abe2457a8a3366603c41
3a24db47c22a6aca99ddd07fb11ef482ddf92d23b8e7a96d7d772b5186f02b76
3a5f0c85a4b14a345bde7aea9b1d63a50e5b62c603347f299141982a60d81f6e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
49bdfbf3c18517fe1860ab03984b0c65c78e0553376fb48190bdb35ac674b463
4bbebfa7c07d9eef53236d84c136c697cbff26b87793477deaf7505c913709a9
4ec7c2a0a16c747297caecd7939aa82fdad12ba8f7274d069c7a3f4b981cf2b7
51611712dafd985371a83872135de850f984047cd41ab2f161a7920bf47c8d14
588ffd9cc324d42fb101c9017385bf53643ab07f2f178d0577a85869baba99e6
58f4ef3230aa0f2d13e67db42cfc271f4067c1afb88073758edc15ca79e477b6
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
74fe24417dcfc06050983f81187ebb6ea6171a4baa644bd1976e1239765cf2d1
752d16411f4866d01a2fc6c8f984da8104367e264a8865a63714e2f8181f5a73
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
819c63a9ab08fb9f2b4352bf8e6240cbfb0eebcb4640e723537cd3e11f02454c
8666771f6c3766a00276f79eec73f9acec74be7e5d43a66eab4704d2f6901d79
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9949ec515d627da556e6c4d4c909127a533a5622028fc81e9eeb9f00870e560f
9ce6c25e70099b473f7f1b58ea68974a42e2db9ce67b6a8e1e4a462daa499fb2
9e0174202e30b3c7813ab7ed239d5d1671f2df4f7a47dfec91e18594c3753a28
a2a3087fcc6e64ed4f95bf17bb66a95367ab66caeeb698f11233265af9280898
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b43394d4d0bd8330ff84a2c4da9ce7ceedfb175c747c678f6c013e0f6ffb3d67
b7f1de81b6622b1776fecf9fc68373b2ece8b96ee8cb7619def0efe2f483e623
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
c38953f0bf4757b71cb8e393592348e66672d24dbb5ff05b12e7cab01411fe73
c4ca57d8e66d3e14b371ab6906182c2dd836766169d5b1375442ea8bc60a363d
dbf6931ff205be9613da12596f692e5bf0b285e18d915f456744ae4ff8ba8d08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
ee588d798a4dc375d6873b3c4a88e21f9a633af4015845f8d842593ca8f504c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22620e32eac72fb1ff1b8b450dc8a9b72109889a6cc2c34a364a3bac697a49e
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

webmail1.earthlink.net Open in urlscan Pro 2606:4700::6812:1808 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

86 %HTTPS

40 %IPv6

26 Domains

35 Subdomains

23 IPs

2 Countries

2878 kBTransfer

10651 kBSize

33 Cookies

0 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

webmail1.earthlink.net Open in urlscan Pro
2606:4700::6812:1808 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

86 %
HTTPS

40 %
IPv6

26
Domains

35
Subdomains

23
IPs

2
Countries

2878 kB
Transfer

10651 kB
Size

33
Cookies

66 HTTP transactions
3 data transactions