urlscan.io logo urlscan.io
SecurityTrails logo

home.mindspring.com Open in urlscan Pro
209.86.60.40  Public Scan

Go To Rescan Add Verdict Report
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Submission: On November 07 via api from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 209.86.60.40, located in United States and belongs to WINDSTREAM - Windstream Communications LLC, US. The main domain is home.mindspring.com.
This is the only time home.mindspring.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 209.86.60.40 7029 (WINDSTREAM)
3 18 2620:12a:8000::2 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 2620:12a:8001::2 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
26 7
1    209.86.60.40 (United States)

ASN7029 (WINDSTREAM - Windstream Communications LLC, US)
PTR: www.mindspring.com
home.mindspring.com
18    2620:12a:8000::2 (United States)

ASN54113 (FASTLY - Fastly, US)
www.earthlink.net
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ajax.googleapis.com
6    2620:12a:8001::2 (United States)

ASN54113 (FASTLY - Fastly, US)
www.earthlink.net
2    2a00:1450:4001:814::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:814::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
24 www.earthlink.net 4 redirects home.mindspring.com
2 fonts.googleapis.com home.mindspring.com
1 www.facebook.com home.mindspring.com
1 fonts.gstatic.com home.mindspring.com
1 ajax.googleapis.com home.mindspring.com
1 home.mindspring.com
26 6
Subject Issuer Validity Valid
5769457217568768-fe2.pantheonsite.io
Let's Encrypt Authority X3		 2018-10-13 -
2019-01-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh

This page contains 2 frames:

Primary Page: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Frame ID: 2491C86A82287881467EA824E80B9F21
Requests: 25 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40
Frame ID: 2DD5A4E3DEE7F9A7ACA9DD410AF000EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

26
Requests

15 %
HTTPS

86 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

177 kB
Transfer

241 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://www.earthlink.net/img/www/nav/dropdown/nav-background.png HTTP 301
  • https://www.earthlink.net/img/www/nav/dropdown/nav-background.png
Request Chain 20
  • http://www.earthlink.net/img/www/membercenter/socialmedia/twitter-logo_24x24.gif HTTP 301
  • https://www.earthlink.net/img/www/membercenter/socialmedia/twitter-logo_24x24.gif
Request Chain 21
  • http://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png HTTP 301
  • https://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png HTTP 301
  • https://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png/
Request Chain 24
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40 HTTP 307
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request UPS_Trk_1Z6A7Y850392419911.exe
home.mindspring.com/~marvinlzinn1/ 		13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
209.86.60.40 , United States, ASN7029 (WINDSTREAM - Windstream Communications LLC, US),
Reverse DNS
www.mindspring.com
Software
Apache /
Resource Hash
6d868ffb56c8f8707e01f8e93429f2bf629bb46ccfc6a95f39bba10382b4e6f3

Request headers

Host
home.mindspring.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Server
Apache
Last-Modified
Fri, 20 Sep 2013 00:51:30 GMT
ETag
"b885b7-3420-523b9c12"
Accept-Ranges
bytes
Content-Length
13344
Connection
close
Content-Type
text/html
www.css
www.earthlink.net/css/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/css/www.css
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
827af4efab5f07c12f04037d7cd2392b9994cdb536d278299b53b0aef8db6559

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-qrtn8
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
7756
X-Served-By
cache-mdw17321-MDW, cache-ams4421-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.684456,VS0,VE1
Etag
W/"5bdb3157-75c4"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-e9564d68cc5ccb4a57c79b0ea2784e26
X-Cache-Hits
1, 1
www_popup.css
www.earthlink.net/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/css/www_popup.css
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
aeea19a60209479867c61588793f97c48639ada45f0341a023ac8ce7c368ddc1

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-jmglv
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1228
X-Served-By
cache-mdw17360-MDW, cache-ams4133-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.685792,VS0,VE1
Etag
W/"5bdb3157-edf"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-40d519a37943cffde9697c2e9bc20bbb
X-Cache-Hits
2, 1
dropdown.css
www.earthlink.net/css/ 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/css/dropdown.css
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
764eb2b0990b41d9426a859d60cd22966eda19e92abe470ea74ef3d9ce17fc38

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-qrtn8
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3878
X-Served-By
cache-mdw17320-MDW, cache-ams4426-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.688443,VS0,VE0
Etag
W/"5bdb3157-31e8"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-ca9a6a8e362cb66ad190fb2d060826a3
X-Cache-Hits
1, 2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.0/ 		81 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/2.0.0/jquery.min.js
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 11:32:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 20 Dec 2016 18:17:03 GMT
Server
sffe
Age
30296
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
29195
X-XSS-Protection
1; mode=block
Expires
Thu, 07 Nov 2019 11:32:48 GMT
modernizr.js
www.earthlink.net/js/ 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/js/modernizr.js
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
1a20641db47cae32367bad29056ed463b84d09dd023e32ab856c3ea1d9508ba1

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-sxj8c
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
4053
X-Served-By
cache-mdw17357-MDW, cache-ams4432-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.686346,VS0,VE4
Etag
W/"5bdb3157-23d9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-bfc852e75dbfe93e4523f7bc3894f58a
X-Cache-Hits
1, 1
nav.js
www.earthlink.net/js/ 		953 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/js/nav.js
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
67c9018209368593a723e5f62be8dad3c3179e1f745da24d12a678db164b5049

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-l84gt
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
443
X-Served-By
cache-mdw17353-MDW, cache-ams4431-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.685926,VS0,VE1
Etag
W/"5bdb3157-3b9"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-41535ea6e466561026a2ccd7786b904a
X-Cache-Hits
3, 1
core.css
www.earthlink.net/css/ 		10 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/css/core.css
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c1a6837184bcc101cb1e13a0bc61f35eaa4262fd74fecd33fdf9832291d21dfb

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-jmglv
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3488
X-Served-By
cache-mdw17347-MDW, cache-ams4426-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.702678,VS0,VE0
Etag
W/"5bdb3157-2779"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-dabe0c42b5b72b09a2b16fcc9debad59
X-Cache-Hits
1, 2
core_img.css
www.earthlink.net/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/css/core_img.css
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
03c41589b5bfe44f37e6bcd5d8b0684ab4c787ac996c96b4ae680ea816d0ec66

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-g7x5k
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1474
X-Served-By
cache-mdw17351-MDW, cache-ams4133-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.699720,VS0,VE0
Etag
W/"5bdb3157-143f"
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-8d37c6fcdf963c453d69b9176963d273
X-Cache-Hits
1, 2
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Hind:400,600,700
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
77b4d407560b2fcab6287df73546dc0becaa5645dfa7982647c8173062964b05
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 19:57:44 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Wed, 07 Nov 2018 19:57:44 GMT
css
fonts.googleapis.com/ 		2 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Montserrat:400,%20700
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bfe4129402ffa80121f0dc8b0b4c31d1cec160b5895704597a745a2f7d69f38e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 19:57:44 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Wed, 07 Nov 2018 19:57:44 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2a00:1450:4001:814::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Montserrat:400,%20700
Origin
http://home.mindspring.com

Response headers

Date
Thu, 01 Nov 2018 23:52:37 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Nov 2017 15:24:13 GMT
Server
sffe
Age
504307
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
13248
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Nov 2019 23:52:37 GMT
montserrat-regular-webfont.woff
www.earthlink.net/css/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/css/fonts/montserrat-regular-webfont.woff
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
c43fd78aded5ac39c427f9b4e47bf038406f9f9e7ed1efdd1323ad2ce934a012

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.earthlink.net/css/core.css
Origin
http://home.mindspring.com

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-qrtn8
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
24696
X-Served-By
cache-mdw17320-MDW, cache-ams4126-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.757301,VS0,VE1
Etag
"5bdb3157-6078"
Content-Type
font/woff
Access-Control-Allow-Origin
*
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-f3bca85ac929fc6eb8c417edcc667f7f
X-Cache-Hits
2, 1
earthlink_logo.gif
www.earthlink.net/img/com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/com/earthlink_logo.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
202fe80d65b20c4fb2d41fc35a273d5c15b4ca291791bc8fa5d55bf763812109

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528949
X-Cache
HIT, HIT
X-Cache-Hits
1, 2
Connection
keep-alive
Content-Length
4419
X-Served-By
cache-mdw17326-MDW, cache-ams4426-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.779581,VS0,VE0
Etag
"5bdb3157-1143"
Content-Type
image/gif
X-Styx-Req-Id
styx-cf272662bf94a7751c38a9be0ada94ae
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-qrtn8
websearch_google.gif
www.earthlink.net/img/com/search/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/com/search/websearch_google.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
e2fe611a54f4dbe60814490d0aa134a53a6070f53afd3a3c211e7f710e6f07bf

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528949
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
2379
X-Served-By
cache-mdw17374-MDW, cache-ams4133-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.777241,VS0,VE1
Etag
"5bdb3157-94b"
Content-Type
image/gif
X-Styx-Req-Id
styx-985d3821c2caff429f053d55469ba27e
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-sxj8c
websearch_btn.gif
www.earthlink.net/img/com/search/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/com/search/websearch_btn.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
a9252b2ed9794a642a568021ab3cb7e3372a4754b1515ca04bf255f8d29bc057

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528948
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
1477
X-Served-By
cache-mdw17342-MDW, cache-ams4432-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.777505,VS0,VE1
Etag
"5bdb3157-5c5"
Content-Type
image/gif
X-Styx-Req-Id
styx-e95400c1ce560f5a03c8f25875e67a9b
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-sxj8c
websearch_box_btm.gif
www.earthlink.net/img/com/search/ 		206 B
792 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/com/search/websearch_box_btm.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
950f98a41c1b5f7e51590ffef1c843a98c56e7fbfd1de4de5501ce55969beca1

Request headers

Referer
http://www.earthlink.net/css/www.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528948
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
206
X-Served-By
cache-mdw17364-MDW, cache-ams4431-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.780438,VS0,VE1
Etag
"5bdb3157-ce"
Content-Type
image/gif
X-Styx-Req-Id
styx-3470aa134a4b63385568b2a597d079c7
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-n86dm
websearch_box_top.gif
www.earthlink.net/img/com/search/ 		209 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/com/search/websearch_box_top.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
1ad08587b2efa6d84af74bc5835de0651a84390af9d7eefc313506ebc39151f3

Request headers

Referer
http://www.earthlink.net/css/www.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528947
X-Cache
HIT, HIT
X-Cache-Hits
2, 1
Connection
keep-alive
Content-Length
209
X-Served-By
cache-mdw17333-MDW, cache-ams4421-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.780949,VS0,VE1
Etag
"5bdb3157-d1"
Content-Type
image/gif
X-Styx-Req-Id
styx-e1f7f737ed03f6e200d409044741e718
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-l84gt
nav-background.png
www.earthlink.net/img/www/nav/dropdown/
Redirect Chain
  • http://www.earthlink.net/img/www/nav/dropdown/nav-background.png
  • https://www.earthlink.net/img/www/nav/dropdown/nav-background.png
0
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.earthlink.net/img/www/nav/dropdown/nav-background.png
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.earthlink.net/css/www.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
cache-control
public, max-age=600
expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
10399
X-Cache
HIT, HIT
X-Cache-Hits
2, 1
Connection
keep-alive
Content-Length
0
X-Served-By
cache-mdw17354-MDW, cache-ams4426-AMS
Server
nginx
X-Timer
S1541620665.791886,VS0,VE1
Vary
Cookie, Cookie
Content-Type
text/html; charset=UTF-8
Location
https://www.earthlink.net/img/www/nav/dropdown/nav-background.png
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-08235b24905c50dc46a37dd707e38e57
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-l84gt
searchbox.gif
www.earthlink.net/img/www/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/www/searchbox.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8001::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f29c2e4ee70061e563876d7200d0bef07ed3cf0147dd4c3b106dbf0276924687

Request headers

Referer
http://www.earthlink.net/css/dropdown.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528948
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
3823
X-Served-By
cache-mdw17323-MDW, cache-ams4432-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.790822,VS0,VE1
Etag
"5bdb3157-eef"
Content-Type
image/gif
X-Styx-Req-Id
styx-f6374e65d31660e772e42f90149f3f88
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-sxj8c
search-icon.gif
www.earthlink.net/img/www/ 		569 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.earthlink.net/img/www/search-icon.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
d42361a21a437019c988811fe09adf0ecc3387c11249e7fffdf2a32b3f1eac62

Request headers

Referer
http://www.earthlink.net/css/dropdown.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
528948
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
569
X-Served-By
cache-mdw17320-MDW, cache-ams4133-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.790543,VS0,VE1
Etag
"5bdb3157-239"
Content-Type
image/gif
X-Styx-Req-Id
styx-9800cce6bb95113de53e29f89e9cd8a4
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-jmglv
twitter-logo_24x24.gif
www.earthlink.net/img/www/membercenter/socialmedia/
Redirect Chain
  • http://www.earthlink.net/img/www/membercenter/socialmedia/twitter-logo_24x24.gif
  • https://www.earthlink.net/img/www/membercenter/socialmedia/twitter-logo_24x24.gif
0
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.earthlink.net/img/www/membercenter/socialmedia/twitter-logo_24x24.gif
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
cache-control
public, max-age=600
expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Via
1.1 varnish, 1.1 varnish
Age
36070
X-Cache
HIT, HIT
X-Cache-Hits
1, 1
Connection
keep-alive
Content-Length
0
X-Served-By
cache-mdw17334-MDW, cache-ams4432-AMS
Server
nginx
X-Timer
S1541620665.882953,VS0,VE3
Vary
Cookie, Cookie
Content-Type
text/html; charset=UTF-8
Location
https://www.earthlink.net/img/www/membercenter/socialmedia/twitter-logo_24x24.gif
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-26eb04d87a52b67cc6847cbb1efd3da7
X-Pantheon-Styx-Hostname
styx-fe2-57c4c8447-qrtn8
/
www.earthlink.net/img/www/home/resbiz/footer_box_bg.png/
Redirect Chain
  • http://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png
  • https://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png
  • https://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png/
0
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png/
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.earthlink.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control
public, max-age=600
content-type
text/html; charset=UTF-8

Redirect headers

date
Wed, 07 Nov 2018 19:57:44 GMT
via
1.1 varnish, 1.1 varnish
age
1469
x-cache
HIT, HIT
status
301
x-cache-hits
1, 1
content-length
0
x-served-by
cache-mdw17324-MDW, cache-ams4445-AMS
server
nginx
x-timer
S1541620665.895978,VS0,VE1
vary
Cookie, Cookie
content-type
text/html; charset=UTF-8
location
https://www.earthlink.net/img/www/home/resbiz/footer_box_bg.png/
expires
Wed, 07 Nov 2018 20:33:15 GMT
cache-control
max-age=3600
accept-ranges
bytes
x-styx-req-id
styx-ee2a5f10cc01fe99c8fb1198cc264a99
x-pantheon-styx-hostname
styx-fe2-a-8c77c85f9-l84gt
common.js
www.earthlink.net/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/js/common.js
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
90ca465e7aec3c9e01e857135250df172f359c08e3c4394b6311d872381397af

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-l84gt
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
6099
X-Served-By
cache-mdw17348-MDW, cache-ams4426-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.888307,VS0,VE1
Etag
W/"5bdb3157-43bc"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-2cdc82e20fe9dd97afabc0afb6fdc853
X-Cache-Hits
1, 1
www.js
www.earthlink.net/js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.earthlink.net/js/www.js
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
HTTP/1.1
Server
2620:12a:8000::2 , United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
d3d6c5aca6e0012eb6a815a88716378c689a86e4b69b477c5bf97e124e2a8cc0

Request headers

Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 07 Nov 2018 19:57:44 GMT
Content-Encoding
gzip
Age
528948
X-Pantheon-Styx-Hostname
styx-fe2-a-8c77c85f9-l84gt
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1995
X-Served-By
cache-mdw17347-MDW, cache-ams4421-AMS
Last-Modified
Thu, 01 Nov 2018 17:01:11 GMT
Server
nginx
X-Timer
S1541620665.885011,VS0,VE0
Etag
W/"5bdb3157-13dd"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Sat, 02 Nov 2019 17:01:56 GMT
Cache-Control
max-age=31622400
Accept-Ranges
bytes
X-Styx-Req-Id
styx-040188c074784847a72f3fac45630613
X-Cache-Hits
1, 2
like.php
www.facebook.com/plugins/ Frame 2DD5
Redirect Chain
  • http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40
  • https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40
Requested by
Host: home.mindspring.com
URL: http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://home.mindspring.com/~marvinlzinn1/UPS_Trk_1Z6A7Y850392419911.exe

Response headers

status
200
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
content-encoding
gzip
cache-control
private, no-cache, no-store, must-revalidate
vary
Accept-Encoding
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma
no-cache
x-xss-protection
0
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
content-type
text/html; charset="utf-8"
x-fb-debug
hdJZ2WiYcbp2gkugwhBacnQrgz5Ig7PIbfo+5nGx6cSGX2Y1R9mvtvM1gDod2IyK92EfXDj9aMnYqFmNxzYDoQ==
date
Wed, 07 Nov 2018 19:57:44 GMT

Redirect headers

Location
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fearthlink&layout=standard&show_faces=false&width=350&action=like&font&colorscheme=light&height=40
Non-Authoritative-Reason
HSTS

Verdicts & Comments Add Verdict or Comment

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Modernizr object| clientDate object| d function| alertCoord function| showHide function| showDiv function| hideDiv function| hideShowDiv function| showSub function| hideSub boolean| isNN function| autoTab function| comp_ah function| comp_ag function| focus_comp_ab_wizard function| applyTextFieldStyle function| wOpener function| printThis function| printSelf function| printIframe function| printDiv function| jumpto function| tabRedirect function| isDefined function| isNull function| setURL function| getURLParam function| addImsEmail function| setLinkId function| hideIPop function| iPop function| findPosX function| findPosY function| getWindowSize function| hideSelectBox function| showSelectBox function| addEvent function| removeEvent function| numbersonly function| chkObject function| find_field function| prequal_load function| CreateBookmarkLink function| no_phone_number function| checkNumber function| numberCheck function| isEmail function| toggleDisplay function| clearFormField function| MM_swapImgRestore function| MM_preloadImages function| MM_findObj function| MM_swapImage boolean| hToggleOk object| hChoices number| hToggleWhich string| homeImagePath string| navlock string| prv_navlock function| www_goToLandingPage function| www_changeNav function| www_changeNav2 function| www_restoreNav function| www_marqueeCounter function| www_marqueeSwitch function| www_marqueeStop function| www_marqueeStart function| toggleLyr function| togglePhone number| onload_num function| onload0

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
home.mindspring.com
www.earthlink.net
www.facebook.com
209.86.60.40
2620:12a:8000::2
2620:12a:8001::2
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
2a00:1450:4001:821::200a
2a03:2880:f11c:8083:face:b00c:0:25de
03c41589b5bfe44f37e6bcd5d8b0684ab4c787ac996c96b4ae680ea816d0ec66
1a20641db47cae32367bad29056ed463b84d09dd023e32ab856c3ea1d9508ba1
1ad08587b2efa6d84af74bc5835de0651a84390af9d7eefc313506ebc39151f3
202fe80d65b20c4fb2d41fc35a273d5c15b4ca291791bc8fa5d55bf763812109
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
67c9018209368593a723e5f62be8dad3c3179e1f745da24d12a678db164b5049
6d868ffb56c8f8707e01f8e93429f2bf629bb46ccfc6a95f39bba10382b4e6f3
764eb2b0990b41d9426a859d60cd22966eda19e92abe470ea74ef3d9ce17fc38
77b4d407560b2fcab6287df73546dc0becaa5645dfa7982647c8173062964b05
827af4efab5f07c12f04037d7cd2392b9994cdb536d278299b53b0aef8db6559
90ca465e7aec3c9e01e857135250df172f359c08e3c4394b6311d872381397af
950f98a41c1b5f7e51590ffef1c843a98c56e7fbfd1de4de5501ce55969beca1
a9252b2ed9794a642a568021ab3cb7e3372a4754b1515ca04bf255f8d29bc057
aeea19a60209479867c61588793f97c48639ada45f0341a023ac8ce7c368ddc1
bfe4129402ffa80121f0dc8b0b4c31d1cec160b5895704597a745a2f7d69f38e
c1a6837184bcc101cb1e13a0bc61f35eaa4262fd74fecd33fdf9832291d21dfb
c43fd78aded5ac39c427f9b4e47bf038406f9f9e7ed1efdd1323ad2ce934a012
d3d6c5aca6e0012eb6a815a88716378c689a86e4b69b477c5bf97e124e2a8cc0
d42361a21a437019c988811fe09adf0ecc3387c11249e7fffdf2a32b3f1eac62
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
e2fe611a54f4dbe60814490d0aa134a53a6070f53afd3a3c211e7f710e6f07bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f29c2e4ee70061e563876d7200d0bef07ed3cf0147dd4c3b106dbf0276924687