urlscan.io logo urlscan.io
SecurityTrails logo

webmail1.earthlink.net Open in urlscan Pro
2606:4700:4400::ac40:93a2  Public Scan

Go To Rescan Add Verdict Report
URL: https://webmail1.earthlink.net/newaddme
Submission: On April 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 18 domains to perform 39 HTTP transactions. The main IP is 2606:4700:4400::ac40:93a2, located in United States and belongs to CLOUDFLARENET, US. The main domain is webmail1.earthlink.net. The Cisco Umbrella rank of the primary domain is 105316.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 29th 2023. Valid for: a year.
This is the only time webmail1.earthlink.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    2606:4700:4400::ac40:93a2 (United States)

ASN13335 (CLOUDFLARENET, US)
webmail1.earthlink.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
2    18.210.239.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-239-202.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    143.204.89.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-24.fra50.r.cloudfront.net
ats.rlcdn.com
1    104.77.32.87 (Glattbrugg, Switzerland)

ASN16625 (AKAMAI-AS, US)
PTR: a104-77-32-87.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    52.31.6.231 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-6-231.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
lb.eu-1-id5-sync.com
1    13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net
geo.privacymanager.io
3    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
a.ad.gt
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
10 earthlink.net
webmail1.earthlink.net — Cisco Umbrella Rank: 105316
2 MB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
152 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 4186
a.ad.gt — Cisco Umbrella Rank: 4166
4 KB
3 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
62 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 16
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
20 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
18 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
12 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
453 B
1 gstatic.com
www.gstatic.com
165 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 3425
455 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2374
610 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
409 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 3273
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1680
17 KB
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2476
35 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
89 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
6 KB
39 18
Domain Requested by
10 webmail1.earthlink.net webmail1.earthlink.net
3 c.amazon-adsystem.com webmail1.earthlink.net
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net webmail1.earthlink.net
securepubads.g.doubleclick.net
2 www.google.com webmail1.earthlink.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 id.hadron.ad.gt cdn.hadronid.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
1 www.gstatic.com www.google.com
1 www.google.de webmail1.earthlink.net
1 a.ad.gt cdn.hadronid.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 id5-sync.com cdn.id5-sync.com
1 geo.privacymanager.io ats.rlcdn.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.id5-sync.com webmail1.earthlink.net
1 cdn.hadronid.net webmail1.earthlink.net
1 tags.crwdcntrl.net webmail1.earthlink.net
1 secure.cdn.fastclick.net webmail1.earthlink.net
1 ats.rlcdn.com webmail1.earthlink.net
1 www.googletagmanager.com webmail1.earthlink.net
1 cdnjs.cloudflare.com webmail1.earthlink.net
39 22

This site contains links to these domains. Also see Links.

Domain
help.earthlink.net
Subject Issuer Validity Valid
webmail1.earthlink.net
Cloudflare Inc ECC CA-3		 2023-03-29 -
2024-03-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2023-04-11 -
2023-07-10		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.privacymanager.io
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-24		 7 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://webmail1.earthlink.net/newaddme
Frame ID: AF3BBDD457B96508AB9A040302C8A51E
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EarthLink Mail

Detected technologies

Overall confidence: 100%
Detected patterns
  • /tiny_?mce(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

39
Requests

100 %
HTTPS

57 %
IPv6

18
Domains

22
Subdomains

22
IPs

5
Countries

2268 kB
Transfer

9079 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request newaddme
webmail1.earthlink.net/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc53ab1f4d86607ac739ad0a0f8e4bd839b7690185d90aa9fb8c97acea8afd9
Security Headers
Name Value
X-Frame-Options Deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=3024000,no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ba570948eb09030-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 19 Apr 2023 13:19:32 GMT
expires
Wed, 24 May 2023 13:19:32 GMT
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
vary
Accept-Encoding
x-envoy-upstream-service-time
3
x-frame-options
Deny
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
158924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTkBF%2BNsVunTRsNl52LXCW50hqcZ1Msz%2B4jWtyoYONRV3oyqgVaOQFtU2Ufb98KwTG03i3%2FNxrAO%2BXFckNuW6qHbWggJQywd6tXF%2BUpRpkbS0viSOvRZamohF2c0n3bYI7Bdw5Ow2vJxajvhHR1TwdaI"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ba570956c5e373f-FRA
expires
Mon, 08 Apr 2024 13:19:32 GMT
appconfig.js
webmail1.earthlink.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/appconfig.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3ae530d5cbe7ce0566148c4c7a9ffdc98e8e0cbf2d6bc11cf92d09c60d090c
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 22:03:51 GMT
server
cloudflare
etag
W/"642758c7-967"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=3024000,no-store, no-cache, must-revalidate
x-envoy-upstream-service-time
3
cf-ray
7ba570954fa29030-FRA
expires
Wed, 24 May 2023 13:19:32 GMT
gtm.js
www.googletagmanager.com/ 		263 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0789e45edaea7442092efca7b359123e096b0af7d37ca8c1e4dfad25738245a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91106
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 19 Apr 2023 13:19:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
213a1d319f4389576bb7e43562792a7d52ff3e66ad03eb3768e656cd50021287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25399
x-xss-protection
0
server
cafe
etag
503 / 19466 / 31073954 / config-hash: 16547817100036120036
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 19 Apr 2023 13:19:33 GMT
tinymce.min.js
webmail1.earthlink.net/tinymce/5.10.1/ 		382 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/tinymce/5.10.1/tinymce.min.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a3087fcc6e64ed4f95bf17bb66a95367ab66caeeb698f11233265af9280898
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:52:18 GMT
server
cloudflare
etag
W/"6426f3a2-5f9e0"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
7
cf-ray
7ba570954fa39030-FRA
expires
Thu, 18 Apr 2024 13:19:32 GMT
main.f40cdfad.chunk.css
webmail1.earthlink.net/static/css/ 		3 MB
285 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/css/main.f40cdfad.chunk.css
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4081d9bcbac59e928b089df56235173ca5ce75cf4636400a3dbe94be2de3ece
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:32 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
W/"6426f42b-2e1e8b"
vary
Accept-Encoding
x-frame-options
Deny
content-type
text/css
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
14
cf-ray
7ba570954f9e9030-FRA
expires
Thu, 18 Apr 2024 13:19:32 GMT
2.06474d9c.chunk.js
webmail1.earthlink.net/static/js/ 		3 MB
957 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/js/2.06474d9c.chunk.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37202aea8b68e35f7d397068886c4ba829415e27ce6588b48a490fdb5871a9d3
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
W/"6426f42b-30e17b"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
9
cf-ray
7ba570954fa59030-FRA
expires
Thu, 18 Apr 2024 13:19:32 GMT
main.9bbaa848.chunk.js
webmail1.earthlink.net/static/js/ 		739 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/js/main.9bbaa848.chunk.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57ee7766ff054a5fd4d44683d141cbb891e82e9a56f623bfefeeacc07cf3a2e
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
W/"6426f42b-b8baf"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
8
cf-ray
7ba570954fa69030-FRA
expires
Thu, 18 Apr 2024 13:19:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		225 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:51:03 GMT
content-encoding
gzip
via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront), 1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
last-modified
Thu, 13 Apr 2023 17:39:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1711
x-amz-server-side-encryption
AES256
etag
W/"803fd851ae539b54f8d1b774934dcb91"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
LeThe6tA4jpYStiOcRWWUw52-mtOYWrhVW-kT90FzbIPkXkZTYjEuA==
config
c.amazon-adsystem.com/cdn/prod/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwebmail1.earthlink.net&pubid=f1370e72-d76e-48d2-af88-e7bd5a89f19e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
1af3daf274b8917e6c0876343966972f64d051414b0c7c4b95670767039e8a00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 09:39:10 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
13222
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://webmail1.earthlink.net
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3444
x-amz-cf-id
yzg_BGdqsbWEKdqzx0NtzX9wBI1qJYWQdMgUwXKJPWisbJxZhB4d9g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding
gzip
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
date
Wed, 19 Apr 2023 05:44:38 GMT
x-amz-cf-pop
FRA2-C1
age
27295
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 13 Apr 2023 22:29:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TmDZgKOVUVujet9t6yHfXQX6zKYRNOr6OVpUvFD91jn1pnFnRb80Eg==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.239.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-239-202.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://webmail1.earthlink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 19 Apr 2023 13:19:33 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ats.js
ats.rlcdn.com/ 		109 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 11:02:51 GMT
x-amz-version-id
FdZQKnEndO3mqmnRp7XQ3uMfeJERmMlw
content-encoding
br
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
8202
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:96f94076-69de-4a4b-8bd0-6fb739c06860
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
e16bd58aa55fcc98af3b10870aad5974
last-modified
Thu, 19 Jan 2023 10:03:36 GMT
server
AmazonS3
etag
W/"0820c3a8da5dbe428619a7328c53b95f"
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
3efbae2e7f7f574316dfc685479946d213531c0b483ab4a61e653a0088f0cae8
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-id
EhDrPmA7C_NFNPQKkM8v8VzqdS7cRAS4R4o5B55VFXjXU8F4lH8FfA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.77.32.87 Glattbrugg, Switzerland, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-77-32-87.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Wed, 19 Apr 2023 13:34:33 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:19:30 GMT
content-encoding
gzip
via
1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified
Wed, 22 Mar 2023 22:36:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
3604
x-amz-server-side-encryption
AES256
etag
W/"4c91450a102f312a8d75826eeee52ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
32Fe93hLYUnsgpTIHhOb_jtijlG99uSERjoIg6oZIhF5mFmtCle5Ug==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ref=&_it=amazon&partner_id=486
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 18 Nov 2022 10:57:44 GMT
server
cloudflare
x-amz-request-id
TC75RB0KRRP8NTXT
age
5321
etag
W/"2280e2148e4ee3c06f679f8fac039778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7ba57098a9bbbb55-FRA
x-amz-id-2
tLisjgGnjFNgXFmNzCleIC1ScWAkgar/yal8BV1iI+YAX2kT+5EHWz67/yHvAUJpLxxzRZ7ivV0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
E6MT7PBY6EQKW5AR
age
2304
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ba570988d886907-FRA
x-amz-id-2
u1WrkdVVFEoTU6YrngHfFr6RftQN5a9M9DWspimxQwoXV19NUExvqPZUarqq+rvOUt0FQM2HyI0=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.239.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-210-239-202.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 19 Apr 2023 13:19:33 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
map
bcp.crwdcntrl.net/6/ 		60 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.6.231 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-6-231.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
48b1706d1b3db1d8c3782f2df4d34774342bd386b31c21fe9a2d3fe360a6eeda

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 13:19:33 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://webmail1.earthlink.net
cache-control
no-cache
x-server
10.45.28.74
access-control-allow-credentials
true
content-length
60
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a63f6ee7811c95c619d7c10da51d3cfcfd5cf3ae067428df7f49f63ea3e3c99e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://webmail1.earthlink.net
date
Wed, 19 Apr 2023 13:19:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
geo.privacymanager.io/ 		30 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-59.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 18 Apr 2023 19:40:38 GMT
via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront), 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, FRA60-P3
age
63535
x-amzn-requestid
2102d98b-101a-4b87-8097-9867b1ead3aa
x-amzn-trace-id
Root=1-643ef236-3f0d33ad060df5057358eb77;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
DlrIgHuNDoEFlgw=
content-length
30
x-amz-cf-id
ix82uZJM8s5Qj7yYggWMhcSSTNmqE4NEIHQ27uvQLlCulCLYwQhunA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
hadron.json
id.hadron.ad.gt/v1/ 		98 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=486&sync=0&domain=webmail1.earthlink.net&url=https://webmail1.earthlink.net/newaddme
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ref=&_it=amazon&partner_id=486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4db41abeedc03e7efbbe464a8d4c5324b49cb43de1ccbd9d62957da8e5d8a29e

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7ba5709a9aa6915f-FRA
hadron.json
id.hadron.ad.gt/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=486&sync=0&domain=webmail1.earthlink.net&url=https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://webmail1.earthlink.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7ba570995911915f-FRA
content-length
0
content-type
application/json
date
Wed, 19 Apr 2023 13:19:33 GMT
debug
OPTIONS block
expires
Thu, 18 Apr 2024 13:19:33 GMT
server
cloudflare
1347.json
id5-sync.com/g/v2/ 		216 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1347.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
9a32b71cc8000ec76f2613f5e26c1302cf761d585faa263de751dbb69b30ff4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://webmail1.earthlink.net
date
Wed, 19 Apr 2023 13:19:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/735757482/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/735757482/?random=1681910373757&cv=11&fst=1681910373757&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&label=6BQDCPqhlqIBEKqJ694C&hn=www.googleadservices.com&frm=0&tiba=EarthLink%20Mail&auid=693531560.1681910374&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9aa0eb9daa55c5e97fdfa3b59f64eba85e883dc273f6bcb12740caa521eefc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TVQ6RM9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Apr 2023 12:35:43 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2630
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 19 Apr 2023 14:35:43 GMT
486
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/486?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ref=&_it=amazon&partner_id=486
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1596e3247c019646f95140e37cd51fd965d8c14183d16a03a3ecd317c89c3433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:34 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Wed, 19 Apr 2023 12:23:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7ba5709c5b513804-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/ 		400 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304170101/pubads_impl.js?cb=31073954
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 12:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
4124
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126857
x-xss-protection
0
server
cafe
etag
11988808581808118609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 18 Apr 2024 12:10:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		121 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=webmail1.earthlink.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ec7c2a0a16c747297caecd7939aa82fdad12ba8f7274d069c7a3f4b981cf2b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90
x-xss-protection
0
expires
Wed, 19 Apr 2023 13:19:33 GMT
5.5f2260dc.chunk.js
webmail1.earthlink.net/static/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://webmail1.earthlink.net/static/js/5.5f2260dc.chunk.js
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd80ff3a574257bb42a9902894fb7db8482fcb606871cb43eab0e8011a94b2bc
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
W/"6426f42b-28cf"
vary
Accept-Encoding
x-frame-options
Deny
content-type
application/javascript
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
4
cf-ray
7ba5709c58359030-FRA
expires
Thu, 18 Apr 2024 13:19:33 GMT
Spinner.3f259006.gif
webmail1.earthlink.net/static/media/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail1.earthlink.net/static/media/Spinner.3f259006.gif
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:33 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
"6426f42b-b15c"
x-frame-options
Deny
content-type
image/gif
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
accept-ranges
bytes
cf-ray
7ba5709c68439030-FRA
content-length
45404
expires
Thu, 18 Apr 2024 13:19:33 GMT
collect
www.google-analytics.com/j/ 		3 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=856261637&t=pageview&_s=1&dl=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&ul=en-us&de=UTF-8&dt=EarthLink%20Mail&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1117747134&gjid=293049282&cid=360209868.1681910374&tid=UA-2513835-10&_gid=604611612.1681910374&_r=1&_slc=1&gtm=45He34c0n81TVQ6RM9&cd1=0&cd19=360209868.1681910374&z=1496781735
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://webmail1.earthlink.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 13:19:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://webmail1.earthlink.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/735757482/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/735757482/?random=1681910373757&cv=11&fst=1681909200000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&label=6BQDCPqhlqIBEKqJ694C&frm=0&tiba=EarthLink%20Mail&fmt=3&is_vtc=1&random=3405353235&rmt_tld=0&ipr=y
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 13:19:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/735757482/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/735757482/?random=1681910373757&cv=11&fst=1681909200000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwebmail1.earthlink.net%2Fnewaddme&label=6BQDCPqhlqIBEKqJ694C&frm=0&tiba=EarthLink%20Mail&fmt=3&is_vtc=1&random=3405353235&rmt_tld=1&ipr=y
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 19 Apr 2023 13:19:34 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api.js
www.google.com/recaptcha/ 		909 B
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/static/js/2.06474d9c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f4d4b6e934a491567bc877d21eadcbf25edfab796de336499db004bf91facda
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
579
x-xss-protection
1; mode=block
expires
Wed, 19 Apr 2023 13:19:34 GMT
earthlink-spamblocker-header.e45b44a7.png
webmail1.earthlink.net/static/media/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail1.earthlink.net/static/media/earthlink-spamblocker-header.e45b44a7.png
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8666771f6c3766a00276f79eec73f9acec74be7e5d43a66eab4704d2f6901d79
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:34 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
"6426f42b-4678"
x-frame-options
Deny
content-type
image/png
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
2
accept-ranges
bytes
cf-ray
7ba5709d39319030-FRA
content-length
18040
expires
Thu, 18 Apr 2024 13:19:34 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7f1de81b6622b1776fecf9fc68373b2ece8b96ee8cb7619def0efe2f483e623

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
earthlink-spamblocker-footer.6bbce986.png
webmail1.earthlink.net/static/media/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://webmail1.earthlink.net/static/media/earthlink-spamblocker-footer.6bbce986.png
Requested by
Host: webmail1.earthlink.net
URL: https://webmail1.earthlink.net/newaddme
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aa5daa2d803df4b87e87c9fa50cf04d7428a37cd5796400b462e689364187f2
Security Headers
Name Value
X-Frame-Options Deny

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://webmail1.earthlink.net/newaddme
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 13:19:34 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 31 Mar 2023 14:54:35 GMT
server
cloudflare
etag
"6426f42b-276f"
x-frame-options
Deny
content-type
image/png
cache-control
max-age=31536000,public
x-envoy-upstream-service-time
3
accept-ranges
bytes
cf-ray
7ba5709d39329030-FRA
content-length
10095
expires
Thu, 18 Apr 2024 13:19:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/ 		409 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6MY32oPwFCn9SUKWt8czDsDw/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadcallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://webmail1.earthlink.net/
Origin
https://webmail1.earthlink.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 08:04:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168106
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 18:01:18 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 18 Apr 2024 08:04:40 GMT

Verdicts & Comments Add Verdict or Comment

149 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| AppConfig object| tinymce object| tinyMCE object| apstag boolean| apstagLOADED object| apscustom object| _aps object| lotame_sync_16576 function| ha function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_Q object| sync16576_ua object| sync16576_va function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_N function| sync16576_O function| sync16576_P function| sync16576_ma function| sync16576_R function| sync16576_na function| sync16576_oa function| sync16576_pa function| sync16576_S function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_ta function| sync16576_T function| sync16576_U function| sync16576_wa function| sync16576_V function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_xa function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_1 function| sync16576_Aa function| sync16576_ya function| sync16576_2 function| sync16576_za function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_6 function| sync16576_Ca function| sync16576_Da function| sync16576_Ba function| sync16576_8 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ea function| sync16576_9 function| sync16576_7 function| sync16576_Ha function| sync16576_Ia function| sync16576_Ja function| sync16576_Ka function| sync16576_$ function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| setImmediate function| clearImmediate object| ID5 object| ats object| hadron boolean| __halo_loaded__ object| google_tag_manager object| google_tag_data object| dataLayer object| webpackJsonpwebmail-earthlink object| PublisherCommonId object| regeneratorRuntime object| DD_LOGS function| saveAs function| _ object| GooglebQhCsO string| GoogleAnalyticsObject function| ga object| au object| googletag object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData undefined| google_measure_js_timing object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

8 Cookies

Domain/Path Name / Value
.earthlink.net/ Name: lotame_domain_check
Value: earthlink.net
webmail1.earthlink.net/ Name: _lr_geo_location
Value: DE
webmail1.earthlink.net/ Name: _dd_s
Value: logs=1&id=2bdf3e04-fc47-4153-a5c4-da5f2e536af5&created=1681910373745&expire=1681911273745
.earthlink.net/ Name: _gcl_au
Value: 1.1.693531560.1681910374
.earthlink.net/ Name: _ga
Value: GA1.2.360209868.1681910374
.earthlink.net/ Name: _gid
Value: GA1.2.604611612.1681910374
.earthlink.net/ Name: _gat_UA-2513835-10
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

1 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options Deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
ats.rlcdn.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cdn.hadronid.net
cdn.id5-sync.com
cdnjs.cloudflare.com
geo.privacymanager.io
googleads.g.doubleclick.net
id.hadron.ad.gt
id5-sync.com
lb.eu-1-id5-sync.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
tags.crwdcntrl.net
webmail1.earthlink.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.77.32.87
13.224.192.181
13.32.99.59
141.95.33.111
141.95.98.65
143.204.89.24
18.210.239.202
2606:4700:10::6816:3456
2606:4700:10::6816:545
2606:4700:10::ac43:246e
2606:4700:4400::ac40:93a2
2606:4700::6811:190e
2a00:1450:4001:801::2003
2a00:1450:4001:802::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2008
52.31.6.231
65.9.66.97
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0789e45edaea7442092efca7b359123e096b0af7d37ca8c1e4dfad25738245a0
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1596e3247c019646f95140e37cd51fd965d8c14183d16a03a3ecd317c89c3433
1aa5daa2d803df4b87e87c9fa50cf04d7428a37cd5796400b462e689364187f2
1af3daf274b8917e6c0876343966972f64d051414b0c7c4b95670767039e8a00
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
213a1d319f4389576bb7e43562792a7d52ff3e66ad03eb3768e656cd50021287
26840d8e6a3847df23553537b405e9badca0dff237b0854f15d04656dd57e40e
37202aea8b68e35f7d397068886c4ba829415e27ce6588b48a490fdb5871a9d3
3a3ae530d5cbe7ce0566148c4c7a9ffdc98e8e0cbf2d6bc11cf92d09c60d090c
432acd8192429c035f55370ab0501a7f58d69456a10b0a1bc213bd3efb6d2946
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
48b1706d1b3db1d8c3782f2df4d34774342bd386b31c21fe9a2d3fe360a6eeda
4db41abeedc03e7efbbe464a8d4c5324b49cb43de1ccbd9d62957da8e5d8a29e
4ec7c2a0a16c747297caecd7939aa82fdad12ba8f7274d069c7a3f4b981cf2b7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
669df991bc101ce8036b07e4431b837c3afcfaedd8e18356f1930bdd8235a6ab
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7dc53ab1f4d86607ac739ad0a0f8e4bd839b7690185d90aa9fb8c97acea8afd9
7ecace46d78f707e1f3ef7ff9fb10354a496ac9f707d9a7748a3eb2cdabc5518
8666771f6c3766a00276f79eec73f9acec74be7e5d43a66eab4704d2f6901d79
8f4d4b6e934a491567bc877d21eadcbf25edfab796de336499db004bf91facda
9a32b71cc8000ec76f2613f5e26c1302cf761d585faa263de751dbb69b30ff4e
9dd295f1b8047318855e74e81dbeb02d463452670f2997dd64764a6ad88f3884
a2a3087fcc6e64ed4f95bf17bb66a95367ab66caeeb698f11233265af9280898
a57ee7766ff054a5fd4d44683d141cbb891e82e9a56f623bfefeeacc07cf3a2e
a63f6ee7811c95c619d7c10da51d3cfcfd5cf3ae067428df7f49f63ea3e3c99e
b7f1de81b6622b1776fecf9fc68373b2ece8b96ee8cb7619def0efe2f483e623
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
c9aa0eb9daa55c5e97fdfa3b59f64eba85e883dc273f6bcb12740caa521eefc4
cd80ff3a574257bb42a9902894fb7db8482fcb606871cb43eab0e8011a94b2bc
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4081d9bcbac59e928b089df56235173ca5ce75cf4636400a3dbe94be2de3ece