urlscan.io logo urlscan.io
SecurityTrails logo

mail.phantasialand.info Open in urlscan Pro
194.42.96.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c7...
Submission: On November 04 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 18 HTTP transactions. The main IP is 194.42.96.24, located in Germany and belongs to AMAZON-02, US. The main domain is mail.phantasialand.info.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 6th 2022. Valid for: a year.
This is the only time mail.phantasialand.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 194.42.96.24 16509 (AMAZON-02)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
10 143.204.215.64 16509 (AMAZON-02)
1 52.213.100.35 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
18 5
1    194.42.96.24 (Germany)

ASN16509 (AMAZON-02, US)
PTR: ssl.cleverreach.com
mail.phantasialand.info
5    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
10    143.204.215.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-64.fra53.r.cloudfront.net
files.crsend.com
1    52.213.100.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-100-35.eu-west-1.compute.amazonaws.com
stats-eu2.crsend.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
Apex Domain
Subdomains		 Transfer
11 crsend.com
files.crsend.com — Cisco Umbrella Rank: 174709
stats-eu2.crsend.com — Cisco Umbrella Rank: 235476
1 MB
6 typekit.net
use.typekit.net — Cisco Umbrella Rank: 980
p.typekit.net — Cisco Umbrella Rank: 1212
103 KB
1 phantasialand.info
mail.phantasialand.info
6 KB
18 3
Domain Requested by
10 files.crsend.com mail.phantasialand.info
5 use.typekit.net mail.phantasialand.info
use.typekit.net
1 p.typekit.net use.typekit.net
1 stats-eu2.crsend.com mail.phantasialand.info
1 mail.phantasialand.info
18 5

This site contains no links.

Subject Issuer Validity Valid
mail.phantasialand.info
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-04-06		 a year crt.sh
use.typekit.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
files.crsend.com
Amazon		 2022-07-17 -
2023-08-15		 a year crt.sh
cleverreach.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Frame ID: E39EC20417BC80973849EBDB5ABA2B6B
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

💫 Nur noch bis Montag: Wintertraum ab 24 €

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

3
Domains

5
Subdomains

5
IPs

3
Countries

1617 kB
Transfer

1650 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
mail.phantasialand.info/m/13983406/ 		42 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
194.42.96.24 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ssl.cleverreach.com
Software
openresty /
Resource Hash
2b3469e7dbdb1c8522f90496c57f354126bdaf5e6d6fd57b7cb44d354a6f408b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5276
Content-Type
text/html; charset=UTF-8
Date
Fri, 04 Nov 2022 17:47:43 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
openresty
Vary
Accept-Encoding
X-CR-I
www-eu2-i-02c39edfc3c9ba741 D=135125 t=1667584063115019
aqu2hum.css
use.typekit.net/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/aqu2hum.css
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3dba8a63f6325c055349b8eae8c81e1b7ccd396beaaa6a4776f400e1d7c12599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Fri, 04 Nov 2022 17:47:43 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
797
logo-3.png
files.crsend.com/284000/284220/images/Template/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/Template/logo-3.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7a08543443c6494d0cfd4e952e898e7bdc778fdff04c5d7cee91624254c5c23

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:53:35 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Mon, 22 Mar 2021 14:00:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"5c204e92d8155de32a3a4a75f6ab47af"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
14384
x-amz-cf-id
WT_g7ObNNTfRWItDk5OS5i8arLmoJokLz_oonycdhnS_h5lGsuHmdw==
hd-wintertraum-aktion-nov.png
files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/ 		528 KB
529 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/hd-wintertraum-aktion-nov.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
277f48d1d348843d56f7ab74bb8e387afed943e236fa8474f0cf09b5f33f1046

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:50:51 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 09:19:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"6a4698421b7bef455c04d96d48555b2c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
540879
x-amz-cf-id
uAknz8jddN3xBs9U9RT5rJ8YomDF_SoQki8S-nf25OeNQK1rLLLgsg==
tr-newsletter-wintertraum-aktionstickets.png
files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/tr-newsletter-wintertraum-aktionstickets.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
072b3595c726919da854044969ae3497976e896ee8b05a40c66da8f696239a8a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:46:59 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Thu, 13 Oct 2022 15:04:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
54
etag
"6d3ed4d2d4dfcb06607d9442645ed09f"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4407
x-amz-cf-id
DoUdjQ2XTgVVNk1U8eK3H5iPJhKMLVTpBLAUU3VrSvzKiB8UhaiyPw==
img1-wintertraum-aktion-nov.png
files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/ 		591 KB
592 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/img1-wintertraum-aktion-nov.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e1876393ed0cc76c611954ca111aeb0d9320e39710d89bfbbe0fd09a12689f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:50:51 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 09:28:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"51a65b3d2873b5c4e633df0684bcd1f7"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
604775
x-amz-cf-id
HTgSCVtLZ8k7f34taMxAwMnjKrGssf57v33qBbOtlWae7sO7QoWFpg==
img2-wintertraum-aktion-nov.jpg
files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/img2-wintertraum-aktion-nov.jpg
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b16560199d6dd7e72433ca0d149e800080f267082e45cb9498f3468d6a3f86d1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:50:51 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Fri, 04 Nov 2022 09:32:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"b0a2e42fff6c7eaabcbc593c5891afc5"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
181118
x-amz-cf-id
nY00OqLxgSi0KQuo6pvY8IQ7Q_cnsTVNJQbzR-Rk07QzGusa-m2_7Q==
col-2-newsletter-wintertraum-aktionstickets.png
files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/wintertraum/2022/Aktionstickets+Zweite+Welle/col-2-newsletter-wintertraum-aktionstickets.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84d0291dcada04daa68e208fc2fe85a8928fb2ceb701c0947c31e3e2030b1faf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:50:51 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Thu, 13 Oct 2022 15:06:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"80c8f7b68b7cbcbac8ce42fd023730bd"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
186876
x-amz-cf-id
4Rha38PT5jL6pgah2WsK-30aiL3qic7830gPX_TNE6xvb_Bpb0AZog==
facebook-grey.png
files.crsend.com/284000/284220/images/Template/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/Template/social/facebook-grey.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
860a226e25bea80b323883f7acd6399529f8674a6de681415e36624a0c099b9a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:53:35 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Mon, 22 Mar 2021 14:00:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"d9e7ab3214be69f7a2a4da41f24a8183"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1216
x-amz-cf-id
kCU6XXPfLUIdSSwCiF8_vCllpMtx7eLjh_2NICpFH_O2LqTasL7hzQ==
instagram-grey.png
files.crsend.com/284000/284220/images/Template/social/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/Template/social/instagram-grey.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
334231ba6709bbea990c225aa8b90a03bda96ef30004386fdf8facdb94b7d5a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:53:35 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Mon, 22 Mar 2021 14:00:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"b2d5756e9a65c80bf2099c3e1ff8a224"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2230
x-amz-cf-id
6FjnEZqeacbs01Jt69A7cfchc1ttmLXWDDP9Q5RQ4yeojYShyglE9Q==
youtube-grey.png
files.crsend.com/284000/284220/images/Template/social/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/Template/social/youtube-grey.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec6455546674d00214256776a99426e80cb7468bd8ea98d0792c259d589a056

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 16:53:35 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Mon, 22 Mar 2021 14:00:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
3413
etag
"0fd1244c2794d02adace48fa12369046"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2106
x-amz-cf-id
23OrtgDuJ_qTftIVmCrU_gsF6Twy_WekPCo9YheJjE-77zJwSa-s6g==
twitter-grey.png
files.crsend.com/284000/284220/images/Template/social/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.crsend.com/284000/284220/images/Template/social/twitter-grey.png
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4493f3e5496032216295cfff61294a9dfe207dd87988265dabe2e40a5df4d99

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:15:13 GMT
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
last-modified
Mon, 22 Mar 2021 14:00:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1951
etag
"6a4e72b38f7b24894a01b3b56979e3fd"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1535
x-amz-cf-id
JyfwrBgf-c4pOPZ8aonryDdtQOfZnNLKpcOXUZgzsLgx8DxTpMQSlw==
mc_284220_13983406_447c8750ef96-rku43j.gif
stats-eu2.crsend.com/stats/ 		49 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats-eu2.crsend.com/stats/mc_284220_13983406_447c8750ef96-rku43j.gif
Requested by
Host: mail.phantasialand.info
URL: https://mail.phantasialand.info/m/13983406/539930-5f6d0218d80353273b21d679d1655c2f9ba9c97f9ee73e3cd56a6f0040af741aed08144dca79c703b61e5f1b7fa17c93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.100.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-100-35.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mail.phantasialand.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 04 Nov 2022 17:47:43 GMT
server
Apache
content-type
image/gif
x-cr-i
stats-eu2-i-00c975cd7473cabe1 D=69077 t=1667584063395349
cache-control
no-store, no-cache, must-revalidate
content-length
49
expires
Thu, 19 Nov 1981 08:52:00 GMT
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=aqu2hum&ht=tk&f=10294.10296.10304.27943.27965&a=6911550&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aqu2hum.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:47:43 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/1da05b/0000000000000000000132df/27/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aqu2hum.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc

Request headers

Referer
https://use.typekit.net/aqu2hum.css
Origin
https://mail.phantasialand.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:47:43 GMT
server
nginx
etag
"49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
26888
l
use.typekit.net/af/257c86/000000000000000077359df6/30/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/257c86/000000000000000077359df6/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aqu2hum.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3994b9e4a09594b84d5bf0ed18f1708c97edf4a5cc64a64016c355b69fb5d3f1

Request headers

Referer
https://use.typekit.net/aqu2hum.css
Origin
https://mail.phantasialand.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:47:43 GMT
server
nginx
etag
"8de3d8c57c38875f560018b24689d36eaadf2097"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29128
l
use.typekit.net/af/8f4e31/0000000000000000000132e3/27/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aqu2hum.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fc19e2d873270cfa3ce69c2345fac36b8ab1b0fe2cd8983f0946a8c180f236b3

Request headers

Referer
https://use.typekit.net/aqu2hum.css
Origin
https://mail.phantasialand.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:47:43 GMT
server
nginx
etag
"79f9defc7632bc87dc40a06c82c11882a3000992"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
27712
l
use.typekit.net/af/b3f0a0/00000000000000007735b44c/30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/b3f0a0/00000000000000007735b44c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/aqu2hum.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
351cb9e1f5030e8d2325950fa0d17668d0a9fc1035f504f1a37bb0bdb5696403

Request headers

Referer
https://use.typekit.net/aqu2hum.css
Origin
https://mail.phantasialand.info
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 04 Nov 2022 17:47:43 GMT
server
nginx
etag
"c065a33adc9a4457db0eadd7899be89cf645cb35"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19052

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

2 Cookies

Domain/Path Name / Value
mail.phantasialand.info/ Name: PHPSESSID
Value: cWpxB06z96IujJODM8vmyIiu9Yupa4RSQzoH-%2CVLHwe5eN8C
stats-eu2.crsend.com/ Name: PHPSESSID
Value: 8kVaEytolj4k0uyamgo8uRZIH2diQAQZyNur3tHP-uP0cl1i

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

files.crsend.com
mail.phantasialand.info
p.typekit.net
stats-eu2.crsend.com
use.typekit.net
143.204.215.64
194.42.96.24
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
52.213.100.35
072b3595c726919da854044969ae3497976e896ee8b05a40c66da8f696239a8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
277f48d1d348843d56f7ab74bb8e387afed943e236fa8474f0cf09b5f33f1046
2b3469e7dbdb1c8522f90496c57f354126bdaf5e6d6fd57b7cb44d354a6f408b
334231ba6709bbea990c225aa8b90a03bda96ef30004386fdf8facdb94b7d5a0
351cb9e1f5030e8d2325950fa0d17668d0a9fc1035f504f1a37bb0bdb5696403
3994b9e4a09594b84d5bf0ed18f1708c97edf4a5cc64a64016c355b69fb5d3f1
3dba8a63f6325c055349b8eae8c81e1b7ccd396beaaa6a4776f400e1d7c12599
5e1876393ed0cc76c611954ca111aeb0d9320e39710d89bfbbe0fd09a12689f1
84d0291dcada04daa68e208fc2fe85a8928fb2ceb701c0947c31e3e2030b1faf
860a226e25bea80b323883f7acd6399529f8674a6de681415e36624a0c099b9a
8f5a7a860a933dde332de207de965350bb54d1923b6288db8c13dfefdf48f03b
aec6455546674d00214256776a99426e80cb7468bd8ea98d0792c259d589a056
b16560199d6dd7e72433ca0d149e800080f267082e45cb9498f3468d6a3f86d1
b7a08543443c6494d0cfd4e952e898e7bdc778fdff04c5d7cee91624254c5c23
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
e4493f3e5496032216295cfff61294a9dfe207dd87988265dabe2e40a5df4d99
fc19e2d873270cfa3ce69c2345fac36b8ab1b0fe2cd8983f0946a8c180f236b3