urlscan.io logo urlscan.io
SecurityTrails logo

link.freshmail.mx Open in urlscan Pro
185.184.112.65  Public Scan

Go To Rescan Add Verdict Report
URL: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Submission: On May 25 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 185.184.112.65, located in Poland and belongs to FRESHMAIL-, PL. The main domain is link.freshmail.mx. The Cisco Umbrella rank of the primary domain is 728450.
TLS certificate: Issued by R3 on March 22nd 2022. Valid for: 3 months.
This is the only time link.freshmail.mx was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 185.184.112.65 206417 (FRESHMAIL-)
1 108.156.46.122 16509 (AMAZON-02)
1 18.66.248.21 16509 (AMAZON-02)
1 18.66.242.118 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.137 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
8 7
2    185.184.112.65 (Poland)

ASN206417 (FRESHMAIL-, PL)
link.freshmail.mx
mail.mailnews.pl
1    108.156.46.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-46-122.lhr50.r.cloudfront.net
d11civ2ku1dhdc.cloudfront.net
1    18.66.248.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-21.dus51.r.cloudfront.net
media.freshmail.mx
1    18.66.242.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-118.dus51.r.cloudfront.net
d2651x052v6uoq.cloudfront.net
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net
bam.nr-data.net
Apex Domain
Subdomains		 Transfer
2 cloudfront.net
d11civ2ku1dhdc.cloudfront.net
d2651x052v6uoq.cloudfront.net
30 KB
2 freshmail.mx
link.freshmail.mx — Cisco Umbrella Rank: 728450
media.freshmail.mx — Cisco Umbrella Rank: 339962
44 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 586
322 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 381
14 KB
1 gstatic.com
fonts.gstatic.com
72 KB
1 mailnews.pl
mail.mailnews.pl
161 B
8 6
Domain Requested by
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com link.freshmail.mx
1 fonts.gstatic.com d11civ2ku1dhdc.cloudfront.net
1 d2651x052v6uoq.cloudfront.net link.freshmail.mx
1 mail.mailnews.pl link.freshmail.mx
1 media.freshmail.mx link.freshmail.mx
1 d11civ2ku1dhdc.cloudfront.net link.freshmail.mx
1 link.freshmail.mx
8 8

This site contains links to these domains. Also see Links.

Domain
mail.mailnews.pl
Subject Issuer Validity Valid
link.freshmail.mx
R3		 2022-03-22 -
2022-06-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
imagecloud24.com
Amazon		 2021-10-31 -
2022-11-28		 a year crt.sh
mail.mailnews.pl
R3		 2022-05-03 -
2022-08-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-10 -
2023-02-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Frame ID: B7CDCB6EC6DE1104CFF165E01387977E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[⏰WAŻNE ZGODY!] Zaakceptuj zgody, inaczej nie weźmiesz udziału w Biegu Firmowym!

Page Statistics

8
Requests

100 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

160 kB
Transfer

230 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6arwc4nvmb
link.freshmail.mx/p/4aki8g9yoq/ 		35 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.184.112.65 , Poland, ASN206417 (FRESHMAIL-, PL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) /
Resource Hash
02308b8543b5eb2e061cfab1c7702a9e4b616cd96586596907bec66916ae4480
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 11:21:28 GMT
server
Apache/2.4.6 (CentOS)
x-frame-options
SAMEORIGIN
fonts.css
d11civ2ku1dhdc.cloudfront.net/img/ruiv3zl88a/6arwc4nvmb/ 		1 KB
958 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d11civ2ku1dhdc.cloudfront.net/img/ruiv3zl88a/6arwc4nvmb/fonts.css?t=1653474387
Requested by
Host: link.freshmail.mx
URL: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.156.46.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-46-122.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
384e3f1b0ae15a30602125905b89a300db148b9bfeaf4d4798ee2341ef277bac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.freshmail.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 10:32:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 May 2022 10:26:28 GMT
Server
AmazonS3
Age
2919
ETag
W/"e486da0e785891f45b75e822cc3d02d5"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 bfd49bf523c81f536763bdb558e5f014.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
LHR50-P2
X-Amz-Cf-Id
xhA7BaSP-8lMYIWSOhwkh2ZxcAa8Uhiq3KOjn92NnFPrkcWRKmYcWg==
tmp628df322a1eae1.png
media.freshmail.mx/i/ruiv3zl88a/6arwc4nvmb/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.freshmail.mx/i/ruiv3zl88a/6arwc4nvmb/tmp628df322a1eae1.png?sum=8204056b88182ee4832a5ddfec7efd7f
Requested by
Host: link.freshmail.mx
URL: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-21.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
545971cef9eb7408c5d18f58b00fb00124dc45fd9f9a17398c5158fc9333e068

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.freshmail.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 09:15:55 GMT
Via
1.1 bf943aab70e585412f7a215fb0a10790.cloudfront.net (CloudFront)
Last-Modified
Wed, 25 May 2022 09:14:34 GMT
Server
AmazonS3
Age
7534
ETag
"8204056b88182ee4832a5ddfec7efd7f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
7818
X-Amz-Cf-Id
Jm89w1Fx6RbYpj3OicfzUf_A1ToMigGW9fv-XIxG4GdOcVNaU_b_Eg==
/
mail.mailnews.pl/o/6arwc4nvmb/4aki8g9yoq/ 		43 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail.mailnews.pl/o/6arwc4nvmb/4aki8g9yoq/
Requested by
Host: link.freshmail.mx
URL: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.184.112.65 , Poland, ASN206417 (FRESHMAIL-, PL),
Reverse DNS
Software
Apache/2.4.6 (CentOS) /
Resource Hash
71d66e87a9561f8cc70f06a466a5f75a77aa9cb55e8795e0539c514eff7cf7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.freshmail.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 11:21:28 GMT
cache-control
private
server
Apache/2.4.6 (CentOS)
content-length
43
content-type
image/gif
waves01.jpg
d2651x052v6uoq.cloudfront.net/media/assets/img/mr_lemon/texture/on_top/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2651x052v6uoq.cloudfront.net/media/assets/img/mr_lemon/texture/on_top/waves01.jpg?v=22.2.18.prod
Requested by
Host: link.freshmail.mx
URL: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.242.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-242-118.dus51.r.cloudfront.net
Software
Apache/2.4.6 (CentOS) /
Resource Hash
0dfc122c5534d52ed38f9c4234a0e764ff2d7fb771c8c1c23a31a4b07b90f0f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.freshmail.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 09:10:05 GMT
Via
1.1 2b483ab832506bc86647b6ceba38dc9e.cloudfront.net (CloudFront)
Last-Modified
Tue, 24 May 2022 08:16:16 GMT
Server
Apache/2.4.6 (CentOS)
Age
7883
ETag
"7089-5dfbd9211b400"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
access-control-allow-origin
*
Connection
keep-alive
X-Amz-Cf-Pop
DUS51-P1
Accept-Ranges
bytes
Content-Length
28809
X-Amz-Cf-Id
H25wlK_RQ3O0gzAdpN064qhZn6EbVxsj4jz-4nJR7QM3gueW1L9p8g==
XLvHEa6wYv6gIfa99XKKyA.ttf
fonts.gstatic.com/s/arimo/v8/ 		119 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v8/XLvHEa6wYv6gIfa99XKKyA.ttf
Requested by
Host: d11civ2ku1dhdc.cloudfront.net
URL: https://d11civ2ku1dhdc.cloudfront.net/img/ruiv3zl88a/6arwc4nvmb/fonts.css?t=1653474387
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
724ee7ccbedb230b5c7582b07ddeaed81a02fcebbcdd0f97aced7a5a915bb682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d11civ2ku1dhdc.cloudfront.net/
Origin
https://link.freshmail.mx
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 07:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14213
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73032
x-xss-protection
0
last-modified
Thu, 28 Aug 2014 18:24:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 25 May 2023 07:24:35 GMT
nr-1216.min.js
js-agent.newrelic.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1216.min.js
Requested by
Host: link.freshmail.mx
URL: https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.freshmail.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id
mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding
gzip
etag
"9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-request-id
702BXDH9DS50TBSA
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14391
x-amz-id-2
5vd9vstz3V3z74kfjj1dCPZWEqafZIkasHjA0BdDCJvZTnwH4UnkRjWckumVI0cOdusYAlzF0pM=
x-served-by
cache-hhn4051-HHN
last-modified
Thu, 14 Apr 2022 16:45:57 GMT
server
AmazonS3
x-timer
S1653477689.724395,VS0,VE0
date
Wed, 25 May 2022 11:21:28 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2831
3575ffbad0
bam.nr-data.net/1/ 		57 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/3575ffbad0?a=512027816&v=1216.487a282&to=bwEDYhADW0QAUk1ZC1ZLIkMRFlpaTlBJQEtZBxVfDQxGGARcWFkIFRQTUxQLUEA%3D&rst=774&ck=1&ref=https://link.freshmail.mx/p/4aki8g9yoq/6arwc4nvmb&ap=173&be=445&fe=673&dc=587&perf=%7B%22timing%22:%7B%22of%22:1653477687981,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:28,%22c%22:28,%22s%22:63,%22ce%22:110,%22rq%22:110,%22rp%22:361,%22rpe%22:364,%22dl%22:371,%22di%22:587,%22ds%22:587,%22de%22:587,%22dc%22:673,%22l%22:673,%22le%22:674%7D,%22navigation%22:%7B%7D%7D&fp=593&fcp=593&at=Q0YAFFgZSEo%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://link.freshmail.mx/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/javascript;charset=iso-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| NREUM object| newrelic function| __nr_require

3 Cookies

Domain/Path Name / Value
.link.freshmail.mx/ Name: freshssion
Value: fe6e5f8c6827cfcadb57e9ee1393a060
link.freshmail.mx/ Name: SERVERID
Value: s1
.nr-data.net/ Name: JSESSIONID
Value: 2ccf44c1b9d5d9e2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN