2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu Open in urlscan Pro
13.33.187.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Submission: On March 11 via automatic, source certstream-suspicious (March 11th 2024, 2:45:41 pm UTC) — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 13.33.187.92, located in United States and belongs to AMAZON-02, US. The main domain is 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu.
TLS certificate: Issued by Amazon RSA 2048 M02 on June 14th 2023. Valid for: a year.

This is the only time 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	13.33.187.92 13.33.187.92	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	3.160.150.13 3.160.150.13	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
13	4

8 13.33.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-92.fra60.r.cloudfront.net

2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-13.fra60.r.cloudfront.net

i16qgzp3yf.execute-api.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	wetraffic.eu 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu	840 KB
3	gstatic.com fonts.gstatic.com	47 KB
1	amazonaws.com i16qgzp3yf.execute-api.us-east-1.amazonaws.com	460 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
13	4

	Domain	Requested by
8	2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu	2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
3	fonts.gstatic.com	fonts.googleapis.com
1	i16qgzp3yf.execute-api.us-east-1.amazonaws.com	2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
1	fonts.googleapis.com	2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
13	4

This site contains no links.

Subject Issuer	Validity	Valid
*.wetraffic.eu Amazon RSA 2048 M02	`2023-06-14` - `2024-07-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.execute-api.us-east-1.amazonaws.com Amazon RSA 2048 M02	`2024-03-07` - `2025-04-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Frame ID: 6F23EFEFA6C2BE11C56FD24DEBDD42EE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wetraffic Pro

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

13
Requests

38 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

889 kB
Transfer

1645 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/ 803 B
1 KB 43ms
7ms Document
text/html 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84d84df704a85f95068781d530735dc3dde11f760f809b0d60aec033ada851ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 71025
cache-control: public, max-age=86400
content-length: 803
content-type: text/html
date: Sun, 10 Mar 2024 19:01:50 GMT
etag: "36e0a1414d2058073d8493852ecdb92b"
last-modified: Thu, 07 Mar 2024 14:30:45 GMT
server: AmazonS3
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
x-amz-cf-id: PKwaOujtxl4d_FDMktLZx269LkbG5aWKtO9YTvXYusBrEoYBXgdh7w==
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 123ms
46ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Mar 2024 14:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 13:44:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Mar 2024 14:45:35 GMT

GET
H2 200 index-97e3977e.js Show response
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/ 998 KB
308 KB 16ms
16ms Script
application/javascript 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/index-97e3977e.js
Requested by: Host: 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 17eed66223563bce74ba756df907f30abd12b5ca7029eb19fd2aaa16667eebd3

Request headers

Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Origin: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:35 GMT
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Thu, 07 Mar 2024 14:30:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 254
x-amz-server-side-encryption: AES256
etag: W/"53c49df5b686d0f00590896fe9b53272"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 7P8urFM_3Be00JLUzy0gtaSuqwueYsOGlO5idFPsa4TdjhnrfERuBA==

GET
H2 200 index-d1169d52.css
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/ 37 KB
5 KB 427ms
427ms Stylesheet
text/css 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/index-d1169d52.css
Requested by: Host: 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1169d522848daef068fbd99db19c4f28a6120d1faa5dfc6a53e0a5bd0000b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:36 GMT
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Wed, 13 Sep 2023 12:40:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"d1fb4c9849ba907cd613d39755e411a5"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-cf-id: kGZQ9rstAfoktUuUdoBN8apLnGEgCp8b1oKUQq6Mure-2MnwmlC8zQ==

GET
H2 200 wetraffic-3f00b701.svg
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/ 24 KB
17 KB 11ms
11ms Image
image/svg+xml 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/wetraffic-3f00b701.svg
Requested by: Host: 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f00b701980b56fb8f73f6000c1e96b0b1901a3e935ff15d2ed6c4e5a66e5c46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:35 GMT
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 12:55:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 253
x-amz-server-side-encryption: AES256
etag: W/"006faefd474c69d6debe90ae04d467b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: nW7_FmtgsyBlmcMCnG2X6loCAx74mEIrZIbm2bufBsQULSh8XQGTuw==

GET
H2 404 main Show response
i16qgzp3yf.execute-api.us-east-1.amazonaws.com/prod/ 61 B
460 B 483ms
446ms XHR
application/json 3.160.150.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i16qgzp3yf.execute-api.us-east-1.amazonaws.com/prod/main?message=%7B%22action%22:%22get_area%22,%22params%22:%7B%22id%22:%222a57j78p1lww6dinrce54ylgcdt0563%22%7D%7D
Requested by: Host: 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/index-97e3977e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-13.fra60.r.cloudfront.net
Software: /
Resource Hash: 6e17682abf5866781ee7e8f6af5374aa12ee1295cf2499c5e3a02cadb04b6de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:35 GMT
via: 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
x-amzn-trace-id: Root=1-65ef190f-1b0ef27320c9b378157f0fab;Parent=39ef47a5ee77ca64;Sampled=0;lineage=8922d2fc:0
x-amzn-requestid: 621e3550-d6f5-4bc2-a23d-e82fc081c647
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: UeDagGEQIAMEElA=
content-length: 61
x-amz-cf-id: OgpU63Vb3EPybxKKz-86HCehS324cz85spDzN_JLXpaexBro8R9Icw==

GET
H2 200 wetraffic-3f00b701.svg
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/ 24 KB
17 KB 9ms
9ms Image
image/svg+xml 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/wetraffic-3f00b701.svg
Requested by: Host: 2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/index-97e3977e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f00b701980b56fb8f73f6000c1e96b0b1901a3e935ff15d2ed6c4e5a66e5c46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:35 GMT
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 12:55:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 254
x-amz-server-side-encryption: AES256
etag: W/"006faefd474c69d6debe90ae04d467b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: OjFWJvn39WTCZc-A6v9tAOxOIwwABAD6YFuS8e4yNTFFGGr0FfqZAg==

GET
H2 200 trafficlab-white-9d6fbd89.svg
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/ 18 KB
6 KB 401ms
401ms Image
image/svg+xml 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/trafficlab-white-9d6fbd89.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d6fbd89aec2d2f27bc7245918e9aa10de87ef4607a41be4046fc3badc8f9a96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:37 GMT
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 12:55:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"3a4e65911719c49f668cf914ce015a4a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: MA0ADbaExybW3lpgTK2h6nEjskRdvnEUAk_upg_zAl6mJjLzM_qrBA==

GET
H2 200 datafromsky-8fe8ab52.svg
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/ 4 KB
2 KB 403ms
403ms Image
image/svg+xml 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/assets/datafromsky-8fe8ab52.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fe8ab52d6f8c01ffb9abb753bb370c8ebb76ae7c56267d3be3788ede7a3db14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:37 GMT
content-encoding: gzip
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Fri, 16 Jun 2023 12:55:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
x-amz-server-side-encryption: AES256
etag: W/"c5e33ddc81876d157b7245c2e6ec8c49"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: qKqlFZMed4YmA5Z3DXD1n2vWNQrwLOsqqQsuoLW6eDevepGL91P4hw==

GET
H2 200 2.jpg
2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/images/landing-bg/ 484 KB
484 KB 409ms
409ms Image
image/jpeg 13.33.187.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/images/landing-bg/2.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-92.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39fd2334ea2a3f747fac1d390c42dff4fca87cb2767b5f18d6b134062d6d0cc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:45:37 GMT
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront)
last-modified: Thu, 14 Jul 2022 07:08:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
etag: "1dc059875396bee9bb8f6805d5cfba8c"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 495204
x-amz-cf-id: dOSbL-LvBxLUsk1roI2514vnf0X-8JvoQUiLt_Z9mxxa6ioHqevRIQ==

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 00:37:10 GMT
x-content-type-options: nosniff
age: 310106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 00:37:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 154ms
76ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 04:10:19 GMT
x-content-type-options: nosniff
age: 556517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 04:10:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 122ms
44ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:17:56 GMT
x-content-type-options: nosniff
age: 566860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Mar 2025 01:17:56 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i16qgzp3yf.execute-api.us-east-1.amazonaws.com/prod/main?message=%7B%22action%22:%22get_area%22,%22params%22:%7B%22id%22:%222a57j78p1lww6dinrce54ylgcdt0563%22%7D%7D Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu
fonts.googleapis.com
fonts.gstatic.com
i16qgzp3yf.execute-api.us-east-1.amazonaws.com
13.33.187.92
2a00:1450:4001:803::200a
2a00:1450:4001:828::2003
3.160.150.13
17eed66223563bce74ba756df907f30abd12b5ca7029eb19fd2aaa16667eebd3
39fd2334ea2a3f747fac1d390c42dff4fca87cb2767b5f18d6b134062d6d0cc5
3f00b701980b56fb8f73f6000c1e96b0b1901a3e935ff15d2ed6c4e5a66e5c46
6e17682abf5866781ee7e8f6af5374aa12ee1295cf2499c5e3a02cadb04b6de7
84d84df704a85f95068781d530735dc3dde11f760f809b0d60aec033ada851ee
8fe8ab52d6f8c01ffb9abb753bb370c8ebb76ae7c56267d3be3788ede7a3db14
9d6fbd89aec2d2f27bc7245918e9aa10de87ef4607a41be4046fc3badc8f9a96
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
d1169d522848daef068fbd99db19c4f28a6120d1faa5dfc6a53e0a5bd0000b58
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu Open in urlscan Pro 13.33.187.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

38 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

889 kBTransfer

1645 kBSize

0 Cookies

0 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

2a57j78p1lww6dinrce54ylgcdt0563.auth.wetraffic.eu Open in urlscan Pro
13.33.187.92 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

38 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

889 kB
Transfer

1645 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions