subscriptions.mylupusteam.com Open in urlscan Pro
2a0b:4d07:401::1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://subscriptions.mylupusteam.com/
Submission: On March 04 via automatic, source certstream-suspicious (March 4th 2023, 6:21:36 am UTC) — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2a0b:4d07:401::1, located in Switzerland and belongs to PROINITY PROINITY, CH. The main domain is subscriptions.mylupusteam.com.
TLS certificate: Issued by R3 on January 3rd 2023. Valid for: 3 months.

This is the only time subscriptions.mylupusteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	52.88.117.3 52.88.117.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:808::200a	15169 (GOOGLE) (GOOGLE)
3	13.225.84.144 13.225.84.144	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2003	15169 (GOOGLE) (GOOGLE)
15	7

7 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

subscriptions.mylupusteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
impressure-c630.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.88.117.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-117-3.us-west-2.compute.amazonaws.com

events.impressure.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.84.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-144.fra2.r.cloudfront.net

djk97zng6lbya.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	kxcdn.com impressure-c630.kxcdn.com — Cisco Umbrella Rank: 63002	130 KB
3	cloudfront.net djk97zng6lbya.cloudfront.net	336 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 36	7 KB
2	impressure.io events.impressure.io — Cisco Umbrella Rank: 244843	1 KB
2	mylupusteam.com subscriptions.mylupusteam.com	12 KB
1	gstatic.com fonts.gstatic.com	33 KB
15	6

	Domain	Requested by
5	impressure-c630.kxcdn.com	subscriptions.mylupusteam.com impressure-c630.kxcdn.com
3	djk97zng6lbya.cloudfront.net	subscriptions.mylupusteam.com
2	events.impressure.io	subscriptions.mylupusteam.com impressure-c630.kxcdn.com
2	subscriptions.mylupusteam.com	impressure-c630.kxcdn.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	ajax.googleapis.com
1	ajax.googleapis.com	impressure-c630.kxcdn.com
15	7

This site contains no links.

Subject Issuer	Validity	Valid
subscriptions.mylupusteam.com R3	`2023-01-03` - `2023-04-03`	3 months	crt.sh
*.kxcdn.com Thawte RSA CA 2018	`2022-07-28` - `2023-07-24`	a year	crt.sh
impressure.io Amazon RSA 2048 M02	`2023-02-10` - `2023-08-24`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://subscriptions.mylupusteam.com/
Frame ID: EFAFA99F8AD9F84AB8BE09A74962D078
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyLupusTeam

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

519 kB
Transfer

1000 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
subscriptions.mylupusteam.com/ 66 KB
8 KB 734ms
594ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.mylupusteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 942792c2586ed8028dc0287f531ec51879a1b8495404b931e6df078e141a98df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: br
content-length: 8126
content-type: text/html
date: Sat, 04 Mar 2023 06:21:31 GMT
etag: "76fddaa47a9b9b29c691a2a945add83f"
last-modified: Thu, 26 Jan 2023 16:44:34 GMT
server: keycdn-engine
x-amz-server-side-encryption: AES256
x-amz-version-id: fviSZJUd9Nmmp4q7nziJrI31_75ubter
x-cache: MISS
x-cache-status: MISS
x-edge-location: atvi

GET
H2 200 presenter.ae7ecc5.css
impressure-c630.kxcdn.com/ 18 KB
5 KB 161ms
34ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.ae7ecc5.css
Requested by: Host: subscriptions.mylupusteam.com
URL: https://subscriptions.mylupusteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:31 GMT
content-encoding: br
x-amz-request-id: ZHPPEGC3R15X8F0J
x-edge-location: atvi
x-cache: STALE
content-length: 4919
x-amz-id-2: qxR6Z22RZz248NQnpWS0wjDbvPB0Mu/NqL6+TUwwCdTOTQd8H+ZQ7w0z/Ft4CHu4OICXA0JOaYI=
last-modified: Tue, 23 Aug 2022 19:45:30 GMT
server: keycdn-engine
etag: "c8ba4cfb85a21500b78f527fec541e40"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Sat, 11 Mar 2023 06:21:31 GMT

GET
H2 200 presenter.482eb53.js Show response
impressure-c630.kxcdn.com/ 408 KB
105 KB 161ms
35ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Requested by: Host: subscriptions.mylupusteam.com
URL: https://subscriptions.mylupusteam.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 107d3772239ee34312267c8d1fcb39319a78f5aacdd19b0feaa02b85a59e4e2a

Request headers

Referer: https://subscriptions.mylupusteam.com/
Origin: https://subscriptions.mylupusteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:31 GMT
content-encoding: br
x-amz-request-id: 82VNQDJSXDX2TTCF
x-edge-location: atvi
x-cache: HIT
content-length: 106522
x-amz-id-2: 4hyXKpegZG66liafDquNjICfzL3nvDArvaFD4wZA1IcMdY4ZuCLBbE0h/gaC3+x9wt7/wwCQeBM=
last-modified: Tue, 15 Nov 2022 22:43:17 GMT
server: keycdn-engine
etag: "264c420f31e2e81c576f58c26b4e03eb"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Sat, 11 Mar 2023 06:21:31 GMT

GET
H/1.1 200
OK info Show response
events.impressure.io/ 678 B
1003 B 1048ms
177ms XHR
application/json 52.88.117.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/info?v=2&nonce=12217317100890698&userId=

Requested by

Host: subscriptions.mylupusteam.com
URL: https://subscriptions.mylupusteam.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-117-3.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

b5628ce01f1324fda0ad783783f470aa5740da354c22f7e732f54f1b22749b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 04 Mar 2023 06:21:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"2a6-O73kfqIInfJtuyqtryFO6WfF+44"
X-Powered-By: Express
Vary: Accept-Encoding, Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://subscriptions.mylupusteam.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 522

GET
DATA 200
OK truncated
/ 24 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 86ms
23ms Script
text/javascript 2a00:1450:400d:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 18:41:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 18:41:39 GMT

GET
H2 200 chunk.4.e1ba812.css
impressure-c630.kxcdn.com/ 2 KB
1 KB 32ms
32ms Stylesheet
text/css 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.e1ba812.css
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:31 GMT
content-encoding: br
x-amz-request-id: GFYSS4A61N9A7J11
x-edge-location: atvi
x-cache: STALE
content-length: 784
x-amz-id-2: nuK2rZt9YPpfcpmgfyMaXN2AYXLhE3Cv6WLztpP6gc1SsfmiIEnQ5cqqRuFLygZt/jpa/MaZo44=
last-modified: Tue, 23 Aug 2022 19:45:27 GMT
server: keycdn-engine
etag: "1d4504cd8eb1a924fa3877af155e3acb"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Sat, 11 Mar 2023 06:21:31 GMT

GET
H2 200 chunk.4.632257f.js Show response
impressure-c630.kxcdn.com/ 58 KB
14 KB 33ms
32ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.4.632257f.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:31 GMT
content-encoding: br
x-amz-request-id: GFYTXPSKGF7NX1MZ
x-edge-location: atvi
x-cache: STALE
content-length: 13564
x-amz-id-2: eQdamqCoTggPT3rwT8R6r0C91hnbPSLL3PPKz/qH+2CEY9MCHlzymZwJs9xdRjZ7fNhDn1p1aEg=
last-modified: Tue, 23 Aug 2022 19:45:33 GMT
server: keycdn-engine
etag: "b1ded3ed49dd625cfd1196fd4bf192df"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Sat, 11 Mar 2023 06:21:31 GMT

GET
H2 200 chunk.13.7a5258a.js Show response
impressure-c630.kxcdn.com/ 17 KB
5 KB 60ms
60ms Script
application/javascript 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://impressure-c630.kxcdn.com/chunk.13.7a5258a.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:31 GMT
content-encoding: br
x-amz-request-id: 0Q02ZPDQ9XZ4ZE8Z
x-edge-location: atvi
x-cache: HIT
content-length: 5065
x-amz-id-2: JTw9JJ7ZKgRucmVJotnnGCQCHIG/H1Faxnt87iPoCaWaCr69xLj45teNKGGoJKQjo7/QCA1pa0E=
last-modified: Tue, 23 Aug 2022 19:45:26 GMT
server: keycdn-engine
etag: "04b6f9c350e90de6b9711301bf2c2b72"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
expires: Sat, 11 Mar 2023 06:21:31 GMT

GET
H2 200 339c242b-eb7b-4429-8d2e-a487425b8d74.png
djk97zng6lbya.cloudfront.net/2022/10/13/18/36/57/ 5 KB
6 KB 711ms
647ms Image
image/png 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/13/18/36/57/339c242b-eb7b-4429-8d2e-a487425b8d74.png
Requested by: Host: subscriptions.mylupusteam.com
URL: https://subscriptions.mylupusteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 86e6f0a28e4a6d1a68551d011dfb843d26f7466ed0db23fd12a49115abe9e9e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:33 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified: Thu, 13 Oct 2022 18:36:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "73e3962157aafada43847da4d34ecabe"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 5313
x-amz-cf-id: XhoGWQyYdWti-_ya_PKINJQ1_8kRXVXfkgHQJ9eW3QoLJZsYUwlxTQ==

GET
H2 200 be90a0e1-7916-4656-b66d-947505a67239.png
djk97zng6lbya.cloudfront.net/2022/10/21/14/44/15/ 298 KB
299 KB 720ms
708ms Image
image/png 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/21/14/44/15/be90a0e1-7916-4656-b66d-947505a67239.png
Requested by: Host: subscriptions.mylupusteam.com
URL: https://subscriptions.mylupusteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0e8466f3b9bd5a9c2dba91966ad359ee6d9b2c9efa6a93ad265ae79b8c4d2c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:33 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 14:44:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "7af5a94cee69a10662ecd8ada3f6b809"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 305571
x-amz-cf-id: Lgyk2mOLpUqlWWaXPjPVgCOhg4wRYIJEWnIxTEp-PULIygt4jSdArg==

GET
H2 200 73943333-0d0d-4e9a-bc79-570256bef63c.png
djk97zng6lbya.cloudfront.net/2022/10/21/14/46/44/ 31 KB
31 KB 650ms
639ms Image
image/png 13.225.84.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djk97zng6lbya.cloudfront.net/2022/10/21/14/46/44/73943333-0d0d-4e9a-bc79-570256bef63c.png
Requested by: Host: subscriptions.mylupusteam.com
URL: https://subscriptions.mylupusteam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-144.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc9c73b7b06b3ab857139c109bf22df7aae5be33ce142f95e48ddd111ac87dde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:33 GMT
via: 1.1 1bf129b8787cf2e96d3bce725554e4d4.cloudfront.net (CloudFront)
last-modified: Fri, 21 Oct 2022 14:46:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "99185740c34cb62be0751db4c73bf343"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-meta-json
accept-ranges: bytes
content-length: 31500
x-amz-cf-id: wtEr69GMaxsyvFP72e4RkKBf2z6nFPKv1ecKxrrAvjYD3lAqDr_ZmA==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
861 B 118ms
46ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6036d983cd55e2a3851edb9c07c97480871e6b11acd0b883d22174dc98178b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 04 Mar 2023 06:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 06:11:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 04 Mar 2023 06:21:32 GMT

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 32 KB
33 KB 82ms
20ms Font
font/woff2 2a00:1450:400d:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://subscriptions.mylupusteam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:35:57 GMT
x-content-type-options: nosniff
age: 294335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32900
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Feb 2024 20:35:57 GMT

POST
H/1.1 200
OK events Show response
events.impressure.io/ 72 B
504 B 239ms
239ms Fetch
application/json 52.88.117.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://events.impressure.io/events

Requested by

Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.117.3 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-117-3.us-west-2.compute.amazonaws.com

Software

nginx / Express

Resource Hash

a3240b4005910819f716720d34870e4bd2262d12cfe8b9ef7a62a9e1c754fccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://subscriptions.mylupusteam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 04 Mar 2023 06:21:32 GMT
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"48-Kp8BNHsQV4iXSqmnlPo1hhwOJxo"
X-Powered-By: Express
Vary: Origin
P3P: CP="Impressure does not have a P3P policy."
Access-Control-Allow-Origin: https://subscriptions.mylupusteam.com
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 72

GET
H2 200 ac514e2e-13d2-435b-8cea-3c2106f4a1ee.js Show response
subscriptions.mylupusteam.com/chunk/183536/ 25 KB
4 KB 396ms
395ms Script
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.mylupusteam.com/chunk/183536/ac514e2e-13d2-435b-8cea-3c2106f4a1ee.js
Requested by: Host: impressure-c630.kxcdn.com
URL: https://impressure-c630.kxcdn.com/presenter.482eb53.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 20ff33acc595b65bdfe0db7195ccaf9403f51764e7d8cc72e54964876afdfed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscriptions.mylupusteam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 04 Mar 2023 06:21:33 GMT
content-encoding: br
x-amz-version-id: fNn7B5_m13U1T1PHmSaUoeZKE_jP_pvg
last-modified: Thu, 26 Jan 2023 16:44:34 GMT
server: keycdn-engine
x-edge-location: atvi
etag: "762331b949f5d199e1a5b0751885ddda"
x-amz-server-side-encryption: AES256
x-cache-status: MISS
x-cache: MISS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 3522

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mylupusteam.com/	1970-01-20 19:41:10	Name: _user_time Value: 1677910891811\|1677910891811
subscriptions.mylupusteam.com/	1970-01-20 19:41:10	Name: _user_random Value: 0.6617455583507315
.mylupusteam.com/	1970-01-20 19:41:10	Name: _user_id Value: 03d4b309-d53b-47af-91f1-b8357297effc-G0QUYOZ7fJlA2EeKmDo5RCj2X4TDM4zI+mvW0VA2+A

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
djk97zng6lbya.cloudfront.net
events.impressure.io
fonts.googleapis.com
fonts.gstatic.com
impressure-c630.kxcdn.com
subscriptions.mylupusteam.com
13.225.84.144
2a00:1450:400d:808::200a
2a00:1450:400d:80c::2003
2a00:1450:400d:80c::200a
2a0b:4d07:401::1
52.88.117.3
107d3772239ee34312267c8d1fcb39319a78f5aacdd19b0feaa02b85a59e4e2a
20ff33acc595b65bdfe0db7195ccaf9403f51764e7d8cc72e54964876afdfed7
6036d983cd55e2a3851edb9c07c97480871e6b11acd0b883d22174dc98178b19
6306705e8627af2d57b6dd5fe6e3322a573e24fd6cc7aa5e1e51e49f06d2a199
80b65cdd0e35bff154e418ec0ca90a0f4df24d772109ead25167f283680480a6
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
86e6f0a28e4a6d1a68551d011dfb843d26f7466ed0db23fd12a49115abe9e9e4
942792c2586ed8028dc0287f531ec51879a1b8495404b931e6df078e141a98df
a3240b4005910819f716720d34870e4bd2262d12cfe8b9ef7a62a9e1c754fccf
b5628ce01f1324fda0ad783783f470aa5740da354c22f7e732f54f1b22749b4c
cc6bdd862d3e45c2403d529930215fb4c217f10e1a1b4517d34a8dd92a4988b7
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
e0e8466f3b9bd5a9c2dba91966ad359ee6d9b2c9efa6a93ad265ae79b8c4d2c1
e24b5a9a61c6d79dedce99ff0212b340f188019946ffeaed32cf88cfca329982
fc9c73b7b06b3ab857139c109bf22df7aae5be33ce142f95e48ddd111ac87dde

subscriptions.mylupusteam.com Open in urlscan Pro 2a0b:4d07:401::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

67 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

519 kBTransfer

1000 kBSize

3 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Indicators

subscriptions.mylupusteam.com Open in urlscan Pro
2a0b:4d07:401::1 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

519 kB
Transfer

1000 kB
Size

3
Cookies

15 HTTP transactions
1 data transactions