accounts.aboutyou-freedom-fest.de Open in urlscan Pro
52.208.127.88 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://accounts.aboutyou-freedom-fest.de/
Effective URL:
https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followu...
Submission: On October 22 via automatic, source certstream-suspicious (October 22nd 2019, 1:00:32 pm UTC)

Summary HTTP 16 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 52.208.127.88, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is accounts.aboutyou-freedom-fest.de.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 22nd 2019. Valid for: 3 months.

This is the only time accounts.aboutyou-freedom-fest.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Google (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 9	52.208.127.88 52.208.127.88	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
16	3

9 52.208.127.88 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com

accounts.aboutyou-freedom-fest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hny2a73k4jwm0.aboutyou-freedom-fest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
play.aboutyou-freedom-fest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	aboutyou-freedom-fest.de 1 redirects accounts.aboutyou-freedom-fest.de hny2a73k4jwm0.aboutyou-freedom-fest.de rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de play.aboutyou-freedom-fest.de	428 KB
8	gstatic.com fonts.gstatic.com	73 KB
16	2

	Domain	Requested by
8	fonts.gstatic.com	accounts.aboutyou-freedom-fest.de
4	hny2a73k4jwm0.aboutyou-freedom-fest.de
2	play.aboutyou-freedom-fest.de
2	accounts.aboutyou-freedom-fest.de	1 redirects
1	rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de
16	5

This site contains links to these domains. Also see Links.

Domain
support.aboutyou-freedom-fest.de

Subject Issuer	Validity	Valid
hny2a73k4jwm0.aboutyou-freedom-fest.de Let's Encrypt Authority X3	`2019-10-22` - `2020-01-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F
Frame ID: 84249ADD4B423973A3855D67BBEE376A
Requests: 16 HTTP requests in this frame

Frame: https://rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de&v=-599030227&timestamp=1571749212955
Frame ID: E7FEEA3F57D46E15531E79F1596C9C8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://accounts.aboutyou-freedom-fest.de/ HTTP 302
https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedo... Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

16
Requests

81 %
HTTPS

50 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

500 kB
Transfer

1471 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://support.aboutyou-freedom-fest.de/chrome/answer/6130773?hl=en-GB
Title: Learn more

Search URL Search Domain Scan URL

URL: https://support.aboutyou-freedom-fest.de/accounts?hl=en-GB
Title: Help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://accounts.aboutyou-freedom-fest.de/ HTTP 302
https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set ServiceLogin Show response
accounts.aboutyou-freedom-fest.de/
Redirect Chain

https://accounts.aboutyou-freedom-fest.de/
https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F

1 MB
405 KB

565ms
564ms

Document
text/html

52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: GSE /
Resource Hash: 203fcebace18fba7374339d925a14f8c28d266eca335788015a678d9fadac983

Request headers

Host: accounts.aboutyou-freedom-fest.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Cookie: GAPS=1:ihwquv-JuFlGDGHwZ8-I_ersw-j7qQ:tE6EIKp-5PyK3sdc
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 414516
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Oct 2019 13:00:12 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: GSE
Set-Cookie: GAPS=1:DfGvmH2f6OvwKORrOAbFXQxbTjLqRQ:9pyZWM0Nus1znJms;Path=/;Expires=Thu, 21-Oct-2021 13:00:12 GMT;;HttpOnly;Priority=HIGH
X-Auto-Login: realm=com.google&args=continue%3Dhttps%253A%252F%252Faccounts.google.com%252F

Redirect headers

Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 259
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Oct 2019 13:00:11 GMT
Expires: Tue, 22 Oct 2019 13:00:11 GMT
Location: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F
Server: GSE
Set-Cookie: GAPS=1:ihwquv-JuFlGDGHwZ8-I_ersw-j7qQ:tE6EIKp-5PyK3sdc;Path=/;Expires=Thu, 21-Oct-2021 13:00:11 GMT;;HttpOnly;Priority=HIGH

GET
H/1.1 200
OK m=SF3gsd,wI7Sfc,pB6Zqd,rHjpXd,o02Jie,YTxL4,QLpTOd,lCVo3d,sy79,uhxrz,oWOlDb,MB66Qc,sy9b,m5Z1Eb,sy9h,sy9i,sy9q,sy9j,em3z,em3y,em3x,em3w,em3v,em3u,em3t,em3s,em3r,em3q,em40,em3p,YmeC5c Show response
hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/ 14 KB
5 KB 173ms
40ms Script
text/javascript 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=SF3gsd,wI7Sfc,pB6Zqd,rHjpXd,o02Jie,YTxL4,QLpTOd,lCVo3d,sy79,uhxrz,oWOlDb,MB66Qc,sy9b,m5Z1Eb,sy9h,sy9i,sy9q,sy9j,em3z,em3y,em3x,em3w,em3v,em3u,em3t,em3s,em3r,em3q,em40,em3p,YmeC5c
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: sffe /
Resource Hash: 337a2caf49df114592a8c8603b0a9ba7d0a06fba5795bd3c16f8dbbe03eb3409

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 23:04:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Oct 2019 05:57:39 GMT
Server: sffe
Age: 482168
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length: 5056
Expires: Thu, 15 Oct 2020 23:04:05 GMT

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v14/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: accounts.aboutyou-freedom-fest.de
URL: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 03:45:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 33283
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14576
x-xss-protection: 0
expires: Wed, 21 Oct 2020 03:45:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 10 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 08:30:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
server: sffe
age: 1052958
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10748
x-xss-protection: 0
expires: Fri, 09 Oct 2020 08:30:54 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 02:24:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 556561
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10788
x-xss-protection: 0
expires: Thu, 15 Oct 2020 02:24:11 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 22 Oct 2019 00:33:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:43:00 GMT
server: sffe
age: 44784
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
expires: Wed, 21 Oct 2020 00:33:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ 8 KB
8 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

80fa23b4804621ce7f16b5c56d524dd90ea09d792622eeac9adf0ee6317b9e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 22:47:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:59 GMT
server: sffe
age: 655981
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7796
x-xss-protection: 0
expires: Tue, 13 Oct 2020 22:47:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ 5 KB
5 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4WxKKTU1Kvnz.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

949e287846b0940817e4ea0f65accc4481a46b8733dc12aa0265293a4645c661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 03:31:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:54 GMT
server: sffe
age: 552530
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5008
x-xss-protection: 0
expires: Thu, 15 Oct 2020 03:31:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ 7 KB
7 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKKTU1Kvnz.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 22:10:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:50 GMT
server: sffe
age: 53382
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6728
x-xss-protection: 0
expires: Tue, 20 Oct 2020 22:10:30 GMT

GET
H/1.1 200
OK CheckConnection Show response
rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de/accounts/ Frame E7FE 29 KB
12 KB 128ms
54ms Document
text/html 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de/accounts/CheckConnection?pmpo=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de&v=-599030227&timestamp=1571749212955
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: ESF /
Resource Hash: e60d77e09e0fc2007c3732650629ee2e42e4ba724d980ebe0e9ec2afdd02b5aa

Request headers

Host: rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-site
Referer: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://accounts.aboutyou-freedom-fest.de/ServiceLogin?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F

Response headers

Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11436
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Oct 2019 13:00:13 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: ESF

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/ 3 KB
3 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:817::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKKTU1Kvnz.woff2

Requested by

Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a893b2ff1c82d49ac0c09ace71cf8178c0830f6a988103c779b6fc12c0da78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/
Origin: https://accounts.aboutyou-freedom-fest.de
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 22:53:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:44 GMT
server: sffe
age: 50811
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3272
x-xss-protection: 0
expires: Tue, 20 Oct 2020 22:53:21 GMT

GET
H/1.1 200
OK m=sygr,otPmVb,rlNAl Show response
hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/ 2 KB
1 KB 38ms
37ms Script
text/javascript 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=sygr,otPmVb,rlNAl
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: sffe /
Resource Hash: 631a8e37f33dee21fe0958774ca9eff779166ff1d7726ffa29dd1a258b08a7c1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://accounts.aboutyou-freedom-fest.de/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 22:51:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Oct 2019 05:57:39 GMT
Server: sffe
Age: 482914
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length: 811
Expires: Thu, 15 Oct 2020 22:51:39 GMT

GET
H/1.1 200
OK m=identifier_view Show response
hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/ 215 B
684 B 38ms
37ms Script
text/javascript 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=identifier_view
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: sffe /
Resource Hash: 45cbd3fd5b9ff790d62b69691dbe8cc375e8c06a5a7c938b77f8c9fca85a9137

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://accounts.aboutyou-freedom-fest.de/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 23:04:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Oct 2019 05:57:39 GMT
Server: sffe
Age: 482168
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length: 204
Expires: Thu, 15 Oct 2020 23:04:05 GMT

GET
H/1.1 200
OK m=pwd Show response
hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/ 139 B
578 B 37ms
36ms Script
text/javascript 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://hny2a73k4jwm0.aboutyou-freedom-fest.de/accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=0/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=pwd
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: sffe /
Resource Hash: 7396d591d9dd08ee8b6273408ec51a0a227806ce5eb0698cf05b52c2557d6bda

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://accounts.aboutyou-freedom-fest.de/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 16 Oct 2019 23:04:05 GMT
Last-Modified: Wed, 16 Oct 2019 05:57:39 GMT
Server: sffe
Age: 482168
Vary: Origin
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Content-Length: 139
Expires: Thu, 15 Oct 2020 23:04:05 GMT

POST
H/1.1 200
OK log Show response
play.aboutyou-freedom-fest.de/ 131 B
999 B 216ms
136ms XHR
text/plain 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aboutyou-freedom-fest.de/log?format=json&hasfast=true
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: Playlog /
Resource Hash: 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Tue, 22 Oct 2019 13:00:13 GMT
Content-Encoding: gzip
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Server: Playlog
P3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Access-Control-Allow-Origin: https://accounts.aboutyou-freedom-fest.de
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Headers: X-Playlog-Web
Content-Length: 140
Expires: Tue, 22 Oct 2019 13:00:13 GMT

POST
H/1.1 200
OK log Show response
play.aboutyou-freedom-fest.de/ 131 B
999 B 198ms
142ms XHR
text/plain 52.208.127.88
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aboutyou-freedom-fest.de/log?format=json&hasfast=true
Requested by: Host:
URL: /accounts/static/_/js/k=gaia.gaiafe_glif.en_GB.md0TCzr2vSs.O/am=gow0AwCCgAAAAAAAAAAAAABgQKJDxv_fBITb/d=1/ct=zgms/rs=ABkqax3P-9txGgajTeqEx7Mm5XZ6xcQuAg/m=glifb,identifier,unknownerror
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.208.127.88 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-208-127-88.eu-west-1.compute.amazonaws.com
Software: Playlog /
Resource Hash: 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Request headers

Sec-Fetch-Mode: cors
Referer: https://accounts.aboutyou-freedom-fest.de/signin/v2/identifier?passive=1209600&continue=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&followup=https%3A%2F%2Faccounts.aboutyou-freedom-fest.de%2F&flowName=GlifWebSignIn&flowEntry=ServiceLogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

Date: Tue, 22 Oct 2019 13:00:13 GMT
Content-Encoding: gzip
Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
Server: Playlog
P3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Access-Control-Allow-Origin: https://accounts.aboutyou-freedom-fest.de
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Headers: X-Playlog-Web
Content-Length: 140
Expires: Tue, 22 Oct 2019 13:00:13 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Google (Online)

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de/accounts	1970-01-19 04:35:49	Name: CheckConnectionTempCookie273 Value: 411040

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.aboutyou-freedom-fest.de
fonts.gstatic.com
hny2a73k4jwm0.aboutyou-freedom-fest.de
play.aboutyou-freedom-fest.de
rgfup91mgkvecnwrqr1g.aboutyou-freedom-fest.de
2a00:1450:4001:817::2003
52.208.127.88
1e1c37812116c45a81199ac9302cf3bb1fa9ef9199d9d8e7a0887dd526dc039a
203fcebace18fba7374339d925a14f8c28d266eca335788015a678d9fadac983
337a2caf49df114592a8c8603b0a9ba7d0a06fba5795bd3c16f8dbbe03eb3409
41720926981ffb6dc229f06fc0bbf0f43e45ba032d126726ebee481c2a6559e2
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
45cbd3fd5b9ff790d62b69691dbe8cc375e8c06a5a7c938b77f8c9fca85a9137
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
631a8e37f33dee21fe0958774ca9eff779166ff1d7726ffa29dd1a258b08a7c1
7396d591d9dd08ee8b6273408ec51a0a227806ce5eb0698cf05b52c2557d6bda
80fa23b4804621ce7f16b5c56d524dd90ea09d792622eeac9adf0ee6317b9e3a
949e287846b0940817e4ea0f65accc4481a46b8733dc12aa0265293a4645c661
a0a893b2ff1c82d49ac0c09ace71cf8178c0830f6a988103c779b6fc12c0da78
abfe5b27310a016303a0ede1f41a67d4adb8886b7c0ade3474cd44f60be50548
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
ca8a090651c62cbe8c24c6e99ce3c75a2aeac745159675da0f35a3249b2d4733
e60d77e09e0fc2007c3732650629ee2e42e4ba724d980ebe0e9ec2afdd02b5aa

accounts.aboutyou-freedom-fest.de Open in urlscan Pro 52.208.127.88 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

81 %HTTPS

50 %IPv6

2 Domains

5 Subdomains

3 IPs

2 Countries

500 kBTransfer

1471 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

27 JavaScript Global Variables

1 Cookies

Indicators

accounts.aboutyou-freedom-fest.de Open in urlscan Pro
52.208.127.88 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

81 %
HTTPS

50 %
IPv6

2
Domains

5
Subdomains

3
IPs

2
Countries

500 kB
Transfer

1471 kB
Size

1
Cookies

16 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!