urlscan.io logo urlscan.io
SecurityTrails logo

x.co Open in urlscan Pro
184.168.131.241  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://x.co/6nke3
Submission: On December 14 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 9 domains to perform 23 HTTP transactions. The main IP is 184.168.131.241, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is x.co.
This is the only time x.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online)

Domain & IP information

IP Address AS Autonomous System
2 184.168.131.241 26496 (AS-26496-...)
7 104.111.214.19 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.108.56.29 16625 (AKAMAI-AS)
3 68.232.35.180 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 178.249.101.23 11054 (LIVEPERSON)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:6400:16:... 11054 (LIVEPERSON)
3 208.89.12.87 11054 (LIVEPERSON)
23 11
2    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
x.co
shortener.godaddy.com
7    104.111.214.19 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-214-19.deploy.static.akamaitechnologies.com
img1.wsimg.com
1    2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    104.108.56.29 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-56-29.deploy.static.akamaitechnologies.com
gui.godaddy.com
3    68.232.35.180 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com
1    2a00:1450:400c:c04::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)
lptag.liveperson.net
1    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a03:6400:16:0:178:249:101:99 (United Kingdom)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)
accdn.lpsnmedia.net
3    208.89.12.87 (New York, United States)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)
PTR: va.v.liveperson.net
va.v.liveperson.net
Domain Requested by
7 img1.wsimg.com x.co
tags.tiqcdn.com
3 va.v.liveperson.net lptag.liveperson.net
3 tags.tiqcdn.com img1.wsimg.com
tags.tiqcdn.com
2 lptag.liveperson.net img1.wsimg.com
1 accdn.lpsnmedia.net lptag.liveperson.net
1 www.google-analytics.com
1 stats.g.doubleclick.net
1 gui.godaddy.com img1.wsimg.com
1 www.googletagmanager.com img1.wsimg.com
1 shortener.godaddy.com x.co
1 x.co
0 img.x.co Failed x.co
23 12

This site contains links to these domains. Also see Links.

Domain
www.godaddy.com
Subject Issuer Validity Valid
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2015-11-13 -
2018-11-13		 3 years crt.sh
shortener.godaddy.com
Go Daddy Secure Certificate Authority - G2		 2016-12-16 -
2018-12-16		 2 years crt.sh
*.godaddy.com
Go Daddy Secure Certificate Authority - G2		 2015-09-16 -
2018-09-16		 3 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2017-12-05 -
2018-02-27		 3 months crt.sh
*.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2015-01-29 -
2018-01-28		 3 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-21 -
2018-02-13		 3 months crt.sh
*.lpsnmedia.net
COMODO RSA Organization Validation Secure Server CA		 2015-05-27 -
2018-05-26		 3 years crt.sh
*.v.liveperson.net
COMODO RSA Organization Validation Secure Server CA		 2015-06-08 -
2018-06-07		 3 years crt.sh

This page contains 1 frames:

Primary Page: http://x.co/6nke3
Frame ID: (D27E130424F2642F43E966A806DF08F1)
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/tags\.tiqcdn\.com\//i

Page Statistics

23
Requests

48 %
HTTPS

40 %
IPv6

9
Domains

12
Subdomains

11
IPs

4
Countries

449 kB
Transfer

1217 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://stats.g.doubleclick.net/dc.js HTTP 307
  • https://stats.g.doubleclick.net/dc.js
Request Chain 16
  • http://www.google-analytics.com/plugins/ga/inpage_linkid.js HTTP 307
  • https://www.google-analytics.com/plugins/ga/inpage_linkid.js

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 6nke3
x.co/ 		10 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
http://x.co/6nke3
Protocol
HTTP/1.1
Server
184.168.131.241 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-184-168-131-241.ip.secureserver.net
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f58a5a630ba6585b75f9f80a0502ec8535ad0872f5a34140dabb4c16ae30c9c4
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
x.co
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Server
Apache/2.2.15 (CentOS)
Connection
close
X-Frame-Options
DENY
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
uxcore.min.css
img1.wsimg.com/ux/1.3.50-brand/css/ 		145 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://img1.wsimg.com/ux/1.3.50-brand/css/uxcore.min.css
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
HTTP/1.1
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b107ed47d8dc52696807ebee2405972a04022114519dacc0fcac7936214ab3d0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img1.wsimg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 21:40:22 GMT
ETag
"7a43c358a359d31:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
25190
Expires
Fri, 14 Dec 2018 14:43:27 GMT
brandheader-brand2.min.css
img1.wsimg.com/ux/eldorado/1.5.107/css/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://img1.wsimg.com/ux/eldorado/1.5.107/css/brandheader-brand2.min.css
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
HTTP/1.1
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84f7c8260f73d2b4a2b833afc8bdb2e157608c1ebd52f240cd47f3a4bb6047ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img1.wsimg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2017 18:42:30 GMT
ETag
"cffaece68822d31:0"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
8025
Expires
Fri, 14 Dec 2018 14:43:27 GMT
uxcore.en.min.js
img1.wsimg.com/ux/1.3.50-brand/js/ 		448 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img1.wsimg.com/ux/1.3.50-brand/js/uxcore.en.min.js
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
HTTP/1.1
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e9eb39bd2d4a943ebc78767969a9b62c5490ae30dff9dc6d29c8f4cd3e4c112

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img1.wsimg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Nov 2017 21:42:31 GMT
ETag
"374694a5a359d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
141232
Expires
Fri, 14 Dec 2018 14:43:27 GMT
brandheader.min.js
img1.wsimg.com/ux/eldorado/1.5.107/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img1.wsimg.com/ux/eldorado/1.5.107/js/brandheader.min.js
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
HTTP/1.1
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
64cbf7917561cfe91c75b5e1d0712c975fc938c04d3718fa257d234319e43638

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img1.wsimg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Aug 2017 18:43:10 GMT
ETag
"d43ac2fe8822d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
3965
Expires
Fri, 14 Dec 2018 14:43:27 GMT
gd-header-logo.png
img1.wsimg.com/ux/eldorado/1.5.107/images/brand2.0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.wsimg.com/ux/eldorado/1.5.107/images/brand2.0/gd-header-logo.png
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
HTTP/1.1
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf61ed2a448815aae212e1f3b7e87b1ae3b6f30738156b808ddc502fbdd5e0e3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img1.wsimg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Last-Modified
Thu, 31 Aug 2017 18:43:06 GMT
ETag
"e722dffb8822d31:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1767
Expires
Fri, 14 Dec 2018 14:43:27 GMT
Boing-Bold.woff2
img1.wsimg.com/ux/fonts/1.4/woff2/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/ux/fonts/1.4/woff2/Boing-Bold.woff2
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
49f6c1034e3661e29c5de12d1c97e489565c7d55fec513c2668a57329367e082

Request headers

:path
/ux/fonts/1.4/woff2/Boing-Bold.woff2
pragma
no-cache
origin
http://x.co
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
img1.wsimg.com
referer
http://img1.wsimg.com/ux/1.3.50-brand/css/uxcore.min.css
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
http://img1.wsimg.com/ux/1.3.50-brand/css/uxcore.min.css
Origin
http://x.co

Response headers

date
Thu, 14 Dec 2017 14:43:27 GMT
last-modified
Wed, 04 May 2016 22:29:16 GMT
etag
"59c6cd6454a6d11:0"
status
200
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
28220
expires
Fri, 14 Dec 2018 14:43:27 GMT
shortener_bg.jpg
shortener.godaddy.com/static/img/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shortener.godaddy.com/static/img/shortener_bg.jpg
Requested by
Host: x.co
URL: http://x.co/6nke3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.168.131.241 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-184-168-131-241.ip.secureserver.net
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c8a18c582d47da500d209aec71b6e5719541fa1f80c5ac5e2efa1f5efbeb5d18
Security Headers
Name Value
Strict-Transport-Security max-age=31104000
X-Frame-Options DENY

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
shortener.godaddy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Last-Modified
Thu, 07 Jul 2016 16:03:37 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"e02c3-1c323-5370dd43449aa"
X-Frame-Options
DENY
Content-Type
image/jpeg
Connection
Keep-Alive
Strict-Transport-Security
max-age=31104000
Accept-Ranges
bytes
Keep-Alive
timeout=60, max=100
Content-Length
115491
gtm.js
www.googletagmanager.com/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-SXRF&l=_gaDataLayer
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/ux/1.3.50-brand/js/uxcore.en.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
0a1d968c635fbf40c4942d5c2566d061b89fc31803ac63a116cf0bf9dffc293e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.googletagmanager.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Encoding
gzip
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
19551
X-XSS-Protection
1; mode=block
Expires
Thu, 14 Dec 2017 14:43:27 GMT
Cookie set /
gui.godaddy.com/pcjson/applicationheader/ 		208 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gui.godaddy.com/pcjson/applicationheader/?callback=jQuery183023521544757871093_1513262607261&_=1513262607328
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/ux/1.3.50-brand/js/uxcore.en.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.56.29 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-56-29.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/8.5 / ARR/2.5 ASP.NET
Resource Hash
623e7a431ee37d7a757c636ed608cf2f2dd7db8e997f1cf69beeb99215293366

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
gui.godaddy.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Type
text/javascript; charset=utf-8
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ARR/2.5 ASP.NET
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR OUR IND" policyref="/w3c/p3p.xml", CP="COM CNT DEM FIN GOV INT NAV ONL PHY PRE PUR STA UNI IDC CAO OTI DSP COR CUR i OUR IND"
Cache-Control
no-cache
Set-Cookie
session.gui=seuzttaxysqc03kh5cspvhzk; path=/; HttpOnly
Timing-Allow-Origin
*
Content-Length
208
Expires
-1
utag.js
tags.tiqcdn.com/utag/godaddy/godaddy/prod/ 		141 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.js
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/ux/1.3.50-brand/js/uxcore.en.min.js
Protocol
HTTP/1.1
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (oxr/8392) /
Resource Hash
25f922ece09a93201d861e91bbc6dcc356f885ed3d9c79002d99ed5d0a5f3648

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tags.tiqcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Dec 2017 23:33:00 GMT
Server
ECS (oxr/8392)
Etag
"3319298776"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Length
30310
Expires
Thu, 14 Dec 2017 14:48:27 GMT
pageevents.aspx
img.x.co/ 		0
0
utag.1355.js
tags.tiqcdn.com/utag/godaddy/godaddy/prod/ 		2 KB
888 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.1355.js?utv=ut4.42.201710051852
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.js
Protocol
HTTP/1.1
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4193) /
Resource Hash
8d854fc62fc6325e4825f8ec6d0ed66f52d0ae9cf299b5b16c0335d57c4f734f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tags.tiqcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2017 19:10:06 GMT
Server
ECS (fcn/4193)
Etag
"3216404595+gzip"
Vary
Accept-Encoding
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Content-Length
888
Expires
Fri, 29 Dec 2017 14:43:28 GMT
dc.js
stats.g.doubleclick.net/
Redirect Chain
  • http://stats.g.doubleclick.net/dc.js
  • https://stats.g.doubleclick.net/dc.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c04::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5df2e53f0fb2bcd2127d868006f864b192f2ad9758017a1bc3202bfcc97059f5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/dc.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
stats.g.doubleclick.net
referer
http://x.co/6nke3
:scheme
https
:method
GET
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
288
date
Thu, 14 Dec 2017 14:38:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
17097
expires
Thu, 14 Dec 2017 16:38:40 GMT

Redirect headers

Location
https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason
HSTS
liveengage.js
img1.wsimg.com/liveengage/v2/tag/1.9.0/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://img1.wsimg.com/liveengage/v2/tag/1.9.0/liveengage.js
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.js
Protocol
HTTP/1.1
Server
104.111.214.19 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-111-214-19.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe0f219d8a144641c8a6ad21070be76f65a4920fccb34e285948d58f259c9300

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
img1.wsimg.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Nov 2017 16:48:27 GMT
x-amz-request-id
tx000000000000000001340-005a1d648d-23af49e8-default
ETag
"7b7289ba466e9d2cc947fb925e2ddd6e"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
7157
Expires
Fri, 14 Dec 2018 14:43:28 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
2 B 		Script
General
Check archive.org
Download Go to
Full URL
http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=godaddy/godaddy/201712122332&cb=1513262608603
Requested by
Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/godaddy/godaddy/prod/utag.js
Protocol
HTTP/1.1
Server
68.232.35.180 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41E0) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tags.tiqcdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:28 GMT
Last-Modified
Thu, 14 Apr 2016 16:59:33 GMT
Server
ECS (fcn/41E0)
Etag
"144534940"
X-Cache
HIT
Content-Type
text/javascript
Cache-Control
max-age=600
Accept-Ranges
bytes
Content-Length
2
Expires
Thu, 14 Dec 2017 14:53:28 GMT
tag.js
lptag.liveperson.net/tag/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=30187337
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/liveengage/v2/tag/1.9.0/liveengage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
Software
ws /
Resource Hash
2bb96cd3b8c2c1dd9f879670c0612cc00ed49a09af73ff847232d8682588c877

Request headers

:path
/tag/tag.js?site=30187337
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lptag.liveperson.net
referer
http://x.co/6nke3
:scheme
https
:method
GET
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 14 Dec 2017 14:43:28 GMT
content-encoding
gzip
last-modified
Thu, 26 Oct 2017 11:19:28 GMT
server
ws
etag
"59f1c4c0-1991"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/javascript
status
200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
6545
inpage_linkid.js
www.google-analytics.com/plugins/ga/
Redirect Chain
  • http://www.google-analytics.com/plugins/ga/inpage_linkid.js
  • https://www.google-analytics.com/plugins/ga/inpage_linkid.js
1 KB
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ga/inpage_linkid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/plugins/ga/inpage_linkid.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://x.co/6nke3
:scheme
https
:method
GET
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 14 Dec 2017 14:14:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1734
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
701
x-xss-protection
1; mode=block
expires
Thu, 14 Dec 2017 15:14:34 GMT

Redirect headers

Location
https://www.google-analytics.com/plugins/ga/inpage_linkid.js
Non-Authoritative-Reason
HSTS
.jsonp
lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Requested by
Host: img1.wsimg.com
URL: http://img1.wsimg.com/liveengage/v2/tag/1.9.0/liveengage.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
Software
ws /
Resource Hash
f4362ac81a41a4f978b559932f80d39f19885bb23121761c151aea9d755af759

Request headers

:path
/lptag/api/account/30187337/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lptag.liveperson.net
referer
http://x.co/6nke3
:scheme
https
:method
GET
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Thu, 14 Dec 2017 14:43:28 GMT
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/x-javascript
status
200
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
zones
accdn.lpsnmedia.net/api/account/30187337/configuration/le-campaigns/ 		8 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/30187337/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a03:6400:16:0:178:249:101:99 , United Kingdom, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
Software
ws /
Resource Hash
954f13fd899c99fa539f66fb7b8cfb83ef6409540822df89544adb58b0134a9a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
accdn.lpsnmedia.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:28 GMT
Content-Encoding
gzip
Server
ws
X-Cache-Status
HIT
Vary
Accept
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 14 Dec 2017 14:43:34 GMT
Cookie set 30187337
va.v.liveperson.net/api/js/ 		207 B
208 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/30187337?&cb=lpCb93887x82282&t=sp&ts=1513262608773&pid=1883899868&tid=3174772045&pt=URL%20Shortener&u=http%3A%2F%2Fx.co%2F6nke3&sec=%5B%22env%3Aprod%22%2C%22path%3A%2F6nke3%22%2C%226nke3%22%2C%22market%3Aen-US%22%2C%22lang%3Aen%22%2C%22app%3Ashortener%22%2C%22plid%3A1%22%2C%22isgd%3Afalse%22%2C%22split%3AA%22%5D&df=0&os=1
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 New York, United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
d07b9671212be779e2a4322c479f1d146dc8abf68c69479224753743b9ef77c5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
va.v.liveperson.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:29 GMT
Content-Encoding
gzip
Server
ws
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json
Set-Cookie
LPVisitorID=MwOTkxODUzYTBkNjAyMTA5; Expires=Fri, 14-Dec-2018 14:43:29 GMT; Path=/; HttpOnly LPSessionID=OdzS1OtFRnmqvyTPsJtqbw; Path=/api/js/30187337; HttpOnly
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
30187337
va.v.liveperson.net/api/js/ 		110 B
134 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/30187337?sid=OdzS1OtFRnmqvyTPsJtqbw&cb=lpCb88925x69229&t=pl&ts=1513262608775&pid=1883899868&tid=3174772045&vid=MwOTkxODUzYTBkNjAyMTA5
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 New York, United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
1d927a62cedfed8647f781cbb32a72e3a14b74b741b2b3ce20ba334c94d3054b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
va.v.liveperson.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Cookie
LPSessionID=OdzS1OtFRnmqvyTPsJtqbw; LPVisitorID=MwOTkxODUzYTBkNjAyMTA5
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:29 GMT
Content-Encoding
gzip
Server
ws
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
30187337
va.v.liveperson.net/api/js/ 		42 B
73 B 		Script
General
Check archive.org
Download Go to
Full URL
https://va.v.liveperson.net/api/js/30187337?sid=OdzS1OtFRnmqvyTPsJtqbw&cb=lpCb77697x90606&t=uc&ts=1513262608949&pid=1883899868&tid=3174772045&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22gdchat-fixed-bottom-left%22%7D%2C%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22gdchat-fixed-bottom-right%22%7D%2C%7B%22type%22%3A%22pagediv%22%7D%2C%7B%22type%22%3A%22pagediv%22%7D%2C%7B%22type%22%3A%22pagediv%22%7D%2C%7B%22type%22%3A%22pagediv%22%7D%5D&vid=MwOTkxODUzYTBkNjAyMTA5
Requested by
Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/30187337/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.87 New York, United States, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
va.v.liveperson.net
Software
ws /
Resource Hash
6a61ccea48b7a140bea52b70839c2449079095a489aeca9540489a76664c20b7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
va.v.liveperson.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://x.co/6nke3
Cookie
LPSessionID=OdzS1OtFRnmqvyTPsJtqbw; LPVisitorID=MwOTkxODUzYTBkNjAyMTA5
Connection
keep-alive
Cache-Control
no-cache
Referer
http://x.co/6nke3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Thu, 14 Dec 2017 14:43:29 GMT
Content-Encoding
gzip
Server
ws
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
Content-Type
application/json
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.x.co
URL
http://img.x.co/pageevents.aspx?sitename=x.co&page=/6nke3&eventtype=impression&e_id=uxp.eld.int.brandheader.shortener.impression.uxpHeaderServed&rand=2717326857

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint object| ux function| require object| openit function| $ function| jQuery function| _ object| jQuery183023521544757871093 object| uxel object| _gaDataLayer undefined| jQuery183023521544757871093_1513262607261 object| utag_data object| _gaq object| google_tag_manager boolean| utag_condload object| utag object| utag_cfg_ovrd object| customTealiumTiming object| tagUtils object| selector function| setImmediate function| clearImmediate object| lpTag object| _trfq object| _gat object| e function| f function| _typeof object| lpMTagConfig

4 Cookies

Domain/Path Name / Value
.x.co/ Name: cookie-warning-accepted
Value: true
.x.co/ Name: market
Value: en-US
.x.co/ Name: utag_main
Value: v_id:0160557aeca40013fe1aa01fd1bb00079001107100b08$_sn:1$_ss:1$_st:1513264407525$ses_id:1513262607525%3Bexp-session$_pn:1%3Bexp-session
.x.co/ Name: OPTOUTMULTI
Value: 0:0%7Cc2:0%7Cc9:0%7Cc11:0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
gui.godaddy.com
img.x.co
img1.wsimg.com
lptag.liveperson.net
shortener.godaddy.com
stats.g.doubleclick.net
tags.tiqcdn.com
va.v.liveperson.net
www.google-analytics.com
www.googletagmanager.com
x.co
img.x.co
104.108.56.29
104.111.214.19
178.249.101.23
184.168.131.241
208.89.12.87
2a00:1450:4001:814::200e
2a00:1450:4001:816::2008
2a00:1450:400c:c04::9a
2a03:6400:16:0:178:249:101:99
68.232.35.180
0a1d968c635fbf40c4942d5c2566d061b89fc31803ac63a116cf0bf9dffc293e
1d927a62cedfed8647f781cbb32a72e3a14b74b741b2b3ce20ba334c94d3054b
25f922ece09a93201d861e91bbc6dcc356f885ed3d9c79002d99ed5d0a5f3648
2bb96cd3b8c2c1dd9f879670c0612cc00ed49a09af73ff847232d8682588c877
49f6c1034e3661e29c5de12d1c97e489565c7d55fec513c2668a57329367e082
4e9eb39bd2d4a943ebc78767969a9b62c5490ae30dff9dc6d29c8f4cd3e4c112
5df2e53f0fb2bcd2127d868006f864b192f2ad9758017a1bc3202bfcc97059f5
623e7a431ee37d7a757c636ed608cf2f2dd7db8e997f1cf69beeb99215293366
64cbf7917561cfe91c75b5e1d0712c975fc938c04d3718fa257d234319e43638
6a61ccea48b7a140bea52b70839c2449079095a489aeca9540489a76664c20b7
84f7c8260f73d2b4a2b833afc8bdb2e157608c1ebd52f240cd47f3a4bb6047ac
8d854fc62fc6325e4825f8ec6d0ed66f52d0ae9cf299b5b16c0335d57c4f734f
954f13fd899c99fa539f66fb7b8cfb83ef6409540822df89544adb58b0134a9a
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b107ed47d8dc52696807ebee2405972a04022114519dacc0fcac7936214ab3d0
bf61ed2a448815aae212e1f3b7e87b1ae3b6f30738156b808ddc502fbdd5e0e3
c8a18c582d47da500d209aec71b6e5719541fa1f80c5ac5e2efa1f5efbeb5d18
d07b9671212be779e2a4322c479f1d146dc8abf68c69479224753743b9ef77c5
f4362ac81a41a4f978b559932f80d39f19885bb23121761c151aea9d755af759
f58a5a630ba6585b75f9f80a0502ec8535ad0872f5a34140dabb4c16ae30c9c4
fe0f219d8a144641c8a6ad21070be76f65a4920fccb34e285948d58f259c9300