region3.purpleportal.net Open in urlscan Pro
34.96.108.111 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://region3.purpleportal.net/
Effective URL:
https://region3.purpleportal.net/login
Submission: On January 08 via manual (January 8th 2024, 1:49:35 am UTC) from IN — Scanned from DE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 34.96.108.111, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is region3.purpleportal.net.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 25th 2023. Valid for: a year.

This is the only time region3.purpleportal.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 12	34.96.108.111 34.96.108.111	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	34.36.140.245 34.36.140.245	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.222.250.7 52.222.250.7	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
16	5

12 34.96.108.111 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.108.96.34.bc.googleusercontent.com

region3.purpleportal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.140.245 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 245.140.36.34.bc.googleusercontent.com

cdn.eu.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.250.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-7.fra60.r.cloudfront.net

d1ldbb6wxu8wdm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	purpleportal.net 2 redirects region3.purpleportal.net	1 MB
3	gstatic.com fonts.gstatic.com	71 KB
1	cloudfront.net d1ldbb6wxu8wdm.cloudfront.net	4 KB
1	pendo.io cdn.eu.pendo.io — Cisco Umbrella Rank: 32084	146 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
16	5

	Domain	Requested by
12	region3.purpleportal.net	2 redirects region3.purpleportal.net
3	fonts.gstatic.com	fonts.googleapis.com
1	d1ldbb6wxu8wdm.cloudfront.net	region3.purpleportal.net
1	cdn.eu.pendo.io	region3.purpleportal.net
1	fonts.googleapis.com	region3.purpleportal.net
16	5

This site contains no links.

Subject Issuer	Validity	Valid
*.purpleportal.net Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.eu.pendo.io GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://region3.purpleportal.net/login
Frame ID: 4FEDE50FB94C12DDFCA7EF1AC7D52DBB
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Purple empty icon

Page URL History Show full URLs

http://region3.purpleportal.net/ HTTP 301
https://region3.purpleportal.net/ HTTP 302
https://region3.purpleportal.net/login Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

16
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1598 kB
Transfer

4372 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://region3.purpleportal.net/ HTTP 301
https://region3.purpleportal.net/ HTTP 302
https://region3.purpleportal.net/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
region3.purpleportal.net/
Redirect Chain

http://region3.purpleportal.net/
https://region3.purpleportal.net/
https://region3.purpleportal.net/login

127 KB
50 KB

529ms
529ms

Document
text/html

34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

98fadc183c50d636f4b5409e5cd773e18a04d6785a21306ac21184ac65c227ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .force.com .salesforce.com;
Strict-Transport-Security	max-age=3600;
X-Content-Security-Policy	frame-ancestors 'self' .force.com .salesforce.com;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM *.force.com DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.force.com *.salesforce.com;
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 01:49:29 GMT
expires: Mon, 08 Jan 2024 01:49:29 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=3600;
vary: Accept-Language
via: 1.1 google
x-content-security-policy: frame-ancestors 'self' *.force.com *.salesforce.com;
x-content-type-options: nosniff nosniff
x-frame-options: ALLOW-FROM *.force.com DENY
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-security-policy: frame-ancestors 'self' *.force.com *.salesforce.com;
content-type: text/html; charset=UTF-8
date: Mon, 08 Jan 2024 01:49:28 GMT
expires: Mon, 08 Jan 2024 01:49:28 GMT
location: https://region3.purpleportal.net/login
pragma: no-cache
server: nginx
strict-transport-security: max-age=3600;
vary: Accept-Language
via: 1.1 google
x-content-security-policy: frame-ancestors 'self' *.force.com *.salesforce.com;
x-content-type-options: nosniff nosniff
x-frame-options: ALLOW-FROM *.force.com DENY
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 136ms
49ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:300,300italic,400,400italic,500,700

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad6eef9cf16be25afcab9a7ef089bf14a0041333e58fbfd6f9a6d63bed05dd2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 08 Jan 2024 01:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 01:49:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 08 Jan 2024 01:49:29 GMT

GET
H3 200 v4-base.min.css
region3.purpleportal.net/compressed/ 247 KB
56 KB 328ms
327ms Stylesheet
text/css 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/compressed/v4-base.min.css?aad2a9

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

796863e7a203a2f12f0985166c595109e4f4486723e01e694327945a84cb4c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:29 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:43:13 GMT
server: nginx
content-encoding: gzip
etag: W/"657998d1-3dae2"
x-frame-options: DENY
content-type: text/css
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H3 200 login_form_t2.css
region3.purpleportal.net/compressed/ 25 KB
6 KB 320ms
319ms Stylesheet
text/css 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/compressed/login_form_t2.css?aad2a9

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

15527104095a82238f9571a1a8d7b66629d6aee4dec539c4bdac6d0e6851f933

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:29 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:41:39 GMT
server: nginx
content-encoding: gzip
etag: W/"65799873-623d"
x-frame-options: DENY
content-type: text/css
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 pendo.js Show response
cdn.eu.pendo.io/agent/static/f5942a2c-0858-4f4d-516a-de848853641d/ 443 KB
146 KB 155ms
41ms Script
application/javascript 34.36.140.245
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.eu.pendo.io/agent/static/f5942a2c-0858-4f4d-516a-de848853641d/pendo.js

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.140.245 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

245.140.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

3e4e0642729d8f250d7e02ac8fca81383379d8405f4a7e5b78e9cdf4a4608028

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 15:01:45 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 38865
x-guploader-uploadid: ABPtcPpNKzAOOtL2XVuU6fPO0YmunPtgHFnnZL8FmjibN1Wg-BY_3QQK7unJE4p81d2AJTCFQ0madl0MeA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148904
last-modified: Wed, 03 Jan 2024 16:09:54 GMT
server: UploadServer
etag: "0ab99f78f90159fbbd4d27ea73363848"
vary: Accept-Encoding
x-goog-generation: 1704298194801227
x-goog-hash: crc32c=DPKvrg==, md5=CrmfePkBWfu9TSfqczY4SA==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 148904
accept-ranges: bytes
content-type: application/javascript

GET
H/1.1 200
OK ef46599d9f270c3546d7c948b1c36d02.png
d1ldbb6wxu8wdm.cloudfront.net/ 4 KB
4 KB 153ms
40ms Image
binary/octet-stream 52.222.250.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ldbb6wxu8wdm.cloudfront.net/ef46599d9f270c3546d7c948b1c36d02.png
Requested by: Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-7.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f3f55ba790cfff9762025cf5d19bf0ef6d2957770a6068e3fe619578b7d4737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Sun, 07 Jan 2024 07:54:32 GMT
Via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
Last-Modified: Mon, 18 Jan 2016 11:20:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 64498
ETag: "9a4723dd587e5f7a60f82d7abd280676"
X-Cache: Hit from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4006
X-Amz-Cf-Id: SveZT8Pg8z7fsRK25DkcN-0xGsWVxu0ipHhESJXZ781Uk76vGCntFA==

GET
H3 200 custom-dash-3.png
region3.purpleportal.net/img/login-slides/ 81 KB
81 KB 320ms
320ms Image
image/png 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://region3.purpleportal.net/img/login-slides/custom-dash-3.png

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b2bd5ffd186c98777d31b4b545af02f91a385cb4a049828b3a3474669a381421

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:29 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:31:27 GMT
server: nginx
via: 1.1 google
etag: "6579960f-143f5"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82933
x-xss-protection: 1; mode=block

GET
H3 200 custom-dash-1.png
region3.purpleportal.net/img/login-slides/ 125 KB
125 KB 328ms
327ms Image
image/png 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://region3.purpleportal.net/img/login-slides/custom-dash-1.png

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

ecd26a46c449a18e3bedd749f5e173a3afcc14499bbe1151ba10867952cec80f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:30 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:31:27 GMT
server: nginx
via: 1.1 google
etag: "6579960f-1f501"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128257
x-xss-protection: 1; mode=block

GET
H3 200 custom-dash-2.png
region3.purpleportal.net/img/login-slides/ 88 KB
88 KB 326ms
326ms Image
image/png 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://region3.purpleportal.net/img/login-slides/custom-dash-2.png

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d76c128d801fdd522071544d1f18d55f334f660d58f07b6ac07bc32344a9ac48

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:30 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:31:27 GMT
server: nginx
via: 1.1 google
etag: "6579960f-15f69"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89961
x-xss-protection: 1; mode=block

GET
H3 200 v4-base.min.js Show response
region3.purpleportal.net/compressed/ 3 MB
956 KB 331ms
331ms Script
application/javascript 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/compressed/v4-base.min.js?aad2a9

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

fc1a4869483c54c1537c44a8a6b6be834e81ce95d2457e210fbd34d2d35b9446

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:30 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:43:39 GMT
server: nginx
content-encoding: gzip
etag: W/"657998eb-30beb4"
x-frame-options: DENY
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H3 200 login_form.js Show response
region3.purpleportal.net/compressed/ 28 KB
10 KB 327ms
326ms Script
application/javascript 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/compressed/login_form.js?aad2a9

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/login

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

072d7cc15f19e24051ac697abca4873d9469639af1a597393a580735cb60a279

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:30 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:41:37 GMT
server: nginx
content-encoding: gzip
etag: W/"65799871-6f78"
x-frame-options: DENY
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H3 200 login-bg-pattern.png
region3.purpleportal.net/img/ 3 KB
3 KB 682ms
682ms Image
image/png 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://region3.purpleportal.net/img/login-bg-pattern.png

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/compressed/login_form_t2.css?aad2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e667617e0cd23b28ea3049c5873d2dd4e06e1487eb77c30c985656dd07a66465

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://region3.purpleportal.net/compressed/login_form_t2.css?aad2a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 01:49:30 GMT
strict-transport-security: max-age=3600;
x-content-type-options: nosniff
last-modified: Wed, 13 Dec 2023 11:31:27 GMT
server: nginx
via: 1.1 google
etag: "6579960f-c56"
x-frame-options: DENY
content-type: image/png
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3158
x-xss-protection: 1; mode=block

GET
H2 200 va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 126ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnPKreRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,300italic,400,400italic,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://region3.purpleportal.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 04:27:18 GMT
x-content-type-options: nosniff
age: 163332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23620
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Jan 2025 04:27:18 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
23 KB 162ms
78ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,300italic,400,400italic,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://region3.purpleportal.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:17:07 GMT
x-content-type-options: nosniff
age: 509543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23880
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:17:07 GMT

GET
H3 401 spa Show response
region3.purpleportal.net/translations/ 33 B
54 B 414ms
413ms XHR
application/json 34.96.108.111
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/translations/spa

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/compressed/v4-base.min.js?aad2a9

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.108.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

111.108.96.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

b1421a591a7e723b14b63844f20d187a3539aafde0658a46a2f9016e37e0e829

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .force.com .salesforce.com;
X-Content-Security-Policy	frame-ancestors 'self' .force.com .salesforce.com;
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM *.force.com

Request headers

Accept: application/json
Referer: https://region3.purpleportal.net/login
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

x-content-security-policy: frame-ancestors 'self' *.force.com *.salesforce.com;
pragma: no-cache
date: Mon, 08 Jan 2024 01:49:31 GMT
content-security-policy: frame-ancestors 'self' *.force.com *.salesforce.com;
x-content-type-options: nosniff
via: 1.1 google
server: nginx
x-frame-options: ALLOW-FROM *.force.com
vary: Accept-Language
content-type: application/json
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 08 Jan 2024 01:49:31 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v17/ 23 KB
24 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v17/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:300,300italic,400,400italic,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://region3.purpleportal.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 21:36:27 GMT
x-content-type-options: nosniff
age: 187984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24020
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:50:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 21:36:27 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
region3.purpleportal.net/	1969-12-31 23:59:59	Name: portal_session Value: 0cqosn91qoo1rff5kjk3pdg07n
region3.purpleportal.net/	1970-01-20 18:15:56	Name: device_view Value: full
region3.purpleportal.net/	1970-01-20 17:32:44	Name: lunetics_locale Value: de_DE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://region3.purpleportal.net/translations/spa Message: Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .force.com .salesforce.com;
Strict-Transport-Security	max-age=3600;
X-Content-Security-Policy	frame-ancestors 'self' .force.com .salesforce.com;
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	ALLOW-FROM *.force.com DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.eu.pendo.io
d1ldbb6wxu8wdm.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region3.purpleportal.net
2a00:1450:4001:806::200a
2a00:1450:4001:830::2003
34.36.140.245
34.96.108.111
52.222.250.7
072d7cc15f19e24051ac697abca4873d9469639af1a597393a580735cb60a279
15527104095a82238f9571a1a8d7b66629d6aee4dec539c4bdac6d0e6851f933
3e4e0642729d8f250d7e02ac8fca81383379d8405f4a7e5b78e9cdf4a4608028
6f3f55ba790cfff9762025cf5d19bf0ef6d2957770a6068e3fe619578b7d4737
796863e7a203a2f12f0985166c595109e4f4486723e01e694327945a84cb4c1b
89ae1743656b75948be30cc4909efd3c61771b7bd9f6d53eb14cd9731d486b57
98fadc183c50d636f4b5409e5cd773e18a04d6785a21306ac21184ac65c227ab
ad6eef9cf16be25afcab9a7ef089bf14a0041333e58fbfd6f9a6d63bed05dd2e
b1421a591a7e723b14b63844f20d187a3539aafde0658a46a2f9016e37e0e829
b2bd5ffd186c98777d31b4b545af02f91a385cb4a049828b3a3474669a381421
c52b9a30cb5d84dcfb2a4f9967f37abd86c3e709554ed4f168a03222e033bb93
d76c128d801fdd522071544d1f18d55f334f660d58f07b6ac07bc32344a9ac48
e667617e0cd23b28ea3049c5873d2dd4e06e1487eb77c30c985656dd07a66465
ecd26a46c449a18e3bedd749f5e173a3afcc14499bbe1151ba10867952cec80f
f8fb86afe5b79eaff2c4a5a44459de5444d04a7b395fd7bd627e70b95e5e5347
fc1a4869483c54c1537c44a8a6b6be834e81ce95d2457e210fbd34d2d35b9446

region3.purpleportal.net Open in urlscan Pro 34.96.108.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

1598 kBTransfer

4372 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

region3.purpleportal.net Open in urlscan Pro
34.96.108.111 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1598 kB
Transfer

4372 kB
Size

3
Cookies

16 HTTP transactions
0 data transactions