www.fecebook.com Open in urlscan Pro
72.52.179.174 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u8608981.ct.sendgrid.net/wf/click?upn=W6AJu0byYaxpIPURNDYaDMsizG-2FNvm7VFERqMGq6E1jGmA9TPbnN2mCirRVHn-2B5iOQtvy4cSRjLirt6...
Effective URL:
http://www.fecebook.com/ddbkk
Submission: On October 03 via manual (October 3rd 2019, 5:29:29 am UTC) from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 12 HTTP transactions. The main IP is 72.52.179.174, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is www.fecebook.com.

This is the only time www.fecebook.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.123.16 167.89.123.16	11377 (SENDGRID) (SENDGRID - SendGrid)
1 6	54.169.79.183 54.169.79.183	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	35.227.194.21 35.227.194.21	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	72.52.179.174 72.52.179.174	32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
12	5

1 167.89.123.16 (United States) 1 redirects

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789123x16.outbound-mail.sendgrid.net

u8608981.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.169.79.183 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-169-79-183.ap-southeast-1.compute.amazonaws.com

region3.purpleportal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.194.21 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 21.194.227.35.bc.googleusercontent.com

cookies.purple.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.52.179.174 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)

www.fecebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	purpleportal.net 1 redirects region3.purpleportal.net	123 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	purple.ai cookies.purple.ai	5 KB
2	googletagmanager.com www.googletagmanager.com	49 KB
1	fecebook.com www.fecebook.com	275 B
1	sendgrid.net 1 redirects u8608981.ct.sendgrid.net	339 B
12	6

	Domain	Requested by
6	region3.purpleportal.net	1 redirects region3.purpleportal.net
2	www.google-analytics.com	www.googletagmanager.com
2	cookies.purple.ai	www.googletagmanager.com cookies.purple.ai
2	www.googletagmanager.com	region3.purpleportal.net www.googletagmanager.com
1	www.fecebook.com	region3.purpleportal.net
1	u8608981.ct.sendgrid.net	1 redirects
12	6

This site contains no links.

Subject Issuer	Validity	Valid
*.purpleportal.net Sectigo RSA Domain Validation Secure Server CA	`2019-04-30` - `2020-05-29`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.purple.ai Sectigo RSA Domain Validation Secure Server CA	`2019-02-02` - `2020-02-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.fecebook.com/ddbkk
Frame ID: 7E8DB84731898494B2EC4D3EF5580315
Requests: 11 HTTP requests in this frame

Frame: https://cookies.purple.ai/xdomain_cookie.html
Frame ID: C567C25F842D150709D4B0D9296C4B58
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u8608981.ct.sendgrid.net/wf/click?upn=W6AJu0byYaxpIPURNDYaDMsizG-2FNvm7VFERqMGq6E1jGmA9TPbnN2mCirRVHn... HTTP 302
https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b... Page URL
https://region3.purpleportal.net/access/success HTTP 302
http://www.fecebook.com/ddbkk Page URL

Page Statistics

12
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

194 kB
Transfer

296 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u8608981.ct.sendgrid.net/wf/click?upn=W6AJu0byYaxpIPURNDYaDMsizG-2FNvm7VFERqMGq6E1jGmA9TPbnN2mCirRVHn-2B5iOQtvy4cSRjLirt6Goj-2F2RQSJAsu0uCTWNGWBMIzKcPrnIW-2FFip1M1JXm-2FK1taKyOkKXUlGrfWcBBYIZJUmnMWZJxn3qjbEoH0jF4Zqfzf1xsK-2F-2Bfc-2FE1TyoFCKyQJk8l_3YiO3g4OZ88zjwmUl85rykCvVDmQeFAmMgqkTiILk9rfFBRMFj0LCAVzKtuWOPEamKenU4f-2BxKkpZRAJUz-2FvZdazH1h-2BETn-2Bh5R5g01RuhCwwwAqv01ZdS5RmWNPcwH9Wpz1aoZ3LcnQeDRjvW6SEWeOn2k5qGVhR7YFKsl4HLnVCbuSlSOcs-2BfraqTm9Aan1njD3KjJb5BZ0C6pqgjUAUtJSYagzPT88m-2BvW69Z3b8-3D HTTP 302
https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0 Page URL
https://region3.purpleportal.net/access/success HTTP 302
http://www.fecebook.com/ddbkk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://u8608981.ct.sendgrid.net/wf/click?upn=W6AJu0byYaxpIPURNDYaDMsizG-2FNvm7VFERqMGq6E1jGmA9TPbnN2mCirRVHn-2B5iOQtvy4cSRjLirt6Goj-2F2RQSJAsu0uCTWNGWBMIzKcPrnIW-2FFip1M1JXm-2FK1taKyOkKXUlGrfWcBBYIZJUmnMWZJxn3qjbEoH0jF4Zqfzf1xsK-2F-2Bfc-2FE1TyoFCKyQJk8l_3YiO3g4OZ88zjwmUl85rykCvVDmQeFAmMgqkTiILk9rfFBRMFj0LCAVzKtuWOPEamKenU4f-2BxKkpZRAJUz-2FvZdazH1h-2BETn-2Bh5R5g01RuhCwwwAqv01ZdS5RmWNPcwH9Wpz1aoZ3LcnQeDRjvW6SEWeOn2k5qGVhR7YFKsl4HLnVCbuSlSOcs-2BfraqTm9Aan1njD3KjJb5BZ0C6pqgjUAUtJSYagzPT88m-2BvW69Z3b8-3D HTTP 302
https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 52eaa53303d118ae5de2b3e3b2bc710462f439c0 Show response
region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/
Redirect Chain

https://u8608981.ct.sendgrid.net/wf/click?upn=W6AJu0byYaxpIPURNDYaDMsizG-2FNvm7VFERqMGq6E1jGmA9TPbnN2mCirRVHn-2B5iOQtvy4cSRjLirt6Goj-2F2RQSJAsu0uCTWNGWBMIzKcPrnIW-2FFip1M1JXm-2FK1taKyOkKXUlGrfWcBBY...
https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

3 KB
3 KB

2997ms
1942ms

Document
text/html

54.169.79.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.79.183 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-79-183.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

185fc2b3387609e5c1506207552ffd3cae51fe0561fbe523267a0c442a41efea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: region3.purpleportal.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Content-Type: text/html;charset=UTF-8
Set-Cookie: PHPSESSID=vhd5n58q3b977g38ma3lp50iq5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 3108
Accept-Ranges: bytes
Date: Thu, 03 Oct 2019 04:41:07 GMT

Redirect headers

Server: nginx
Date: Thu, 03 Oct 2019 05:29:08 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK access.min.css
region3.purpleportal.net/access/ 15 KB
15 KB 694ms
693ms Stylesheet
text/css 54.169.79.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/access/access.min.css

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.79.183 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-79-183.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

cfeaeb8487de6c2f9c39029a3a8a852e9e5c7c85ffd90fa82c30abeaf5d8b55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 04:41:07 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Aug 2019 11:25:36 GMT
ETag: "5d651330-3c1c"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Accept-Ranges: bytes, bytes
Content-Length: 15388
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK tick-large-blue.png
region3.purpleportal.net/access/img/ 3 KB
3 KB 1046ms
351ms Image
image/png 54.169.79.183
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://region3.purpleportal.net/access/img/tick-large-blue.png

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.79.183 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-79-183.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

5696e1a3007264908e83de530d98fc0cfa71b3ae91b4da87cac454ab8d1492ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 04:41:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Nov 2018 10:40:16 GMT
ETag: "5bebfb90-bb8"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Accept-Ranges: bytes, bytes
Content-Length: 3000
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.min.js Show response
region3.purpleportal.net/access/ 90 KB
91 KB 1345ms
672ms Script
application/javascript 54.169.79.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/access/jquery.min.js?version=4

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.79.183 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-79-183.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

279ccc0eb4436e608111126f65831cdd360ff273160e69cd20b27967a1aa7473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 04:41:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 14 Nov 2018 10:40:16 GMT
ETag: "5bebfb90-169b2"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes, bytes
Content-Length: 92594
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK access.min.js Show response
region3.purpleportal.net/access/ 9 KB
10 KB 444ms
359ms Script
application/javascript 54.169.79.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://region3.purpleportal.net/access/access.min.js?version=4

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.169.79.183 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-54-169-79-183.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

9aefa6cd2cc932cf94ce36b241d20a999b10c44fb623a568763ce06101cab5d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Oct 2019 04:41:08 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Apr 2019 14:19:05 GMT
ETag: "5caf4cd9-24cd"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Accept-Ranges: bytes, bytes
Content-Length: 9421
X-XSS-Protection: 1; mode=block

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 58 KB
22 KB 84ms
84ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLSBN4B

Requested by

Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e235d7659caa2282852ef9b858fe56d9c7c8c9c3210369800447cb28799cfa40

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 05:29:12 GMT
content-encoding: br
last-modified: Thu, 03 Oct 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 22535
x-xss-protection: 0
expires: Thu, 03 Oct 2019 05:29:12 GMT

GET
H2 200 xdomain_cookie.min.js Show response
cookies.purple.ai/ 5 KB
5 KB 168ms
148ms Script
application/javascript 35.227.194.21
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.purple.ai/xdomain_cookie.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSBN4B
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.194.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.194.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 05:29:13 GMT
via: 1.1 google
last-modified: Wed, 18 Jul 2018 20:36:58 GMT
server: nginx/1.10.3 (Ubuntu)
etag: "5b4fa4ea-127d"
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 4733

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
27 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-35593972-11

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLSBN4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb6fb54042c90487321b23df5f8ff4ade1f80c29708dd0996847a368ca61968a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 03 Oct 2019 05:29:13 GMT
content-encoding: br
last-modified: Thu, 03 Oct 2019 03:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27198
x-xss-protection: 0
expires: Thu, 03 Oct 2019 05:29:13 GMT

GET
H2 200 xdomain_cookie.html
cookies.purple.ai/ Frame C567 0
0 150ms
149ms Document
text/html 35.227.194.21
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cookies.purple.ai/xdomain_cookie.html
Requested by: Host: cookies.purple.ai
URL: https://cookies.purple.ai/xdomain_cookie.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.194.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 21.194.227.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash

Request headers

:method: GET
:authority: cookies.purple.ai
:scheme: https
:path: /xdomain_cookie.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0

Response headers

status: 200
server: nginx/1.10.3 (Ubuntu)
date: Thu, 03 Oct 2019 05:29:13 GMT
content-type: text/html
content-length: 3387
last-modified: Wed, 18 Jul 2018 20:36:58 GMT
etag: "5b4fa4ea-d3b"
accept-ranges: bytes
via: 1.1 google
alt-svc: clear

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-35593972-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4747
date: Thu, 03 Oct 2019 04:10:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 03 Oct 2019 06:10:06 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=136076393&t=pageview&_s=1&dl=https%3A%2F%2Fregion3.purpleportal.net%2Faccess%2Femail-validate%2F8ceef4ceb00db8aaf698c08088eb7112%2F52eaa53303d118ae5de2b3e3b2bc710462f439c0&ul=en-us&de=UTF-8&dt=Email%20Verified&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=236490447&gjid=1997922273&cid=1366993823.1570080554&tid=UA-35593972-11&_gid=1844326960.1570080554&_r=1&gtm=2ou9p0&z=878183593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Oct 2019 05:29:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.0

404
Not Found

Primary Request ddbkk Show response
www.fecebook.com/
Redirect Chain

https://region3.purpleportal.net/access/success
http://www.fecebook.com/ddbkk

24 B
275 B

608ms
226ms

Document
text/html

72.52.179.174
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fecebook.com/ddbkk
Requested by: Host: region3.purpleportal.net
URL: https://region3.purpleportal.net/access/email-validate/8ceef4ceb00db8aaf698c08088eb7112/52eaa53303d118ae5de2b3e3b2bc710462f439c0
Protocol: HTTP/1.0
Server: 72.52.179.174 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16 / PHP/5.4.16
Resource Hash: 5ab44f257a83c18ca426028e0bf03b9bf2c194c0138c5c704f018cec98bd7650

Request headers

Host: www.fecebook.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate

Response headers

Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
Content-Type: text/html; charset=UTF-8
Date: Thu, 03 Oct 2019 05:29:18 GMT
Connection: Keep-Alive
X-Powered-By: PHP/5.4.16
Content-Length: 24

Redirect headers

Content-Type: text/html;charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Location: http://www.fecebook.com/ddbkk
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Accept-Ranges: bytes
Date: Thu, 03 Oct 2019 04:41:13 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: analytics

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cookies.purple.ai
region3.purpleportal.net
u8608981.ct.sendgrid.net
www.fecebook.com
www.google-analytics.com
www.googletagmanager.com
167.89.123.16
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2008
35.227.194.21
54.169.79.183
72.52.179.174
185fc2b3387609e5c1506207552ffd3cae51fe0561fbe523267a0c442a41efea
279ccc0eb4436e608111126f65831cdd360ff273160e69cd20b27967a1aa7473
5696e1a3007264908e83de530d98fc0cfa71b3ae91b4da87cac454ab8d1492ab
5ab44f257a83c18ca426028e0bf03b9bf2c194c0138c5c704f018cec98bd7650
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9aefa6cd2cc932cf94ce36b241d20a999b10c44fb623a568763ce06101cab5d3
cb6fb54042c90487321b23df5f8ff4ade1f80c29708dd0996847a368ca61968a
cfeaeb8487de6c2f9c39029a3a8a852e9e5c7c85ffd90fa82c30abeaf5d8b55a
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e235d7659caa2282852ef9b858fe56d9c7c8c9c3210369800447cb28799cfa40

www.fecebook.com Open in urlscan Pro 72.52.179.174 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

12 Requests

92 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

194 kBTransfer

296 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

www.fecebook.com Open in urlscan Pro
72.52.179.174 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

194 kB
Transfer

296 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions