Submitted URL: http://frenchestateagents.us1.list-manage1.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4
Effective URL: https://view.pagetiger.com/Leggett-Magazine-EN
Submission Tags: phishing
Submission: On November 14 via api from US — Scanned from DE

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 2606:4700:10::6816:3086, located in United States and belongs to CLOUDFLARENET, US. The main domain is view.pagetiger.com. The Cisco Umbrella rank of the primary domain is 260781.
TLS certificate: Issued by E1 on September 30th 2022. Valid for: 3 months.
This is the only time view.pagetiger.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 184.24.2.76 16625 (AKAMAI-AS)
1 6 2606:4700:10:... 13335 (CLOUDFLAR...)
5 1
Apex Domain
Subdomains
Transfer
6 pagetiger.com
view.pagetiger.com — Cisco Umbrella Rank: 260781
238 KB
1 list-manage.com
us1.list-manage.com — Cisco Umbrella Rank: 17943
1 KB
1 list-manage1.com
frenchestateagents.us1.list-manage1.com
242 B
5 3
Domain Requested by
6 view.pagetiger.com 1 redirects view.pagetiger.com
1 us1.list-manage.com 1 redirects
1 frenchestateagents.us1.list-manage1.com 1 redirects
5 3

This site contains no links.

Subject Issuer Validity Valid
*.pagetiger.com
E1
2022-09-30 -
2022-12-29
3 months crt.sh

This page contains 1 frames:

Primary Page: https://view.pagetiger.com/Leggett-Magazine-EN
Frame ID: C78D11F94A25DFF1058F828A496B113A
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Leggett Magazine EN - 16

Page URL History Show full URLs

  1. http://frenchestateagents.us1.list-manage1.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4 HTTP 307
    https://us1.list-manage.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4 HTTP 302
    http://view.pagetiger.com/Leggett-Magazine-EN HTTP 301
    https://view.pagetiger.com/Leggett-Magazine-EN Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

5
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

1
IPs

2
Countries

238 kB
Transfer

820 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://frenchestateagents.us1.list-manage1.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4 HTTP 307
    https://us1.list-manage.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4 HTTP 302
    http://view.pagetiger.com/Leggett-Magazine-EN HTTP 301
    https://view.pagetiger.com/Leggett-Magazine-EN Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Leggett-Magazine-EN
view.pagetiger.com/
Redirect Chain
  • http://frenchestateagents.us1.list-manage1.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4
  • https://us1.list-manage.com/track/click?u=1ca3ab5be3962e9dd1360d919&id=3b75abf693&e=d23945dde4
  • http://view.pagetiger.com/Leggett-Magazine-EN
  • https://view.pagetiger.com/Leggett-Magazine-EN
22 KB
5 KB
Document
General
Full URL
https://view.pagetiger.com/Leggett-Magazine-EN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82964a1dce5f3c6677e214b193648b6ae9d73ec1faae3f222143e9e4cfe08f36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
76a27e8db8bebba3-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 14 Nov 2022 20:28:34 GMT
p3p
CP="PAGETIGER"
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-server
lhr-oldweb04-h2

Redirect headers

CF-RAY
76a27e8d084d9bbf-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 14 Nov 2022 20:28:34 GMT
Expires
Mon, 14 Nov 2022 21:28:34 GMT
Location
https://view.pagetiger.com/Leggett-Magazine-EN
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
pinchZoom.efdf46.js
view.pagetiger.com/static/bundles/
28 KB
10 KB
Script
General
Full URL
https://view.pagetiger.com/static/bundles/pinchZoom.efdf46.js
Requested by
Host: view.pagetiger.com
URL: https://view.pagetiger.com/Leggett-Magazine-EN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede8a6de8538a7671b637c506681398fe45be5332560264cfe72ccb8700f5ef9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://view.pagetiger.com/Leggett-Magazine-EN
Origin
https://view.pagetiger.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 14 Nov 2022 20:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
804807
content-length
10322
last-modified
Fri, 30 Sep 2022 16:08:26 GMT
server
cloudflare
etag
"03938dfe6d4d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform, s-max-age=31536000
x-server
w3
accept-ranges
bytes
cf-ray
76a27e8edbfabba3-FRA
view.782a2a.js
view.pagetiger.com/static/bundles/
710 KB
203 KB
Script
General
Full URL
https://view.pagetiger.com/static/bundles/view.782a2a.js
Requested by
Host: view.pagetiger.com
URL: https://view.pagetiger.com/Leggett-Magazine-EN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9482bcf7b8452fa957119a0a6b0f6d89477565e02813e1aef7ec5935bdd98405
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://view.pagetiger.com/Leggett-Magazine-EN
Origin
https://view.pagetiger.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 14 Nov 2022 20:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
204521
content-length
207456
last-modified
Fri, 11 Nov 2022 16:56:59 GMT
server
cloudflare
etag
"803fda9ceef5d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform, s-max-age=31536000
x-server
lhr-oldweb04-h2
accept-ranges
bytes
cf-ray
76a27e8edc04bba3-FRA
view.76403e.css
view.pagetiger.com/static/bundles/
51 KB
11 KB
Stylesheet
General
Full URL
https://view.pagetiger.com/static/bundles/view.76403e.css
Requested by
Host: view.pagetiger.com
URL: https://view.pagetiger.com/Leggett-Magazine-EN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd49b122d00c437c0ca38791f6e3765da824899c2b1162408443fb3f2beeda0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://view.pagetiger.com/Leggett-Magazine-EN
Origin
https://view.pagetiger.com
accept-language
de-DE,de;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 14 Nov 2022 20:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
204521
content-length
10994
last-modified
Fri, 11 Nov 2022 16:56:59 GMT
server
cloudflare
etag
"803fda9ceef5d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform, s-max-age=31536000
x-server
lhr-oldweb04-h2
accept-ranges
bytes
cf-ray
76a27e8edc01bba3-FRA
ptibox_progress6a5f61057e5397d9d9df.png
view.pagetiger.com/static/bundles/
9 KB
9 KB
Image
General
Full URL
https://view.pagetiger.com/static/bundles/ptibox_progress6a5f61057e5397d9d9df.png
Requested by
Host: view.pagetiger.com
URL: https://view.pagetiger.com/static/bundles/view.76403e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3086 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc92c18444bd8dc07f3eb2c81ca8b884bf9c6052b3d5956acd5bf919eb6b7fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://view.pagetiger.com/static/bundles/view.76403e.css
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 14 Nov 2022 20:28:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2720011
content-length
8835
last-modified
Fri, 30 Sep 2022 16:08:26 GMT
server
cloudflare
etag
"03938dfe6d4d81:0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, no-transform, s-max-age=31536000
x-server
w2
accept-ranges
bytes
cf-ray
76a27e901edabba3-FRA

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| disableErrorReporting object| extraBlacklistURLs object| extraBlacklistErrors string| crossOriginJs string| crossOriginJsIntegrity string| elementId string| documentGuid string| GRR_API object| pageTurnConfig object| webpackChunkfrontend function| clearImmediate function| setImmediate object| regeneratorRuntime function| applyFocusVisiblePolyfill function| activateModule object| activeEvents object| errorReporter string| API_VERSION string| API_PATH function| $ function| jQuery function| closePopUp number| moduleTypeLink number| moduleTypePollAnswer number| moduleTypeArticle number| moduleTypeIFrame number| moduleTypeVideo number| moduleTypeJump number| moduleTypeComp number| moduleTypeGallery number| moduleTypeForward number| moduleTypeShare string| containerID object| pt string| ptiThemeFolder string| ptiWS string| ptiProtocolSSL function| getByTitle function| getByID object| ptiIsTablet boolean| ptiAttractModeStarted object| ptiAttractModeLastInteraction boolean| ptiAttractModeFirstPageViewed function| ptiGetInstance function| scrollTop function| ptiClosePopupGotoPage function| ptiClosePopupGotoPageSlow function| ptiSwitchPageView function| ptiNextPage function| ptiPreviousPage function| ptiGotoPage function| ptiGotoPageSlow function| ptiSinglePageView function| ptiDoublePageView function| ptiLinkClicked function| ptiLinkClickedUsingTitle function| ptiGotoPageClickLink function| ptiClosePopupLinkClicked function| ptiClosePopupLinkClickedUsingTitle undefined| ptiTools function| ptiGotoPageIfOnCover function| ptiCookie function| ptiClosePopup function| ptiEnterPageNumber function| ptiContents function| ptiCloseContentsGotoPage function| ptiCloseSearchGotoPage function| ptiIssues function| ptiDownloadPDF function| ptiSearch function| ptiPauseVideos function| ptiShare function| ptiPrint function| ptiPagesViewed function| ptiVideoCompleted function| ptiHookupLeftRightArrows function| switchToolbar function| ptiGetDefaultConfig function| __CE_installPolyfill function| getQueryParamValue object| pageTurn

3 Cookies

Domain/Path Name / Value
us1.list-manage.com/ Name: _mcid
Value: 1.458e979c8fd2690a8831be07c9c5edcb.a9bff2aed4090a07d10631f833d4ea435064708e743bf336ab9aca881d639bdb
.list-manage.com/ Name: _abck
Value: 5191E4BF03965C6926C326DA4A9E0D25~-1~YAAQiPAQAq4lHXeEAQAAxVPUdwhDTXKhcv57U8l+i6zytMGvhXherDnuK35MYVLka5hWSI9/8UWuyGQhiZdDgq0GBTJfwY06FmY3ePMjjUFknyOPCQYbNQorbjX501jAqnA/dWB9XVIEUV+rv52o8TWKuKmQ4Kh7w3svu2yImCTqf7+aO6WQ/JPCwScghP1d32sej5s4fphcvC80LRSq09/JyOJpwGz9E8VYff+5nHGx0F73cjYp9xzc0oDESsFT9n1BhuiiZfumL8ZNtn/a1D8k7cHaNnHbjjzdW0jsbPQIEiMFjoggt1WIaw4lptpa+uxyN0k3ppLtgLWXaWzKAWnRUOhrKyqwShFXHPvN/WbRLjRSRj+P+ZF4pvqrDA==~-1~-1~-1
.list-manage.com/ Name: bm_sz
Value: 8D86A35DA0A26A3FF42B6E4C5BC41725~YAAQiPAQAq8lHXeEAQAAxVPUdxE2np783LJae0IoYQNTp7dBaSakS+Su75KsR2j6CbIyIhbvdiO2tB9IJ3dhdHlQI8zT3+x+krdhLQHrs3rTBdyKDnT6Q4cfFNIYVLeAEi999dPl4B+qBSK6PSpuBzVhIMJvhp7nOMl/kCMBqCFO2PQwGubBDu1BKWS7kSyS+P+yxPbvWdrF6W4FDYXjTk0bY/JHqPMAPyTW8z02tpTVfIUfUXvUVVzvb4LrD6guLCESGNEw9sqUTG1Z1jh/Im8q09fw5YNmgJJJJn08Lb4wpS8gsi4PPw==~3749937~3294274

1 Console Messages

Source Level URL
Text
rendering warning URL: https://view.pagetiger.com/Leggett-Magazine-EN(Line 5)
Message:
The key "" is not recognized and ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff