urlscan.io logo urlscan.io
SecurityTrails logo

t4.uyijr.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.co/FoK7PaTokJ#hidfsfncige792576969Gfdhkfsg6984250346jndfhuow69ewt087ffs979fhdfh435fdg
Effective URL: https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff...
Submission: On April 21 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is t4.uyijr.com.
TLS certificate: Issued by GTS CA 1P5 on March 28th 2023. Valid for: 3 months.
This is the only time t4.uyijr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.244.42.197 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
1 1 163.172.116.154 12876 (Online SAS)
1 67.217.62.41 19318 (IS-AS-1)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 4
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    163.172.116.154 (France)

ASN12876 (Online SAS, FR)
PTR: bniharchenherbs.store
bniharchenherbs.store
1    67.217.62.41 (United States)

ASN19318 (IS-AS-1, US)
zonestc.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
t4.uyijr.com
Apex Domain
Subdomains		 Transfer
2 uyijr.com
t4.uyijr.com
15 KB
2 t.co
t.co — Cisco Umbrella Rank: 584
1005 B
1 zonestc.com
zonestc.com
480 B
1 bniharchenherbs.store
bniharchenherbs.store
306 B
0 Failed
function sub() { [native code] }. Failed
5 5
Domain Requested by
2 t4.uyijr.com zonestc.com
t4.uyijr.com
2 t.co 1 redirects
1 zonestc.com t.co
1 bniharchenherbs.store 1 redirects
0 127.0.0.1 Failed t4.uyijr.com
5 5

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.zonestc.com
Go Daddy Secure Certificate Authority - G2		 2022-09-20 -
2023-09-20		 a year crt.sh
*.uyijr.com
GTS CA 1P5		 2023-03-28 -
2023-06-26		 3 months crt.sh

This page contains 1 frames:

Frame: http://127.0.0.1/
Frame ID: 24E32F0CFCDC04FACB3440E98C704A03
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://t.co/FoK7PaTokJ HTTP 301
    https://t.co/FoK7PaTokJ Page URL
  2. http://bniharchenherbs.store/4arOJX204rETCf7jIuT0Fvw0Pboa0LxYk9 HTTP 302
    https://zonestc.com/fff372b572fea09000 Page URL
  3. https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&a... Page URL

Page Statistics

5
Requests

80 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

16 kB
Transfer

36 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.co/FoK7PaTokJ HTTP 301
    https://t.co/FoK7PaTokJ Page URL
  2. http://bniharchenherbs.store/4arOJX204rETCf7jIuT0Fvw0Pboa0LxYk9 HTTP 302
    https://zonestc.com/fff372b572fea09000 Page URL
  3. https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff_sub4= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.co/FoK7PaTokJ HTTP 301
  • https://t.co/FoK7PaTokJ
Request Chain 1
  • http://bniharchenherbs.store/4arOJX204rETCf7jIuT0Fvw0Pboa0LxYk9 HTTP 302
  • https://zonestc.com/fff372b572fea09000
Request Chain 3
  • https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff_sub4=&view=e20514d8945697be13e97c5a7c4d5a0d_0 HTTP 302
  • http://127.0.0.1/

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
FoK7PaTokJ
t.co/
Redirect Chain
  • http://t.co/FoK7PaTokJ
  • https://t.co/FoK7PaTokJ
383 B
659 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/FoK7PaTokJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
234
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 21 Apr 2023 14:05:32 GMT
expires
Fri, 21 Apr 2023 14:10:32 GMT
perf
7626143928
referrer-policy
unsafe-url
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
ed823a75ab22b56dfbf873bab04a74817317091e0c6d62d1dca54201196de16f
x-response-time
126
x-transaction-id
437b3bba99d81f55
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store, max-age=0
content-length
0
date
Fri, 21 Apr 2023 14:05:32 GMT
location
https://t.co/FoK7PaTokJ
perf
7626143928
server
tsa_o
x-connection-hash
5afd4655049aa60b6c8a70cb31723f3add323a6c7ff7f501455bda9dceeafc26
x-response-time
99
x-transaction-id
4a848760651c0998
fff372b572fea09000
zonestc.com/
Redirect Chain
  • http://bniharchenherbs.store/4arOJX204rETCf7jIuT0Fvw0Pboa0LxYk9
  • https://zonestc.com/fff372b572fea09000
186 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://zonestc.com/fff372b572fea09000
Requested by
Host: t.co
URL: https://t.co/FoK7PaTokJ
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
67.217.62.41 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://t.co/FoK7PaTokJ#hidfsfncige792576969Gfdhkfsg6984250346jndfhuow69ewt087ffs979fhdfh435fdg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
186
content-type
text/html; charset=UTF-8
date
Fri, 21 Apr 2023 14:05:33 GMT
server
Apache

Redirect headers

Content-Length
61
Content-Type
text/html; charset=utf-8
Date
Fri, 21 Apr 2023 14:05:33 GMT
Location
https://zonestc.com/fff372b572fea09000
X-Address
gin_throttle_mw_360000000000_185.213.155.174
X-Ratelimit-Limit
10
X-Ratelimit-Remaining
9
X-Ratelimit-Reset
1682089533
Primary Request aff_c
t4.uyijr.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff_sub4=
Requested by
Host: zonestc.com
URL: https://zonestc.com/fff372b572fea09000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cf05d546e6604dd5cd5d5d5684fe14f6f9af9f1c56235eddd223941b168f0f

Request headers

Referer
https://zonestc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bb62ebd9e925b86-FRA
content-encoding
br
content-type
text/html
date
Fri, 21 Apr 2023 14:05:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaSiKlCRg73w7WA%2FhTmrUHlbNmZS2sm0ESmT0Zyjh8YiJUzhSi1tPpKTtFyi16dEEBanHF%2FiGUMpBYv7T1rzAGwu8xve6YixM8VqdCIRIEtB%2F8kFwPbA6VN%2FtsozoKpDW7M2F3UxdP39yvs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
ads.js
t4.uyijr.com/js/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t4.uyijr.com/js/ads.js
Requested by
Host: t4.uyijr.com
URL: https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff_sub4=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88c72596233ee490491b90016b2949657136d29762153ea2284ac1926adf3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff_sub4=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 21 Apr 2023 14:05:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 May 2022 12:29:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3240
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcB9Vi4jmlHtVK3p0XCro19tJawqfJSXkxoNU1bP4rai1pozrXSmPu7oeTVTyVVEUTb%2Fg1QmLnyNPgILVcsojifKH4Zab7dnnvqwKdotGmCs57kOFGK25f4rY6vA6FF1Lp%2FBjX37jHk%2Bhy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7bb62ebf68465b86-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
127.0.0.1/
Redirect Chain
  • https://t4.uyijr.com/aff_c?offer_id=437&aff_id=1506&source=nd&aff_sub=fedex&aff_sub2=1360741341&aff_sub3=77472146&aff_sub4=&view=e20514d8945697be13e97c5a7c4d5a0d_0
  • http://127.0.0.1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
127.0.0.1
URL
http://127.0.0.1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: dd94d0ed-3045-423f-8c1b-a132fee99cf6
zonestc.com/ Name: uid20218
Value: 1360741341-20230421090533-ce3c80b61d6a63e2820381a2b786db12-
t4.uyijr.com/ Name: C
Value: 58f95baadb660a88e6231f24c1cc4446
t4.uyijr.com/ Name: fe9ecf68-6582-48ba-8fd6-8415647123fe-v4
Value: XTSyNj4W0NiFOPNk-Ik5Pnt0wk6odyisQPSsiezDtFg
t4.uyijr.com/ Name: cc-v4
Value: AqlbYIsYC5%2FbyNkDslQGsqfGtrFRbya2Z6hkeynPZf43k9ZYLkbRbH3FyWVS5lcSC3B1J%2BGkUuLhQAPZ%2BEKVGO0g0KIfFpDfH1iSpaRJcuLXEXJdFkTO0U6pzxY7oir1CgZU3CrRQHfD5b3zAeHBzg%3D%3D

1 Console Messages

Source Level URL
Text
security error URL: https://t.co/FoK7PaTokJ#hidfsfncige792576969Gfdhkfsg6984250346jndfhuow69ewt087ffs979fhdfh435fdg
Message:
Unrecognized Content-Security-Policy directive 'referrer'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
bniharchenherbs.store
t.co
t4.uyijr.com
zonestc.com
127.0.0.1
104.244.42.133
104.244.42.197
163.172.116.154
2a06:98c1:3121::3
67.217.62.41
86cf05d546e6604dd5cd5d5d5684fe14f6f9af9f1c56235eddd223941b168f0f
d88c72596233ee490491b90016b2949657136d29762153ea2284ac1926adf3a5