urlscan.io logo urlscan.io
SecurityTrails logo

tw-chat.com Open in urlscan Pro
150.95.56.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/EhBHa3c47C
Effective URL: https://tw-chat.com/CqiFc
Submission: On February 12 via manual from SV — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 7 domains to perform 4 HTTP transactions. The main IP is 150.95.56.4, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is tw-chat.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 24th 2022. Valid for: 3 months.
This is the only time tw-chat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
1 1 67.199.248.11 396982 (GOOGLE-PR...)
2 150.95.56.4 7506 (INTERQ GM...)
2 2 210.129.10.144 4694 (IDCF IDC ...)
2 2 54.199.164.164 ()
1 52.222.214.33 ()
4 3
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
2    150.95.56.4 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: jp71.mixhost.jp
tw-livechat.site
tw-chat.com
2    210.129.10.144 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-129-10-144.farad.jp-east-2.compute.idcfcloud.net
8-stars.net
2    54.199.164.164 (None, )

ASN- ()
rcv.insight.a-i-ad.com
1    52.222.214.33 (None, )

ASN- ()
yarisoku.yarimoku-sokuhou.net
Apex Domain
Subdomains		 Transfer
2 a-i-ad.com
rcv.insight.a-i-ad.com
1 KB
2 8-stars.net
8-stars.net
1 KB
1 yarimoku-sokuhou.net
yarisoku.yarimoku-sokuhou.net
1 tw-chat.com
tw-chat.com
595 B
1 tw-livechat.site
tw-livechat.site
750 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 4034
284 B
1 t.co
t.co — Cisco Umbrella Rank: 456
507 B
4 7
Domain Requested by
2 rcv.insight.a-i-ad.com 2 redirects
2 8-stars.net 2 redirects
1 yarisoku.yarimoku-sokuhou.net
1 tw-chat.com
1 tw-livechat.site t.co
1 bit.ly 1 redirects
1 t.co
4 7

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-06 -
2023-01-05		 a year crt.sh
tw-chat.com
cPanel, Inc. Certification Authority		 2022-01-24 -
2022-04-24		 3 months crt.sh
*.yarimoku-sokuhou.net
Amazon		 2021-05-15 -
2022-06-13		 a year crt.sh

This page contains 1 frames:

Frame: https://yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/lp.p.html?click_url=https%3A%2F%2Frcv.a-i-ad.com%2Fapi%2Fsurl%3Furid%3DdKizF8RC%26clid%3DfOKCTyxq6in8nFC4bqNUKXq1vFUZe1QDohBfWYt0ociy8rzEvzFcoHIwoeM8NyMG%26urid%3DIptsdpbc%26cid%3DAD000718%26stars_ses_id%3DrNxO2l4f44680400
Frame ID: B05BBC9F43750752A7F40D72530E3BBD
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/EhBHa3c47C Page URL
  2. https://bit.ly/3sph8lW HTTP 301
    http://tw-livechat.site/dqlog Page URL
  3. https://tw-chat.com/CqiFc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

2 kB
Transfer

1 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/EhBHa3c47C Page URL
  2. https://bit.ly/3sph8lW HTTP 301
    http://tw-livechat.site/dqlog Page URL
  3. https://tw-chat.com/CqiFc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://bit.ly/3sph8lW HTTP 301
  • http://tw-livechat.site/dqlog
Request Chain 2
  • https://8-stars.net/cpm/792gFf/ HTTP 302
  • https://8-stars.net/cl/DGJUQW/u6/ HTTP 302
  • https://rcv.insight.a-i-ad.com/api/surl?urid=Iptsdpbc&cid=AD000718&stars_ses_id=rNxO2l4f44680400&stars_ses_id=rNxO2l4f44680400 HTTP 303
  • https://rcv.insight.a-i-ad.com/api/asp/inclick?atid=5433&auid=49632&urid=Iptsdpbc&cid=AD000718&stars_ses_id=rNxO2l4f44680400 HTTP 303
  • https://yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/lp.p.html?click_url=https%3A%2F%2Frcv.a-i-ad.com%2Fapi%2Fsurl%3Furid%3DdKizF8RC%26clid%3DfOKCTyxq6in8nFC4bqNUKXq1vFUZe1QDohBfWYt0ociy8rzEvzFcoHIwoeM8NyMG%26urid%3DIptsdpbc%26cid%3DAD000718%26stars_ses_id%3DrNxO2l4f44680400

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
EhBHa3c47C
t.co/ 		221 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/EhBHa3c47C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
3695215f247ea943e2ec85300ae12c16dca1d2d620e0cf2be9c61aadfd5874b5
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 12 Feb 2022 15:39:53 GMT
vary
Origin
server
tsa_o
expires
Sat, 12 Feb 2022 15:44:54 GMT
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
174
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-response-time
120
x-connection-hash
df63c5c33f4072a1946d65cbb4c4409ce679012b6969a6980f420ae33a1f64cd
dqlog
tw-livechat.site/
Redirect Chain
  • https://bit.ly/3sph8lW
  • http://tw-livechat.site/dqlog
158 B
750 B 		Document
General
Check archive.org
Download Go to
Full URL
http://tw-livechat.site/dqlog
Requested by
Host: t.co
URL: https://t.co/EhBHa3c47C
Protocol
HTTP/1.1
Server
150.95.56.4 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
jp71.mixhost.jp
Software
LiteSpeed /
Resource Hash
056dd93ab69fa3645240e29ed520e27e6f5483fe1687ac94d55eaf2d1f7ea1ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/EhBHa3c47C

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
141
content-encoding
gzip
vary
Accept-Encoding
date
Sat, 12 Feb 2022 15:39:56 GMT
server
LiteSpeed

Redirect headers

server
nginx
date
Sat, 12 Feb 2022 15:39:54 GMT
content-type
text/html; charset=utf-8
content-length
116
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://tw-livechat.site/dqlog
referrer-policy
unsafe-url
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Primary Request CqiFc
tw-chat.com/ 		164 B
595 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tw-chat.com/CqiFc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
150.95.56.4 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS
jp71.mixhost.jp
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://tw-livechat.site/

Response headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-length
103
content-encoding
br
vary
Accept-Encoding
date
Sat, 12 Feb 2022 15:39:57 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
lp.p.html
yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/
Redirect Chain
  • https://8-stars.net/cpm/792gFf/
  • https://8-stars.net/cl/DGJUQW/u6/
  • https://rcv.insight.a-i-ad.com/api/surl?urid=Iptsdpbc&cid=AD000718&stars_ses_id=rNxO2l4f44680400&stars_ses_id=rNxO2l4f44680400
  • https://rcv.insight.a-i-ad.com/api/asp/inclick?atid=5433&auid=49632&urid=Iptsdpbc&cid=AD000718&stars_ses_id=rNxO2l4f44680400
  • https://yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/lp.p.html?click_url=https%3A%2F%2Frcv.a-i-ad.com%2Fapi%2Fsurl%3Furid%3DdKizF8RC%26clid%3DfOKCTyxq6in8nFC4bqNUKXq1vFUZe1QDohBfWYt0ociy8rzEvzFcoHIwoeM8...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/lp.p.html?click_url=https%3A%2F%2Frcv.a-i-ad.com%2Fapi%2Fsurl%3Furid%3DdKizF8RC%26clid%3DfOKCTyxq6in8nFC4bqNUKXq1vFUZe1QDohBfWYt0ociy8rzEvzFcoHIwoeM8NyMG%26urid%3DIptsdpbc%26cid%3DAD000718%26stars_ses_id%3DrNxO2l4f44680400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.33 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tw-chat.com/CqiFc

Response headers

content-type
text/html
last-modified
Tue, 08 Feb 2022 06:45:10 GMT
server
AmazonS3
content-encoding
gzip
date
Sat, 12 Feb 2022 15:40:03 GMT
etag
W/"8219727bf4f381e03691af20868ed38e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
n1ruBGXGtjHVWprtmNy519pon0l5hCvd8E0Gglzx-fy90Cvmn500mA==

Redirect headers

date
Sat, 12 Feb 2022 15:40:01 GMT
location
https://yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/lp.p.html?click_url=https%3A%2F%2Frcv.a-i-ad.com%2Fapi%2Fsurl%3Furid%3DdKizF8RC%26clid%3DfOKCTyxq6in8nFC4bqNUKXq1vFUZe1QDohBfWYt0ociy8rzEvzFcoHIwoeM8NyMG%26urid%3DIptsdpbc%26cid%3DAD000718%26stars_ses_id%3DrNxO2l4f44680400
server
nginx
cache-control
private, no-store, no-cache, must-revalidate
access-control-allow-credentials
true

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone

7 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 880c5c69-74c2-4041-a624-69bb3d68bfa3
.bit.ly/ Name: _bit
Value: m1cfDS-98257126bb5be91dba-00Q
tw-livechat.site/ Name: csrf_cookie_name
Value: 440cc9d7212753b659215994e4fe929d
tw-livechat.site/ Name: ci_session
Value: 1c0ed8c25bf60fd7ac3038aead69ab1eea459c82
tw-chat.com/ Name: csrf_cookie_name
Value: c0c689a7b6c0a69aedddd5e6cf2cebfb
tw-chat.com/ Name: ci_session
Value: 1e493b9a540cc35e65f032ae34bc282e42d529ea
8-stars.net/ Name: PHPSESSID
Value: dgjdh0bmf86cr8vth44ph6f1c3

1 Console Messages

Source Level URL
Text
rendering warning URL: https://yarisoku.yarimoku-sokuhou.net/6qmJY0NNM/lp.p.html?click_url=https%3A%2F%2Frcv.a-i-ad.com%2Fapi%2Fsurl%3Furid%3DdKizF8RC%26clid%3DfOKCTyxq6in8nFC4bqNUKXq1vFUZe1QDohBfWYt0ociy8rzEvzFcoHIwoeM8NyMG%26urid%3DIptsdpbc%26cid%3DAD000718%26stars_ses_id%3DrNxO2l4f44680400(Line 8)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0