erfefgr.potentialcard.com Open in urlscan Pro
89.223.93.84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/GSFsgsPnmH#.6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1H...
Effective URL:
http://erfefgr.potentialcard.com/unsubscribe.php
Submission: On July 15 via api (July 15th 2021, 11:35:51 am UTC) from BE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 89.223.93.84, located in Russian Federation and belongs to PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU. The main domain is erfefgr.potentialcard.com.

This is the only time erfefgr.potentialcard.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1 8	89.223.93.84 89.223.93.84	56534 (PIRIX-INE...) (PIRIX-INET-AS PIRIX)
8	2

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.223.93.84 (Russian Federation) 1 redirects

ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU)
PTR: 263513.simplecloud.ru

erfefgr.potentialcard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	potentialcard.com 1 redirects erfefgr.potentialcard.com	217 KB
1	t.co t.co	612 B
8	2

	Domain	Requested by
8	erfefgr.potentialcard.com	1 redirects t.co erfefgr.potentialcard.com
1	t.co
8	2

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://erfefgr.potentialcard.com/unsubscribe.php
Frame ID: 7ECD9EA634C787E5A757EB77E255A155
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/GSFsgsPnmH Page URL
http://erfefgr.potentialcard.com/gfhghbhj?cbbbbcfcvWYpcwLb6cdcRvctczVxGckzFcbbbbc HTTP 302
http://erfefgr.potentialcard.com/unsubscribe.php Page URL

Page Statistics

8
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

218 kB
Transfer

216 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/GSFsgsPnmH Page URL
http://erfefgr.potentialcard.com/gfhghbhj?cbbbbcfcvWYpcwLb6cdcRvctczVxGckzFcbbbbc HTTP 302
http://erfefgr.potentialcard.com/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 GSFsgsPnmH Show response
t.co/ 437 B
612 B 195ms
142ms Document
text/html 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/GSFsgsPnmH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

8dbcac71b62fe962ea78d1005335776649d38c9955304521ecfdf7df7c55eb67

Security Headers

Name	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /GSFsgsPnmH
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 11:35:32 GMT
vary: Origin
server: tsa_o
expires: Thu, 15 Jul 2021 11:40:33 GMT
set-cookie: muc=241ce0a5-57ea-4347-a3ef-705fad258390; Max-Age=63072000; Expires=Sat, 15 Jul 2023 11:35:33 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 243
referrer-policy: unsafe-url
content-encoding: gzip
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-connection-hash: 80cd211bf06bde2632070378960e2c2224ee6d306d3db6223b2005e7b6ba8dd6

GET
H/1.1

200
OK

Primary Request unsubscribe.php Show response
erfefgr.potentialcard.com/
Redirect Chain

http://erfefgr.potentialcard.com/gfhghbhj?cbbbbcfcvWYpcwLb6cdcRvctczVxGckzFcbbbbc
http://erfefgr.potentialcard.com/unsubscribe.php

3 KB
3 KB

144ms
127ms

Document
text/html

89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to

Full URL: http://erfefgr.potentialcard.com/unsubscribe.php
Requested by: Host: t.co
URL: https://t.co/GSFsgsPnmH
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: 6d87771022c7cabe48a970e26151db96b12915d3e9f9af23d9258ebd02d97260

Request headers

Host: erfefgr.potentialcard.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: https://t.co/GSFsgsPnmH
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://t.co/GSFsgsPnmH#.6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A6V2M5CO1HXL680A

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Server: Apache
Content-Length: 3236
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Thu, 15 Jul 2021 11:35:33 GMT
Server: Apache
Location: ./unsubscribe.php
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
erfefgr.potentialcard.com/css/ 47 KB
47 KB 133ms
117ms Stylesheet
text/css 89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to

Full URL: http://erfefgr.potentialcard.com/css/style.css
Requested by: Host: erfefgr.potentialcard.com
URL: http://erfefgr.potentialcard.com/unsubscribe.php
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: 80d98f6b180daaa03c16a65af1e46ffa5372bfe12a47f70495f68c2bea807fc7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: erfefgr.potentialcard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://erfefgr.potentialcard.com/unsubscribe.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://erfefgr.potentialcard.com/unsubscribe.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Last-Modified: Thu, 17 Jun 2021 11:23:04 GMT
Server: Apache
ETag: "bbd4-5c4f46e4939ac"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 48084

GET
H/1.1 200
OK style.responsive.css
erfefgr.potentialcard.com/css/ 8 KB
8 KB 123ms
107ms Stylesheet
text/css 89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to

Full URL: http://erfefgr.potentialcard.com/css/style.responsive.css
Requested by: Host: erfefgr.potentialcard.com
URL: http://erfefgr.potentialcard.com/unsubscribe.php
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: 128bce82432b12f2c9c263b7dae1d1dd44b61104d5d5fd9d25110849e41265da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: erfefgr.potentialcard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://erfefgr.potentialcard.com/unsubscribe.php
Connection: keep-alive
Cache-Control: no-cache
Referer: http://erfefgr.potentialcard.com/unsubscribe.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Last-Modified: Thu, 17 Jun 2021 11:23:05 GMT
Server: Apache
ETag: "208e-5c4f46e4b0e6b"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 8334

GET
H/1.1 200
OK page.jpeg
erfefgr.potentialcard.com/images/ 563 B
796 B 138ms
122ms Image
image/jpeg 89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://erfefgr.potentialcard.com/images/page.jpeg
Requested by: Host: erfefgr.potentialcard.com
URL: http://erfefgr.potentialcard.com/css/style.css
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: 3d43bf7a477176b4bb3bbd51107bdf547a0681cbaa8b6bc1957f4bcd8676c2f8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: erfefgr.potentialcard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://erfefgr.potentialcard.com/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://erfefgr.potentialcard.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Last-Modified: Thu, 17 Jun 2021 11:23:08 GMT
Server: Apache
ETag: "233-5c4f46e84cb72"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 563

GET
H/1.1 200
OK header.jpg
erfefgr.potentialcard.com/images/ 82 KB
82 KB 137ms
122ms Image
image/jpeg 89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://erfefgr.potentialcard.com/images/header.jpg
Requested by: Host: erfefgr.potentialcard.com
URL: http://erfefgr.potentialcard.com/css/style.css
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: 186b88c3a2d75e153b23584057ced318fa68c0d78e16244a02fe35684d2b90d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: erfefgr.potentialcard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://erfefgr.potentialcard.com/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://erfefgr.potentialcard.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Last-Modified: Thu, 17 Jun 2021 11:23:08 GMT
Server: Apache
ETag: "14624-5c4f46e82f2cc"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 83492

GET
H/1.1 200
OK object0.png
erfefgr.potentialcard.com/images/ 74 KB
74 KB 130ms
115ms Image
image/png 89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://erfefgr.potentialcard.com/images/object0.png
Requested by: Host: erfefgr.potentialcard.com
URL: http://erfefgr.potentialcard.com/css/style.css
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: 8d3499c3f6d827c7e64b00b5e380168e95c68966f16154e16564227d9b4b0369

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: erfefgr.potentialcard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://erfefgr.potentialcard.com/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://erfefgr.potentialcard.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Last-Modified: Thu, 17 Jun 2021 11:23:08 GMT
Server: Apache
ETag: "1274b-5c4f46e83eccb"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 75595

GET
H/1.1 200
OK postheadericon.png
erfefgr.potentialcard.com/images/ 2 KB
2 KB 201ms
186ms Image
image/png 89.223.93.84
PIRIX-INET-AS PIRIX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://erfefgr.potentialcard.com/images/postheadericon.png
Requested by: Host: erfefgr.potentialcard.com
URL: http://erfefgr.potentialcard.com/css/style.css
Protocol: HTTP/1.1
Server: 89.223.93.84 , Russian Federation, ASN56534 (PIRIX-INET-AS PIRIX, St.Petersburg, Russia, RU),
Reverse DNS: 263513.simplecloud.ru
Software: Apache /
Resource Hash: cdfe4ad7a5a4ed9c68332d734a4ecf9e484392f3f804ef63c27862c52a39eda9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: erfefgr.potentialcard.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://erfefgr.potentialcard.com/css/style.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://erfefgr.potentialcard.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Jul 2021 11:35:34 GMT
Last-Modified: Thu, 17 Jun 2021 11:23:08 GMT
Server: Apache
ETag: "686-5c4f46e858ada"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 1670

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	referrer always;
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

erfefgr.potentialcard.com
t.co
104.244.42.197
89.223.93.84
128bce82432b12f2c9c263b7dae1d1dd44b61104d5d5fd9d25110849e41265da
186b88c3a2d75e153b23584057ced318fa68c0d78e16244a02fe35684d2b90d3
3d43bf7a477176b4bb3bbd51107bdf547a0681cbaa8b6bc1957f4bcd8676c2f8
6d87771022c7cabe48a970e26151db96b12915d3e9f9af23d9258ebd02d97260
80d98f6b180daaa03c16a65af1e46ffa5372bfe12a47f70495f68c2bea807fc7
8d3499c3f6d827c7e64b00b5e380168e95c68966f16154e16564227d9b4b0369
8dbcac71b62fe962ea78d1005335776649d38c9955304521ecfdf7df7c55eb67
cdfe4ad7a5a4ed9c68332d734a4ecf9e484392f3f804ef63c27862c52a39eda9

erfefgr.potentialcard.com Open in urlscan Pro 89.223.93.84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

13 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

218 kBTransfer

216 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

erfefgr.potentialcard.com Open in urlscan Pro
89.223.93.84 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

13 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

218 kB
Transfer

216 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions