urlscan.io logo urlscan.io
SecurityTrails logo

t.yesware.com Open in urlscan Pro
107.22.168.197  Public Scan

Go To Rescan Add Verdict Report
URL: https://t.yesware.com/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a8...
Submission: On September 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 4 HTTP transactions. The main IP is 107.22.168.197, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is t.yesware.com.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.
This is the only time t.yesware.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf 2 MB
Size: 2 MB (2338851 bytes, 0% done)
Downloaded from: https://ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf

Domain & IP information

IP Address AS Autonomous System
1 107.22.168.197 14618 (AMAZON-AES)
1 151.101.194.137 ()
1 34.102.176.152 ()
4 4
Domain Requested by
1 ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com t.yesware.com
1 js-agent.newrelic.com t.yesware.com
1 t.yesware.com
0 bam-cell.nr-data.net Failed js-agent.newrelic.com
4 4

This site contains no links.

Subject Issuer Validity Valid
*.yesware.com
Amazon		 2020-12-23 -
2022-01-21		 a year crt.sh
*.newrelic.com
R3		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.filesusr.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-11 -
2022-01-07		 6 months crt.sh

This page contains 1 frames:

Frame: https://ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
Frame ID: 538B5E14A7B016CB714452ED7A7A63E7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

4
Requests

75 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

37 kB
Transfer

55 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
t.yesware.com/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a80e843d66898d0/ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/ 		25 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.yesware.com/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a80e843d66898d0/ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.22.168.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-22-168-197.compute-1.amazonaws.com
Software
/
Resource Hash
95c4cc2d1fc606e91fc7f3e5eb51872db2d295b0e7dd27de80eb5ef0c298f6d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
t.yesware.com
:scheme
https
:path
/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a80e843d66898d0/ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 14 Sep 2021 22:28:26 GMT
content-type
text/html; charset=utf-8
content-length
25275
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
x-robots-tag
noindex
set-cookie
t=yxiOP80spMI4YXLoju6LGw; domain=.yesware.com; path=/; expires=Sun, 14 Sep 2031 22:28:26 GMT; secure; HttpOnly
x-request-id
baf7028d-6593-437c-b56d-e52cd4daa489
x-runtime
0.005041
strict-transport-security
max-age=31536000; includeSubDomains
nr-1210.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1210.min.js
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a80e843d66898d0/ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t.yesware.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding
gzip
etag
"67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id
BH2AP9PWXNTFG795
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
11781
x-amz-id-2
XjDhp09D6EYaheZaXJDhNLF1vtLJWfoOkX/7mjcz5KUCMguYKh6msxCRXvd1cshMBSfiJJt9EJ4=
x-served-by
cache-cdg20735-CDG
last-modified
Tue, 22 Jun 2021 22:47:07 GMT
server
AmazonS3
x-timer
S1631658512.872149,VS0,VE0
date
Tue, 14 Sep 2021 22:28:31 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
717
c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
Requested by
Host: t.yesware.com
URL: https://t.yesware.com/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a80e843d66898d0/ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 -, , ASN (),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash

Request headers

:method
GET
:authority
ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com
:scheme
https
:path
/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.yesware.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.yesware.com/

Response headers

server
openresty/1.19.9.1
date
Tue, 14 Sep 2021 22:28:31 GMT
content-type
application/pdf
content-length
2338851
x-guploader-uploadid
ADPycdvhKBtzsCtgAmT6DO2LQ0ObkzMECJFjehlidgebrnrQWmc46c0W3lojeHB29yo7MqIsjQE-Quw5HoVGV1hQTFo
expires
Tue, 14 Sep 2021 22:36:55 GMT
last-modified
Mon, 03 May 2021 22:59:17 GMT
etag
"020cf87ea9d35874bdfaac84a69a9582"
x-goog-generation
1620082757327194
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2338851
x-goog-hash
crc32c=R53F1g== md5=Agz4fqnTWHS9+qyEppqVgg==
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=15552000, immutable
age
3096
timing-allow-origin
*
x-seen-by
gcp.us-central-1.media-router-6c7795d8f6-s9m52
x-robots-tag
noindex, nofollow
via
1.1 google
alt-svc
clear
1a5da492d2
bam-cell.nr-data.net/1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam-cell.nr-data.net
URL
https://bam-cell.nr-data.net/1/1a5da492d2?a=2164051&v=1210.e2a3f80&to=Il9eRkQKCVtSERkICA9bH1FaDAZc&rst=10574&ck=1&ref=https://t.yesware.com/tt/0ee181fec9eddbe31acf37546725b73492991cb4/65b624e93d90d34fb7c9081b83a36ba6/3f5802c1e5c405fa0a80e843d66898d0/ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com/ugd/c3633b_c5fe56c8debe434dbe471dd41c0731cd.pdf&ap=5&be=5485&fe=5490&dc=5490&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1631658501315,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:5052,%22c%22:5052,%22s%22:5058,%22ce%22:5263,%22rq%22:5263,%22rp%22:5465,%22rpe%22:5473,%22dl%22:5468,%22di%22:5489,%22ds%22:5489,%22de%22:5489,%22dc%22:5489,%22l%22:5489,%22le%22:5490%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| NREUM object| newrelic function| __nr_require

1 Cookies

Domain/Path Name / Value
.yesware.com/ Name: t
Value: yxiOP80spMI4YXLoju6LGw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam-cell.nr-data.net
ee82b3a4-a760-4f0e-9170-6069958967bd.filesusr.com
js-agent.newrelic.com
t.yesware.com
bam-cell.nr-data.net
107.22.168.197
151.101.194.137
34.102.176.152
95c4cc2d1fc606e91fc7f3e5eb51872db2d295b0e7dd27de80eb5ef0c298f6d1