affiliates.rositausa.com
Open in
urlscan Pro
34.237.252.143
Public Scan
Submission Tags: @phishunt_io
Submission: On September 01 via api from ES
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 1st 2020. Valid for: 3 months.
This is the only time affiliates.rositausa.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 34.237.252.143 34.237.252.143 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a00:1450:400... 2a00:1450:4001:821::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 209.197.3.24 209.197.3.24 | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 52.216.238.219 52.216.238.219 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 2a00:1450:400... 2a00:1450:4001:81e::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::2004 | 15169 (GOOGLE) (GOOGLE) | |
14 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-252-143.compute-1.amazonaws.com
affiliates.rositausa.com |
ASN20446 (HIGHWINDS3, US)
PTR: vip0x018.map2.ssl.hwcdn.net
code.jquery.com |
ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
leaddyno-client-images.s3.amazonaws.com |
ASN15169 (GOOGLE, US)
www.recaptcha.net | |
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
174 KB |
4 |
rositausa.com
affiliates.rositausa.com |
151 KB |
2 |
google.com
www.google.com |
|
1 |
recaptcha.net
www.recaptcha.net |
923 B |
1 |
amazonaws.com
leaddyno-client-images.s3.amazonaws.com |
89 KB |
1 |
jquery.com
code.jquery.com |
33 KB |
1 |
googleapis.com
fonts.googleapis.com |
620 B |
14 | 7 |
Domain | Requested by | |
---|---|---|
4 | affiliates.rositausa.com |
affiliates.rositausa.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.google.com |
www.gstatic.com
|
1 | www.gstatic.com |
www.recaptcha.net
|
1 | www.recaptcha.net |
affiliates.rositausa.com
|
1 | leaddyno-client-images.s3.amazonaws.com |
affiliates.rositausa.com
|
1 | code.jquery.com |
affiliates.rositausa.com
|
1 | fonts.googleapis.com |
affiliates.rositausa.com
|
14 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
rositausa.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
affiliatessl-5.leaddyno.com Let's Encrypt Authority X3 |
2020-09-01 - 2020-11-30 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2019-11-09 - 2021-03-12 |
a year | crt.sh |
misc.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2020-08-11 - 2020-11-03 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://affiliates.rositausa.com/
Frame ID: 1B82B6BC0BF4FE40E79541C4A0548BD9
Requests: 12 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcGRdMUAAAAAJgkjEu2SLfvQdrkXeUgraQOeM9L&co=aHR0cHM6Ly9hZmZpbGlhdGVzLnJvc2l0YXVzYS5jb206NDQz&hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&size=normal&cb=ib2jluos29bz
Frame ID: 9D2483EA08996250EDD8F5E174AE6D5A
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjbyeWjjFy97MXGZ40KrXu3v&k=6LcGRdMUAAAAAJgkjEu2SLfvQdrkXeUgraQOeM9L&cb=mdgezyfl588s
Frame ID: CC4FDDED67C295AA48934BDDC9358C6E
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Ruby (Programming Languages) ExpandDetected patterns
- meta csrf-param /^authenticity_token$/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Ruby on Rails (Web Frameworks) Expand
Detected patterns
- meta csrf-param /^authenticity_token$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
reCAPTCHA (Captchas) Expand
Detected patterns
- script /\/recaptcha\/api\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
affiliates.rositausa.com/ |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
affiliate_v2-547825c24bc2c8b99a172c9426399ace8732b44a462a950fea015e5ee8afe104.css
affiliates.rositausa.com/assets/ |
35 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 620 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.4.min.js
code.jquery.com/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intercooler-70ff7b8fa9d17a0d92c430b2cbeacf227776c30088726452e0a591fdca105ce3.js
affiliates.rositausa.com/assets/ |
65 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dd9e17cead58f0f33a225eb83dca1d982ade4b44_Rosita_logo%20vert%20full_white.png
leaddyno-client-images.s3.amazonaws.com/2dcae20b80f3c30d89e03d3f68ca9873a2581521/ |
89 KB 89 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.recaptcha.net/recaptcha/ |
736 B 923 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-gradient-0ca992036940f52fc7f6c53b164fadae9de231c714fb43f26bf3f29abfd28d8b.png
affiliates.rositausa.com/assets/ |
120 KB 120 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6u9w4BMUTPHh7USSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/NjbyeWjjFy97MXGZ40KrXu3v/ |
336 KB 132 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anchor
www.google.com/recaptcha/api2/ Frame 9D24 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
bframe
www.google.com/recaptcha/api2/ Frame CC4F |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery object| Intercooler function| intercoolerHasLoaded object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_785131 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
affiliates.rositausa.com/ | Name: _leaddyno_session Value: bVRTdTBHNHhYTUx4czdHSlp2V292T2UvMCtRa2tJeGFIMUhRUHF0c1dBT2VjbGpPRHlPbHdUVTVoeXJ0dUp6SDVGellYZzBVcC9HbnlWbDZETDJBMXhxKzFyUFNVaG41L2VIeEtYZldUTXd1NlJtSE9lWTB0Q2pwdlRTdDBMLzNHZ21NL3RGMnNndHFZRmZtVUU0aVFRPT0tLVNwb2JZaldFWFlreFp3VG11cHN4cnc9PQ%3D%3D--c3814ed0362358d62308588762fd0941e99e2bea |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | ALLOWALL |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
affiliates.rositausa.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
leaddyno-client-images.s3.amazonaws.com
www.google.com
www.gstatic.com
www.recaptcha.net
209.197.3.24
2a00:1450:4001:80b::2004
2a00:1450:4001:81b::2003
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
34.237.252.143
52.216.238.219
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
07cd17bd08eb1f77933d58bcd51707afcca87e48260dcd5711085d8780b8ef88
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
706494a230ae9c22ebbda2b9fce9af786bac0ea5f315c80e3fbe9f44e7883c38
8cdcad26664c4fdeb0f3dba919ee93d3bd9419df475d9e608c3e00a60c8c7740
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
bc6b96a7245cd2f73ac09a4290d0a3ea04a4ae60496ec51cacbd4bc9dc2d6f39
c5ea58080fb9d36afe80f4d8a296283f94511b2bddef6b031407ac5cab2de50c
c615c91b0d6824a5f2c6af2a126cf524655c6d2f8e7489371e9b468ba5dde41b
d20d04cc178d5e7046916300c0461675a4c6edf637326ee16c5622691e1fa0a9
ef482caa0c0feb8d91d71a83215376ff210146bb795a32c580799078e5a144c2
fa997076dd98d8f85b5e141731fdc884857964f56264087e3c9d83744934d00b