oneretritement-lrs.com Open in urlscan Pro
20.3.132.61 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu8...
Effective URL:
https://oneretritement-lrs.com/home
Submission: On June 11 via manual (June 11th 2024, 3:47:41 pm UTC) from US — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 20 HTTP transactions. The main IP is 20.3.132.61, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is oneretritement-lrs.com.
TLS certificate: Issued by R3 on June 6th 2024. Valid for: 3 months.

This is the only time oneretritement-lrs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address	AS Autonomous System
2 2	2606:4700:10:... 2606:4700:10::6816:3a71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	205.251.153.85 205.251.153.85	11042 (NTHL) (NTHL)
1 20	20.3.132.61 20.3.132.61	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::5f	15169 (GOOGLE) (GOOGLE)
20	3

2 2606:4700:10::6816:3a71 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

url9871.tergar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.251.153.85 (Houston, United States) 1 redirects

ASN11042 (NTHL, US)
PTR: server.jnwebsolution.com

rxinfocard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 20.3.132.61 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

oneretritement-lrs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	oneretritement-lrs.com 1 redirects oneretritement-lrs.com	481 KB
2	tergar.org 2 redirects url9871.tergar.org	225 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 461	33 KB
1	rxinfocard.com 1 redirects rxinfocard.com	423 B
20	4

	Domain	Requested by
20	oneretritement-lrs.com	1 redirects oneretritement-lrs.com
2	url9871.tergar.org	2 redirects
1	ajax.googleapis.com	oneretritement-lrs.com
1	rxinfocard.com	1 redirects
20	4

This site contains no links.

Subject Issuer	Validity	Valid
oneretritement-lrs.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://oneretritement-lrs.com/home
Frame ID: 00C4BF8CA8024D09A1A0C74658F70925
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tax Return Form

Page URL History Show full URLs

http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5... HTTP 307
https://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5... HTTP 302
https://rxinfocard.com/configure/eJDXbyj HTTP 307
http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5... HTTP 307
https://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5... HTTP 302
https://rxinfocard.com/configure/eJDXbyj HTTP 302
https://oneretritement-lrs.com/?access HTTP 302
https://oneretritement-lrs.com/home Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

514 kB
Transfer

589 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC4nhBVzz7FsY-2FmwV-2FSR7rid1YcuQYpGDD-2Fqnw4VgO95-2F-2F10xpHFMDTgA654KyP3rT2rJyGAKAiWMXmwppkSRgZisM6C2NsJjxSezH80jYnQvtunEGnPz1gi828k4BuHV2eI39BS8sB6QjKijCZt02CVUFpEuap5Q5wTWQLtuSIXg-3D-3D HTTP 307
https://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC4nhBVzz7FsY-2FmwV-2FSR7rid1YcuQYpGDD-2Fqnw4VgO95-2F-2F10xpHFMDTgA654KyP3rT2rJyGAKAiWMXmwppkSRgZisM6C2NsJjxSezH80jYnQvtunEGnPz1gi828k4BuHV2eI39BS8sB6QjKijCZt02CVUFpEuap5Q5wTWQLtuSIXg-3D-3D HTTP 302
https://rxinfocard.com/configure/eJDXbyj HTTP 307
http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC4nhBVzz7FsY-2FmwV-2FSR7rid1YcuQYpGDD-2Fqnw4VgO95-2F-2F10xpHFMDTgA654KyP3rT2rJyGAKAiWMXmwppkSRgZisM6C2NsJjxSezH80jYnQvtunEGnPz1gi828k4BuHV2eI39BS8sB6QjKijCZt02CVUFpEuap5Q5wTWQLtuSIXg-3D-3D HTTP 307
https://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC4nhBVzz7FsY-2FmwV-2FSR7rid1YcuQYpGDD-2Fqnw4VgO95-2F-2F10xpHFMDTgA654KyP3rT2rJyGAKAiWMXmwppkSRgZisM6C2NsJjxSezH80jYnQvtunEGnPz1gi828k4BuHV2eI39BS8sB6QjKijCZt02CVUFpEuap5Q5wTWQLtuSIXg-3D-3D HTTP 302
https://rxinfocard.com/configure/eJDXbyj HTTP 302
https://oneretritement-lrs.com/?access HTTP 302
https://oneretritement-lrs.com/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request home Show response
oneretritement-lrs.com/
Redirect Chain

http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC4...
https://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC...
https://rxinfocard.com/configure/eJDXbyj
http://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC4...
https://url9871.tergar.org/ls/click?upn=u001.ifgLEbP3K7d1DGPOdA-2FXdumnn2ARNgTL3ePLOSGXmRRQFRqe2mDqSDZ5fIGMrB7-2BBCuL-2Fhu80yfPBa4-2FiuAMSQ-3D-3D9mdH_5B9vHIbYOZuIjrGvYv6nWV-2FsNShGNkJ-2FddzUnX1DOaC...
https://rxinfocard.com/configure/eJDXbyj
https://oneretritement-lrs.com/?access
https://oneretritement-lrs.com/home

11 KB
11 KB

114ms
113ms

Document
text/html

20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 5c363ea35cf569178e30e9d22c24706c25e5bd470c9634bc21505e867dba7b55

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
Date: Tue, 11 Jun 2024 15:47:36 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=99
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 11 Jun 2024 15:47:33 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Location: /home
Pragma: no-cache
Server: Apache

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 214ms
53ms Script
text/javascript 2607:f8b0:400d:c0e::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:00:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:00:15 GMT

GET
H/1.1 200
OK bootstrap.min.css
oneretritement-lrs.com/assets/code/ 152 KB
152 KB 105ms
100ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/bootstrap.min.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 27834e89ddfae0fb6633070e44c359de78becd9a1d24503da80e59d75493cb4e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Sun, 02 Jun 2024 11:20:14 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 155850

GET
H/1.1 200
OK bootstrap.bundle.min.js Show response
oneretritement-lrs.com/assets/code/ 77 KB
77 KB 487ms
93ms Script
text/javascript 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/bootstrap.bundle.min.js
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 2955219abcb2f853bcbbb5f6fd16fcc8b750b36dc962686279c9523f7a5e2f64

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Sun, 02 Jun 2024 11:20:36 GMT
Server: Apache
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 78749

GET
H/1.1 200
OK jquery-ui.min.css
oneretritement-lrs.com/assets/code/ 31 KB
32 KB 341ms
98ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/jquery-ui.min.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32082

GET
H/1.1 200
OK irs.css
oneretritement-lrs.com/assets/code/ 6 KB
6 KB 422ms
178ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/irs.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5806

GET
H/1.1 200
OK app.css
oneretritement-lrs.com/assets/code/ 34 KB
35 KB 484ms
240ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/app.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 22ccbc213fa9d3ddc90b7efe45d817d3d7d9c75a16db52576cd37758577308bd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Sat, 20 Apr 2024 12:59:28 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 35156

GET
H/1.1 200
OK app-error.css
oneretritement-lrs.com/assets/code/ 786 B
1 KB 390ms
144ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/app-error.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 786

GET
H/1.1 200
OK wmsp-shared-secrets.css
oneretritement-lrs.com/assets/code/ 3 KB
3 KB 345ms
98ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/wmsp-shared-secrets.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 170dedfadc7957f790c05ff1b614db47faa76534fd00df9d47121821e04082ff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Sat, 20 Apr 2024 12:35:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3171

GET
H/1.1 200
OK wmsp-results.css
oneretritement-lrs.com/assets/code/ 2 KB
2 KB 404ms
96ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/wmsp-results.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1651

GET
H/1.1 200
OK datepicker.css
oneretritement-lrs.com/assets/code/ 21 KB
21 KB 460ms
116ms Stylesheet
text/css 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/datepicker.css
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21244

GET
H/1.1 200
OK logo.png
oneretritement-lrs.com/assets/img/ 5 KB
5 KB 95ms
94ms Image
image/png 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneretritement-lrs.com/assets/img/logo.png
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4640

GET
H/1.1 200
OK irs_horiz_white.png
oneretritement-lrs.com/assets/img/ 1 KB
2 KB 97ms
97ms Image
image/png 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oneretritement-lrs.com/assets/img/irs_horiz_white.png
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Wed, 24 Mar 2021 22:36:20 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1498

GET
H/1.1 200
OK jquery.min.js Show response
oneretritement-lrs.com/assets/code/ 115 KB
116 KB 95ms
95ms Script
text/javascript 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/jquery.min.js
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 8a228232ab34899db68f550416beba8c5efbcc142e5554f41fb7793908c65243

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Sun, 18 Jun 2023 03:04:28 GMT
Server: Apache
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 118180

GET
H/1.1 200
OK mask.js Show response
oneretritement-lrs.com/assets/code/ 11 KB
11 KB 105ms
104ms Script
text/javascript 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/code/mask.js
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/home
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6660da4d617d8e30021ad064a97b5c24abaf761c5f60f08cec4be22f88580b86

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Last-Modified: Sun, 18 Jun 2023 03:02:22 GMT
Server: Apache
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 11465

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2a82173e0e65eefeb0ad04c62d3c8fe8d6d2ddd8cf7d40bb4fafeeaa6be7631

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK cda8ce29e0e4cd23f54267d0e946054e.woff2
oneretritement-lrs.com/assets/fonts/ 622 B
829 B 108ms
107ms Font
text/html 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/fonts/cda8ce29e0e4cd23f54267d0e946054e.woff2
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/assets/code/irs.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 42c987fbca7e64f4f30c4430914fd712c4a82f062159b7fa0ec42711fb25e54a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/assets/code/irs.css
Origin: https://oneretritement-lrs.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ac93c75f139d8d6cf03fd24ddcc996ce.woff2
oneretritement-lrs.com/assets/fonts/ 622 B
829 B 116ms
116ms Font
text/html 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/fonts/ac93c75f139d8d6cf03fd24ddcc996ce.woff2
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/assets/code/irs.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 42c987fbca7e64f4f30c4430914fd712c4a82f062159b7fa0ec42711fb25e54a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/assets/code/irs.css
Origin: https://oneretritement-lrs.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:36 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK eef7990b30b8ede9d6a47521702ea372.woff
oneretritement-lrs.com/assets/fonts/ 622 B
829 B 105ms
104ms Font
text/html 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/fonts/eef7990b30b8ede9d6a47521702ea372.woff
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/assets/code/irs.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 42c987fbca7e64f4f30c4430914fd712c4a82f062159b7fa0ec42711fb25e54a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/assets/code/irs.css
Origin: https://oneretritement-lrs.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:37 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 939d9f66e993332d8def74508fe62a33.woff
oneretritement-lrs.com/assets/fonts/ 622 B
829 B 108ms
107ms Font
text/html 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/fonts/939d9f66e993332d8def74508fe62a33.woff
Requested by: Host: oneretritement-lrs.com
URL: https://oneretritement-lrs.com/assets/code/irs.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 42c987fbca7e64f4f30c4430914fd712c4a82f062159b7fa0ec42711fb25e54a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/assets/code/irs.css
Origin: https://oneretritement-lrs.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:37 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK favicon.ico
oneretritement-lrs.com/assets/img/ 4 KB
4 KB 98ms
98ms Other
image/x-icon 20.3.132.61
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://oneretritement-lrs.com/assets/img/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.3.132.61 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d63881e43e08ef385e6c809b43b2b289a459fb2f30d5159000e2477d776b456

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://oneretritement-lrs.com/home
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 15:47:37 GMT
Last-Modified: Thu, 25 Mar 2021 10:52:46 GMT
Server: Apache
Content-Type: image/x-icon
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 3638

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rxinfocard.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: a6193c4ab5150ac0f898431935b026c4
			oneretritement-lrs.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 60e7ecc2b11d5af2c0e6cb2f9390b45a

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://oneretritement-lrs.com/home Message: Failed to decode downloaded font: https://oneretritement-lrs.com/assets/fonts/cda8ce29e0e4cd23f54267d0e946054e.woff2
other	warning	URL: https://oneretritement-lrs.com/home Message: OTS parsing error: invalid sfntVersion: 1013478509
other	warning	URL: https://oneretritement-lrs.com/home Message: Failed to decode downloaded font: https://oneretritement-lrs.com/assets/fonts/ac93c75f139d8d6cf03fd24ddcc996ce.woff2
other	warning	URL: https://oneretritement-lrs.com/home Message: OTS parsing error: invalid sfntVersion: 1013478509
other	warning	URL: https://oneretritement-lrs.com/home Message: Failed to decode downloaded font: https://oneretritement-lrs.com/assets/fonts/eef7990b30b8ede9d6a47521702ea372.woff
other	warning	URL: https://oneretritement-lrs.com/home Message: OTS parsing error: invalid sfntVersion: 1013478509
other	warning	URL: https://oneretritement-lrs.com/home Message: Failed to decode downloaded font: https://oneretritement-lrs.com/assets/fonts/939d9f66e993332d8def74508fe62a33.woff
other	warning	URL: https://oneretritement-lrs.com/home Message: OTS parsing error: invalid sfntVersion: 1013478509

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
oneretritement-lrs.com
rxinfocard.com
url9871.tergar.org
20.3.132.61
205.251.153.85
2606:4700:10::6816:3a71
2607:f8b0:400d:c0e::5f
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
170dedfadc7957f790c05ff1b614db47faa76534fd00df9d47121821e04082ff
22ccbc213fa9d3ddc90b7efe45d817d3d7d9c75a16db52576cd37758577308bd
27834e89ddfae0fb6633070e44c359de78becd9a1d24503da80e59d75493cb4e
2955219abcb2f853bcbbb5f6fd16fcc8b750b36dc962686279c9523f7a5e2f64
42c987fbca7e64f4f30c4430914fd712c4a82f062159b7fa0ec42711fb25e54a
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5c363ea35cf569178e30e9d22c24706c25e5bd470c9634bc21505e867dba7b55
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
6660da4d617d8e30021ad064a97b5c24abaf761c5f60f08cec4be22f88580b86
6d63881e43e08ef385e6c809b43b2b289a459fb2f30d5159000e2477d776b456
8a228232ab34899db68f550416beba8c5efbcc142e5554f41fb7793908c65243
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
e2a82173e0e65eefeb0ad04c62d3c8fe8d6d2ddd8cf7d40bb4fafeeaa6be7631

oneretritement-lrs.com Open in urlscan Pro 20.3.132.61 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

1 Countries

514 kBTransfer

589 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

2 Cookies

8 Console Messages

Indicators

oneretritement-lrs.com Open in urlscan Pro
20.3.132.61 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

1
Countries

514 kB
Transfer

589 kB
Size

2
Cookies

20 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!