urlscan.io logo urlscan.io
SecurityTrails logo

ventrcl.com Open in urlscan Pro
2606:4700:3037::6815:a44  Public Scan

Go To Rescan Add Verdict Report
URL: http://ventrcl.com/2aRLYJn
Submission: On November 06 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 2606:4700:3037::6815:a44, located in United States and belongs to CLOUDFLARENET, US. The main domain is ventrcl.com.
This is the only time ventrcl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
1 ventrcl.com
ventrcl.com
2 KB
0 Failed
function sub() { [native code] }. Failed
2 2
Domain Requested by
1 ventrcl.com
0 127.0.0.1 Failed ventrcl.com
2 2

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Frame: http://127.0.0.1/
Frame ID: A34FB039255566D29D45A6F1B887FF20
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

2
Requests

0 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2 kB
Transfer

1 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://securemash.com/isp?s1=ispsurveyatt2etnamerhomeimprovVZW&s3=sc_12826%2Clcat_1636180843&s4=12358&s5=3304667273 HTTP 303
  • https://gammamkt.com/?a=10473&c=131833&p=r&s1=ispsurveyatt2etnamerhomeimprovVZW&s2=246831496&s3=sc_12826%2Clcat_1636180843&s4=12358 HTTP 302
  • http://t3.lolameraz.com/aff_c?offer_id=437&aff_id=1543&aff_sub=pfizer&aff_sub2=10473&aff_sub3=246831496&aff_sub4=sc_12826%2clcat_1636180843&aff_sub5=429518716 HTTP 302
  • http://127.0.0.1/

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2aRLYJn
ventrcl.com/ 		639 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ventrcl.com/2aRLYJn
Protocol
HTTP/1.1
Server
2606:4700:3037::6815:a44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e2dbd596f1a40e5072cc21db2be6a7ebe9aa1725a0f88786df948134071ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 06 Nov 2021 11:28:15 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
vary
Accept-Encoding
cache-control
no-cache
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNY0ZEp6bNtV6flFqwmLcZ7GPDq%2FmWppWOIl%2Bb1nId69HgtlnXhwwqylVGQ7P29BrcSxzumSBvFxIa%2F8vzQmKIGubTkBhpxz3xapjFSDrjZ31s9hvHAY7XinYqPnOy1YOeGy8CXI9bSVHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6a9dfa2b3d05695d-FRA
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
/
127.0.0.1/
Redirect Chain
  • https://securemash.com/isp?s1=ispsurveyatt2etnamerhomeimprovVZW&s3=sc_12826%2Clcat_1636180843&s4=12358&s5=3304667273
  • https://gammamkt.com/?a=10473&c=131833&p=r&s1=ispsurveyatt2etnamerhomeimprovVZW&s2=246831496&s3=sc_12826%2Clcat_1636180843&s4=12358
  • http://t3.lolameraz.com/aff_c?offer_id=437&aff_id=1543&aff_sub=pfizer&aff_sub2=10473&aff_sub3=246831496&aff_sub4=sc_12826%2clcat_1636180843&aff_sub5=429518716
  • http://127.0.0.1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
127.0.0.1
URL
http://127.0.0.1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
ventrcl.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjZnM1VybEVERnR6TEQ4Z0RkTzYzQ0E9PSIsInZhbHVlIjoiMlh2ZG9saCtTRjRHQ0Y2UTBGMmlJN2s2M1RSYVlRSEJ4OFRKMXE1alJrb0Q5OXRoRXJhZ2pOWmVJNGZzRFwvdlJmTzZXR1pvVm1FS2ZyWjVTRzhLQmVBPT0iLCJtYWMiOiI5M2I1N2JkNjMyMzBjNzcyZTgzZTMxNTE2YzI5NTg4MTUxZTAzYzNhZWYwZTY4MmQzNWEwY2MwMzFiOTg5NTY4In0%3D
ventrcl.com/ Name: laravel_session
Value: eyJpdiI6IlpHSlBpUmFiVkpKaUg0dVZ3bGxiM2c9PSIsInZhbHVlIjoiTGRWMjBzS2wzNnl0MlZMNURWWW9jaDZ1NXRNRkxhNGtxRUdHWUF5c0VMZTVsUDlmOGhkRkVFZDRybE1ocUhlSmFUdzE0bXR0VE9cLzR2K3BuWXFiRXpRPT0iLCJtYWMiOiIyYjExZTI4Yzg2NDA0NzNkNTM2YzAwN2ZhMWQ4OWI0ODg5YzM1MzRiOTFhZWQ5YjhmMDU5MWZiNTVhYTgxYjNmIn0%3D
.gammamkt.com/ Name: sid
Value: vdAA7FqcvidxStExA6SO09xWlxhcMWys1Q3S58zTNCWUdVLfAfH87A==
.gammamkt.com/ Name: trk
Value: ybc+T9DWWLm7wccYveXeb9xWlxhcMWys1Q3S58zTNCWUdVLfAfH87A==
.gammamkt.com/ Name: c25030
Value: vdAA7Fqcvic3ZasZq9/fCxiVa1dOuCjx14AqghM9uqz1b5OyhxrJTg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

127.0.0.1
ventrcl.com
127.0.0.1
2606:4700:3037::6815:a44
c9e2dbd596f1a40e5072cc21db2be6a7ebe9aa1725a0f88786df948134071ec0