urlscan.io logo urlscan.io
SecurityTrails logo

retiventivels.com Open in urlscan Pro
3.136.131.229  Public Scan

Go To Rescan Add Verdict Report
URL: https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPA...
Submission Tags: @phish_report
Submission: On April 22 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 3.136.131.229, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is retiventivels.com.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time retiventivels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.136.131.229 16509 (AMAZON-02)
1 142.250.185.202 15169 (GOOGLE)
4 3
Apex Domain
Subdomains		 Transfer
3 retiventivels.com
retiventivels.com
1 MB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
4 2
Domain Requested by
3 retiventivels.com retiventivels.com
1 fonts.googleapis.com retiventivels.com
4 2

This site contains no links.

Subject Issuer Validity Valid
retiventivels.com
R3		 2024-03-29 -
2024-06-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Frame ID: 0E99C29482B6074DF434BE553E360F41
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Edge Translate

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1044 kB
Transfer

1665 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request click.php
retiventivels.com/ 		1 MB
423 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.136.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-131-229.us-east-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
6c2614c10883ccbad8287b31631571b6fd41919da254de5bf2c1711c545376c7

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 22 Apr 2024 13:49:26 GMT
Server
nginx/1.24.0
Transfer-Encoding
chunked
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,300italic,regular,italic,500,500italic,700,700italic
Requested by
Host: retiventivels.com
URL: https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
8762f5d2a0293c0077001a5c7f740640cb840cc048261d412f7ece08afe55820
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://retiventivels.com/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 22 Apr 2024 13:49:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 13:43:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Apr 2024 13:49:27 GMT
bg.jpg
retiventivels.com/landers/edge_clo1_edge_translate/images/ 		619 KB
619 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retiventivels.com/landers/edge_clo1_edge_translate/images/bg.jpg
Requested by
Host: retiventivels.com
URL: https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.136.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-131-229.us-east-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
c10473637afe1e1c54d5a8f6c1c068671fe6234f1b72bc969fbb643d1c203fbd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 13:49:27 GMT
Last-Modified
Fri, 01 Mar 2024 12:50:24 GMT
Server
nginx/1.24.0
ETag
"65e1cf10-9ac2e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
633902
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34080322cd6361b72eccdc8289d00c245c571d261789e1c3186cb6e985f8c916

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
retiventivels.com/ 		555 B
373 B 		Other
General
Check archive.org
Download Go to
Full URL
https://retiventivels.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.136.131.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-136-131-229.us-east-2.compute.amazonaws.com
Software
nginx/1.24.0 /
Resource Hash
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 22 Apr 2024 13:49:28 GMT
Content-Encoding
gzip
Server
nginx/1.24.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
retiventivels.com/ Name: uclick
Value: ghfyyd1n3y
retiventivels.com/ Name: uclickhash
Value: ghfyyd1n3y-ghfyyd1n3y-4kfe-xsfy-7va7-yddu-ydsl-59d3ab

1 Console Messages

Source Level URL
Text
network error URL: https://retiventivels.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)