retiventivels.com
Open in
urlscan Pro
3.136.131.229
Public Scan
Submission Tags: @phish_report
Submission: On April 22 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time retiventivels.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 3.136.131.229 3.136.131.229 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 142.250.185.202 142.250.185.202 | 15169 (GOOGLE) (GOOGLE) | |
4 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-131-229.us-east-2.compute.amazonaws.com
retiventivels.com |
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
retiventivels.com
retiventivels.com |
1 MB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33 |
1 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
3 | retiventivels.com |
retiventivels.com
|
1 | fonts.googleapis.com |
retiventivels.com
|
4 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
retiventivels.com R3 |
2024-03-29 - 2024-06-27 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-18 - 2024-06-10 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://retiventivels.com/click.php?key=jqkht7m0o3r1qti32uj4&SUB_ID_SHORT=coik3sks7lot0c8jibeg&PLACEMENT_ID=16702319&CAMPAIGN_ID=973101&PUBLISHER_ID=247419&ZONE_ID=1409736&type=Push&age=1&creative_id=543347&campaign_id=92426&site_id=5780&placement_id=39250631
Frame ID: 0E99C29482B6074DF434BE553E360F41
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Edge TranslateDetected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
click.php
retiventivels.com/ |
1 MB 423 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg.jpg
retiventivels.com/landers/edge_clo1_edge_translate/images/ |
619 KB 619 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
retiventivels.com/ |
555 B 373 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
retiventivels.com/ | Name: uclick Value: ghfyyd1n3y |
|
retiventivels.com/ | Name: uclickhash Value: ghfyyd1n3y-ghfyyd1n3y-4kfe-xsfy-7va7-yddu-ydsl-59d3ab |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
retiventivels.com
142.250.185.202
3.136.131.229
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
34080322cd6361b72eccdc8289d00c245c571d261789e1c3186cb6e985f8c916
6c2614c10883ccbad8287b31631571b6fd41919da254de5bf2c1711c545376c7
8762f5d2a0293c0077001a5c7f740640cb840cc048261d412f7ece08afe55820
c10473637afe1e1c54d5a8f6c1c068671fe6234f1b72bc969fbb643d1c203fbd