ringleanareking.cf - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3037::ac43:c4a4, located in United States and belongs to CLOUDFLARENET, US. The main domain is ringleanareking.cf.
TLS certificate: Issued by GTS CA 1P5 on January 25th 2024. Valid for: 3 months.

This is the only time ringleanareking.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3037::ac43:c4a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2

3 2606:4700:3037::ac43:c4a4 (United States)

ASN13335 (CLOUDFLARENET, US)

ringleanareking.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

retuogrt.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	ringleanareking.cf ringleanareking.cf	3 KB
2	retuogrt.buzz retuogrt.buzz	20 KB
5	2

	Domain	Requested by
3	ringleanareking.cf	ringleanareking.cf
2	retuogrt.buzz	ringleanareking.cf
5	2

This site contains links to these domains. Also see Links.

Domain
retuogrt.buzz

Subject Issuer	Validity	Valid
ringleanareking.cf GTS CA 1P5	`2024-01-25` - `2024-04-24`	3 months	crt.sh
retuogrt.buzz GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ringleanareking.cf/dating/index.php?key=1701GOOD&9NEB5j76&subid3=1600&subid4=1200
Frame ID: 280EE4FD795236736459180B35284229
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WARNING this site is for adults only!

Page URL History Show full URLs

https://ringleanareking.cf/dating/antibot1.php?key=1701GOOD&9NEB5j76 Page URL
https://ringleanareking.cf/dating/antibot2.php?key=1701GOOD&9NEB5j76 Page URL
https://ringleanareking.cf/dating/index.php?key=1701GOOD&9NEB5j76&subid3=1600&subid4=1200 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

23 kB
Transfer

26 kB
Size

4
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://retuogrt.buzz/click_api/?_lp=1&_token=uuid_12pb0t62vfdtc_12pb0t62vfdtc65b987477ed0f0.46195310
Title: ENTER!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ringleanareking.cf/dating/antibot1.php?key=1701GOOD&9NEB5j76 Page URL
https://ringleanareking.cf/dating/antibot2.php?key=1701GOOD&9NEB5j76 Page URL
https://ringleanareking.cf/dating/index.php?key=1701GOOD&9NEB5j76&subid3=1600&subid4=1200 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	antibot1.php Show response ringleanareking.cf/dating/	379 B 663 B	764ms 44ms	Document text/html	2606:4700:3037::ac43:c4a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ringleanareking.cf/dating/antibot1.php?key=1701GOOD&9NEB5j76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:c4a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c9ca600440adfb82870cb63063feb897b1fa3a9bb0421442de8b0caa257b1dd9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84dd851d7c1a65d3-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 30 Jan 2024 23:33:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAej7a7RR0IgMSy0cHiUgVUayV00GdnVKKuTT%2FxL3aqRA8BiOX%2BdJnHLvrOqd7gyMRvPw4roc6urmfp9luHyWMFdOpVC8gw22ct5Aq%2F5yM06qlsyUfShzS%2FYjBmMgmnffMSutIjLhoZ%2Bybfk%2BD7RlNs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	antibot2.php Show response ringleanareking.cf/dating/	849 B 702 B	38ms 38ms	Document text/html	2606:4700:3037::ac43:c4a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ringleanareking.cf/dating/antibot2.php?key=1701GOOD&9NEB5j76 Requested by Host: ringleanareking.cf URL: https://ringleanareking.cf/dating/antibot1.php?key=1701GOOD&9NEB5j76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:c4a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `113b15ee39b485f81966377827644e395281520b3d19bae2da3e81eb26d7f3ef` Request headers Referer https://ringleanareking.cf/dating/antibot1.php?key=1701GOOD&9NEB5j76 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 84dd851dfc6365d3-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 30 Jan 2024 23:33:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51qN6sKdr9LP5B6gYx8CJ%2BMrvC%2F8p99A1mirKq0ju17lF6LAmQg%2BvO4JlXydLw7qqyB2xXJ3DqgEAd6SkdQla4PQoAt7174YbHktFFG1wf1yoB%2BLdHYf0YXlTNxIGtf00RIdp7tyZcD78QXvywyTSu4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	Primary Request index.php Show response ringleanareking.cf/dating/	2 KB 1 KB	162ms 162ms	Document text/html	2606:4700:3037::ac43:c4a4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ringleanareking.cf/dating/index.php?key=1701GOOD&9NEB5j76&subid3=1600&subid4=1200 Requested by Host: ringleanareking.cf URL: https://ringleanareking.cf/dating/antibot2.php?key=1701GOOD&9NEB5j76 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:c4a4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7ded8fcf06179feee2252693174fb5a35ee01fda7cf90fa59303b956a785211e` Request headers Referer https://ringleanareking.cf/dating/antibot2.php?key=1701GOOD&9NEB5j76 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 84dd851e5c9a65d3-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 30 Jan 2024 23:33:27 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkNOxCTz2KDAuxrFQANTzYwYvtl9Z%2BaN8QaY5M%2F8AuH%2B1kg2gbj5wvfsYo3%2BXiWlKsGssoekG1%2F7EheSvLiNKU7KdzzjqXVsJ7QRTBfNQnd4gopvDLHBZVi%2Ban%2BGWPTErASLMMTnBsmyyV2929ArAj0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	style.css retuogrt.buzz/lander/18plus/	5 KB 1 KB	90ms 28ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://retuogrt.buzz/lander/18plus/style.css Requested by Host: ringleanareking.cf URL: https://ringleanareking.cf/dating/index.php?key=1701GOOD&9NEB5j76&subid3=1600&subid4=1200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fe0a365c65a52805e8a6e8120fbaa6b23dc254ce4065efecbbaec2673197c635` Request headers accept-language de-DE,de;q=0.9 Referer https://ringleanareking.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 23:33:27 GMT content-encoding gzip cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 434407 alt-svc h3=":443"; ma=86400 last-modified Fri, 07 Apr 2023 17:01:18 GMT server cloudflare etag W/"64304c5e-1262" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRW7jtSAZ%2FGilATUeJY%2B2%2Bb6br0nkwzqzSXD3%2Fugkr3LNLot68oWdcbgmPn8hnOF8g8pt%2FwH63W79dx4qGCuj7m32NFqXVi9%2FXjw6DKvhXaZ86EF6ux42Zeh9LQL3AK8v0U9lnCB6ePyWrW2"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=864000 cf-ray 84dd851fbf143a82-FRA expires Sun, 04 Feb 2024 22:53:20 GMT
GET H2	200	3.png retuogrt.buzz/lander/18plus/i/	18 KB 18 KB	92ms 31ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://retuogrt.buzz/lander/18plus/i/3.png Requested by Host: ringleanareking.cf URL: https://ringleanareking.cf/dating/index.php?key=1701GOOD&9NEB5j76&subid3=1600&subid4=1200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `68b1dd768586aaeaff37127c5aea25f95b1cf86cf56a20410e526d7fb8dc7875` Request headers accept-language de-DE,de;q=0.9 Referer https://ringleanareking.cf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 30 Jan 2024 23:33:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 434407 alt-svc h3=":443"; ma=86400 content-length 18564 last-modified Fri, 07 Apr 2023 17:01:18 GMT server cloudflare etag "64304c5e-4884" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EneNbQp1JaNhDlMS23P6FQJMfu%2FPZScWcQDGJ16t5x3%2Fqll6LsuhkIlKDapgjaJdR6GnDU5lZVEfIoAKn2NyOeVkkkP1sdG2Oh5QhuZIln4yF%2F0nx4B7uqrudqPYI77MTBTzQy05YyCnyAQe"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=864000 accept-ranges bytes cf-ray 84dd851fbf153a82-FRA expires Sun, 04 Feb 2024 22:53:20 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ringleanareking.cf/	1969-12-31 23:59:59	Name: PHPSESSID Value: hpg025b6dmh0aun88hn3msci14
.ringleanareking.cf/	1970-01-20 18:05:44	Name: _subid Value: 12pb0t62vfdtc
.ringleanareking.cf/	1970-01-20 18:05:44	Name: 5533f Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM1OVwiOjE3MDY2NTc2MDd9LFwiY2FtcGFpZ25zXCI6e1wiNDZcIjoxNzA2NjU3NjA3fSxcInRpbWVcIjoxNzA2NjU3NjA3fSJ9.mewUedMQrp27dlT67VQtpZ5zO7fIE3d3R3Te_N4Qhno
.ringleanareking.cf/	1970-01-20 18:05:44	Name: _token Value: uuid_12pb0t62vfdtc_12pb0t62vfdtc65b987477ed0f0.46195310

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

retuogrt.buzz
ringleanareking.cf
2606:4700:3037::ac43:c4a4
2a06:98c1:3120::3
113b15ee39b485f81966377827644e395281520b3d19bae2da3e81eb26d7f3ef
68b1dd768586aaeaff37127c5aea25f95b1cf86cf56a20410e526d7fb8dc7875
7ded8fcf06179feee2252693174fb5a35ee01fda7cf90fa59303b956a785211e
c9ca600440adfb82870cb63063feb897b1fa3a9bb0421442de8b0caa257b1dd9
fe0a365c65a52805e8a6e8120fbaa6b23dc254ce4065efecbbaec2673197c635

ringleanareking.cf Open in urlscan Pro 2606:4700:3037::ac43:c4a4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

23 kBTransfer

26 kBSize

4 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

4 Cookies

Indicators

ringleanareking.cf Open in urlscan Pro
2606:4700:3037::ac43:c4a4 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

23 kB
Transfer

26 kB
Size

4
Cookies

5 HTTP transactions
0 data transactions