elink.retarus.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 40.67.210.167, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is elink.retarus.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on July 27th 2023. Valid for: a year.

This is the only time elink.retarus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	40.67.210.167 40.67.210.167	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2

1 40.67.210.167 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

elink.retarus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

file-eu.clickdimensions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	clickdimensions.com file-eu.clickdimensions.com — Cisco Umbrella Rank: 114221	6 KB
1	retarus.com elink.retarus.com	7 KB
3	2

	Domain	Requested by
2	file-eu.clickdimensions.com	elink.retarus.com
1	elink.retarus.com
3	2

This site contains links to these domains. Also see Links.

Domain
analytics-eu.clickdimensions.com

Subject Issuer	Validity	Valid
elink.retarus.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-26`	a year	crt.sh
*.clickdimensions.com Go Daddy Secure Certificate Authority - G2	`2023-11-23` - `2024-12-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://elink.retarus.com/m/1/48497998/p1-b23353-e2935ca0480d4e11aaa7781d712763d8/1/82/a35f243e-e8c0-483d-9938-c574ecbc8537
Frame ID: 64FE5C8228213CCC30EA3D26C46AC946
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

14 kB
Transfer

231 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://analytics-eu.clickdimensions.com/retarusde-ajdoj/pages/mknb1kfeeibhqbqvr0mzg.html?_cldunsub=35613b376b93ee11a45b005056b45752-3993eec8633044a4b45d5da76e2e677d-contact&_cldee=FD8RroNR5x2jRvzMgcO0_YqID-dZdUh7cXRF85YR2E6fKqa4ToD0y2Ywh7h2mlmRoIvvJJ-e42qIWWYLeftcMg&recipientid=contact-13a01e9a5f43ea11a2e0005056b41352-3993eec8633044a4b45d5da76e2e677d&esid=35613b37-6b93-ee11-a45b-005056b45752
Title: Unsubscribe

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request a35f243e-e8c0-483d-9938-c574ecbc8537 Show response
elink.retarus.com/m/1/48497998/p1-b23353-e2935ca0480d4e11aaa7781d712763d8/1/82/ 47 KB
7 KB 1652ms
428ms Document
text/html 40.67.210.167
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://elink.retarus.com/m/1/48497998/p1-b23353-e2935ca0480d4e11aaa7781d712763d8/1/82/a35f243e-e8c0-483d-9938-c574ecbc8537

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

40.67.210.167 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty/1.21.4.2 /

Resource Hash

bdeafbce389cebf32ae8dc57cfd74e64a87fc995be695e2a63081c0f9aa44d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 19 Dec 2023 16:52:56 GMT
Expires: 0
Pragma: no-cache
Server: openresty/1.21.4.2
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
vary: accept-encoding

GET
H2 200 retarus-logo_150px.png
file-eu.clickdimensions.com/retarusde-ajdoj/files/ 6 KB
6 KB 619ms
148ms Image
image/png 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file-eu.clickdimensions.com/retarusde-ajdoj/files/retarus-logo_150px.png
Requested by: Host: elink.retarus.com
URL: https://elink.retarus.com/m/1/48497998/p1-b23353-e2935ca0480d4e11aaa7781d712763d8/1/82/a35f243e-e8c0-483d-9938-c574ecbc8537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ba1423fbe54ae0023487d601722d8d9a071796dc152ed3d0f246cae6eecbfd40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elink.retarus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 16:52:57 GMT
last-modified: Fri, 24 Aug 2018 12:25:17 GMT
etag: 0x8D609BCA6D1D62E
vary: Origin
x-azure-ref: 20231219T165257Z-q0h5ct19u93hz385chqyee754s000000009g00000000vt48
content-type: image/png
x-ms-request-id: 41576d7a-701e-0145-4888-32ad12000000
cache-control: public,max-age=1800
x-cache: TCP_REMOTE_HIT
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 6166

GET
H2 200 retarus_ebon_email_1200x500_schnell_en.jpg
file-eu.clickdimensions.com/retarusde-ajdoj/files/ 177 KB
0 830ms
359ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file-eu.clickdimensions.com/retarusde-ajdoj/files/retarus_ebon_email_1200x500_schnell_en.jpg
Requested by: Host: elink.retarus.com
URL: https://elink.retarus.com/m/1/48497998/p1-b23353-e2935ca0480d4e11aaa7781d712763d8/1/82/a35f243e-e8c0-483d-9938-c574ecbc8537
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://elink.retarus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 19 Dec 2023 16:52:57 GMT
last-modified: Fri, 08 Dec 2023 13:54:53 GMT
etag: 0x8DBF7F5412EACBF
vary: Origin
x-azure-ref: 20231219T165257Z-q0h5ct19u93hz385chqyee754s000000009g00000000vt49
content-type: image/jpeg
x-ms-request-id: a966795f-001e-006c-5f89-329d05000000
cache-control: public,max-age=1800
x-cache: TCP_REVALIDATED_HIT
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 369586

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

elink.retarus.com
file-eu.clickdimensions.com
2620:1ec:bdf::45
40.67.210.167
ba1423fbe54ae0023487d601722d8d9a071796dc152ed3d0f246cae6eecbfd40
bdeafbce389cebf32ae8dc57cfd74e64a87fc995be695e2a63081c0f9aa44d90

elink.retarus.com Open in urlscan Pro 40.67.210.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

14 kBTransfer

231 kBSize

0 Cookies

1 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

elink.retarus.com Open in urlscan Pro
40.67.210.167 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

14 kB
Transfer

231 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions