www.client.lostfund.pro
Open in
urlscan Pro
199.188.205.60
Public Scan
Submission: On November 15 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 11th 2023. Valid for: a year.
This is the only time www.client.lostfund.pro was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 199.188.205.60 199.188.205.60 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
8 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:828::2004 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
13 | 6 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business22-5.web-hosting.com
www.client.lostfund.pro |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
global-retrieve.com
global-retrieve.com |
106 KB |
2 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
216 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31 |
842 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
lostfund.pro
www.client.lostfund.pro |
4 KB |
13 | 5 |
Domain | Requested by | |
---|---|---|
8 | global-retrieve.com |
www.client.lostfund.pro
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
global-retrieve.com
|
1 | www.gstatic.com |
www.google.com
|
1 | www.google.com |
www.client.lostfund.pro
|
1 | www.client.lostfund.pro | |
13 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
global-retrieve.com |
client.global-retrieve.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web-hosting.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-11 - 2024-04-05 |
a year | crt.sh |
global-retrieve.com GTS CA 1P5 |
2023-10-22 - 2024-01-20 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.client.lostfund.pro/
Frame ID: 990CF4E09F14CC374AC19B083125446D
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Global-Retrieve RegisterDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Sign In
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.client.lostfund.pro/ |
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
global-retrieve.com/assets/css/ |
160 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.css
global-retrieve.com/assets/css/ |
25 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.min.css
global-retrieve.com/assets/css/ |
100 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-bundle.min.css
global-retrieve.com/assets/css/ |
15 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
global-retrieve.com/assets/css/ |
50 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
global-retrieve.com/assets/images/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
global-retrieve.com/assets/js/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.js
global-retrieve.com/assets/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__de.js
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/ |
470 KB 189 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 842 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v22/ |
27 KB 28 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha function| $ function| jQuery2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.client.lostfund.pro/ | Name: XSRF-TOKEN Value: eyJpdiI6IlNKZUxNUS9QL3p6WG9QYVlwcDJIalE9PSIsInZhbHVlIjoiUXIwTlVEbEpDbTU2QTJZREpjTm10bHR6QjZVTXgyNnQvbm9XcFBxc1hUaWN0QXh0MlBUdWErRWsrQTZqVnlEa0FIVjRiNzRpbFhZaVFCZmdFbXpKbVRBSmhYZ3V5cGFaS1IwcC8vaEV6bDFKalY3TVY0R1hMdElGZzIyZ09FYjYiLCJtYWMiOiIwYzhlYWNkNDM2ZDgzNDIzOWFiNTJmMWZkMjMzNTliOWQzOGViMDlmZmJhNDliMTQxMzk3OTNiMTYyZWRkZTQ4In0%3D |
|
www.client.lostfund.pro/ | Name: globalretrieve_session Value: eyJpdiI6Ii9WZm9XZmVpSU0wVUhLY296M0hIeEE9PSIsInZhbHVlIjoiNUpyVnRNeklXaytRRER5dE9WRWpxS2tSSFMxLzVNZEY0TGdXTzNFbWNmL0VqYjBieitWb1o3alFKUmhHSmtUTEg1YzU4bENkeENJZlBFRldGTXNtT2h1MHgyeVBsMGk0QTZSRnRRQ2haa1FkanAvajdQT1QwK3FvQzVHZFkyRk8iLCJtYWMiOiI2ZTgwZGEyZDFiZDljMzM2NzY5MzY3ODM5MzNjOWEwZjBlN2Y5NGMyNTE5ODk3MTI1ODY5NWNkM2I3MjI4NzE2In0%3D |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
global-retrieve.com
www.client.lostfund.pro
www.google.com
www.gstatic.com
199.188.205.60
2a00:1450:4001:809::2003
2a00:1450:4001:810::2003
2a00:1450:4001:828::2004
2a00:1450:4001:830::200a
2a06:98c1:3121::3
19118f0b4a6ba272b10d98fcfab73fad0a7710148b782eb9638d60c12d21a1f7
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
4ef89b120dd126220428e455341fe082606c73001423bfee2336d6aab6ae5b98
5297ba46897d0955bf211bd3d4239fc52a7add3a8830e7dec65523c022a75a9c
69fec76c287d517071bb3a271eabadffa33ffac4bff4eba5687b7949359b6190
6badc9052805ad558e3b7d2baaab15ecd356b81369cdf67b81b95ba124031907
7434307d32a6a0078240769f36e53e9e910a662c73b6195d6f8e0195df78e759
766239e57f844410e8936ecdb244ec6312887455f9441ec9ccc8de6c965c7438
7da2c78aebbd6e2db645e5b97424ed43196e116ef824980565996bdc513550a5
816732c3baab762a7074b5a7e31cb8e98a6af82795a2e0d747523a2d4789af9d
b90be663567c1b94b9e123d694979ca256d6e62ef027be74ae74dd8af110647b
e4afd6a93a86c909628b23c45b0ef38749123bdb05d3b15edf80adaa9b46c5fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e