ScamLens analyzed retrofootball-shirts.com using 90+ threat intelligence sources and assigned a trust score of 62/100, classifying it as moderate risk.
Trust Score: 62/100
Risk Level: Caution
This result is still in the investigation range, so the domain alone is not enough for a decision. The next step is to cross-check the email, phone number, company identity, and scenario.
Quick Answer
This result is still in the investigation range, so the domain alone is not enough for a decision. The next step is to cross-check the email, phone number, company identity, and scenario.
Positive Signals
- + Google Safe Browsing: Safe
- + HTTPS encryption supported
- + Security headers configured (HSTS + CSP)
Concerns
- - 2 security sources flagged as suspicious
Score Breakdown
Was this assessment accurate?
AI Risk Assessment
Moderate RiskWhat matters right now
This is the easiest range to misread. Do not rely on the domain alone. Cross-check the email, phone number, company identity, and transaction context together.
retrofootball-shirts.com shows mixed security signals. [FACT] Safe Browsing is clean 1 and 26 of 28 threat feeds responded clean 3, but two feeds flagged concerns: shodan_internetdb reported SUSPICIOUS_PORTS and dns_security reported DNS_BLOCKED_MALWARE 2. [FACT] The domain is 549 days old with a low-risk .com TLD 45, and SSL/security headers are present 4. [INFERENCE] The two threat feed flags suggest potential infrastructure issues (exposed ports or DNS misconfiguration) rather than confirmed active malice, as Safe Browsing—Google's real-time phishing/malware detector—remains clean 1. [FACT] No community reports or brand impersonation detected 3. [UNVERIFIED] The nature and severity of the flagged ports and DNS block require manual verification; these could indicate legacy misconfigurations unrelated to current site safety.
Recommendation
Risk is moderate. Before using this site for sensitive transactions, verify its legitimacy independently (check official sources for the brand). Site operators should investigate and remediate the flagged ports and DNS issues. Safe for general browsing but exercise caution with personal/payment data.
Sources
- Threat intelligence feeds (2 flagged)Threat intel
shodan_internetdb (SUSPICIOUS_PORTS); dns_security (DNS_BLOCKED_MALWARE)
- 26/28 threat feeds responded cleanThreat intel
- WHOIS registration dataWHOIS
Registered 2024-10-24T13:39:18Z (549 days ago), registrar: Tucows Domains Inc.
- TLD risk classification: .com (low risk)Analysis
Based on APWG / Spamhaus / Interisle 2024 abuse rankings
Powered by ScamLens AI· Check sources to verify important claims
Advanced Scan
Comprehensive data lookup across premium sources
- Website history verification
- Detailed WHOIS information
- Reverse WHOIS association
- Traffic rank analysis
- Company registration check
AI Deep Investigation
Cross-check the story, claims, and supporting evidence before you decide
- Everything in Advanced Scan
- AI website content analysis
- AI cross-reference verification
- Claim authenticity validation
- Detailed report with evidence
Comprehensive Investigation
Full-spectrum investigation with company deep search & social intelligence
- Everything in Deep Investigation
- AI company background search
- Social media intelligence
- Detailed suspicious point analysis
- Event timeline & entity connections
This analysis is for informational purposes only and does not constitute a legal determination.
Security Sources
Domain Information
- Registrar
- Tucows Domains Inc.
- Created
- October 24, 2024
- Expires
- October 24, 2026
- Domain Age
- 1 years
- DNSSEC
- Disabled
- Nameservers
- NS-CLOUD-A1.GOOGLEDOMAINS.COM, NS-CLOUD-A2.GOOGLEDOMAINS.COM, NS-CLOUD-A3.GOOGLEDOMAINS.COM, NS-CLOUD-A4.GOOGLEDOMAINS.COM
- Domain Status
- client transfer prohibited client update prohibited
SSL/TLS Certificate
No data available
Server Information
- IP Address
- 23.227.38.66
- Hosting Provider
- Cloudflare, Inc.
- ASN
- AS13335 Cloudflare, Inc.
- Server Location
- Ottawa, Canada
- Organization
- Shopify, Inc.
Related Intelligence
Technical Details (DNS / Headers / Subdomains)
DNS Records
Email Security
SPF Configured DMARC Configured| Type | Value |
|---|---|
| A | 23.227.38.66 |
| AAAA | 2620:127:f00f:6:: |
| MX | 10 mx.zoho.eu |
| MX | 20 mx2.zoho.eu |
| MX | 50 mx3.zoho.eu |
| NS | ns-cloud-a1.googledomains.com |
| NS | ns-cloud-a4.googledomains.com |
| NS | ns-cloud-a3.googledomains.com |
| NS | ns-cloud-a2.googledomains.com |
| TXT | v=spf1 include:zohomail.eu ~all |
| TXT | zb45921960 |
| TXT | zoho-verification=zb99006079.zmverify.zoho.eu |
HTTP Security Headers
4/6max-age=7889238
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
DENY
nosniff
Channels / Subdomains
No data available
Community Reports
Log in to report and share your experience
Report & Take Down This Website
Continue Investigating
The result is still in the investigation range. Cross-check the email, phone, and entity data next
Medium-risk domains are easiest to misread when you only check one signal. The decision gets more reliable once you cross-check the email, phone number, company identity, and business scenario together.
Recommended First
Analyze the related email or invoice
Confirm whether the billing notice, restriction alert, or support email actually matches the site.
Check the company or seller identity
Compare the domain against the company identity, merchant profile, or hiring details.
Check the related phone number
If the actor wants a callback, phone verification, or one-time code readout, verify that number next.
Open the matching scenario guide
If the case involves investing, shopping, or recovery services, verify it through the matching scenario guide.
The results are based on multiple third-party data sources and AI models. False positives or negatives may occur. This report should not be used as the sole basis for any decision. Please verify with additional sources.
Verify the related evidence objects first
Medium-risk cases are easiest to misread when you only check one signal. Verify the email, phone, and entity before deciding whether to report or stop the transaction.
If you already paid or exposed account access, skip the investigation loop and move into the action plan.
Related Security Guides
Learn more about how to protect yourself from this type of threat.
FAQ
Is retrofootball-shirts.com safe to visit?
retrofootball-shirts.com received a trust score of 62/100 from ScamLens. Some minor concerns were identified but no critical threats were found. Exercise normal caution.
Was retrofootball-shirts.com flagged by any threat databases?
retrofootball-shirts.com was flagged by 2 out of 90+ threat intelligence sources. Specifically flagged by: shodan_internetdb, dns_security. The detected threat categories include: general threat.
How old is retrofootball-shirts.com?
retrofootball-shirts.com was first registered on October 24, 2024, making it approximately 1 year old. This is an established domain with a history of operation.
Does retrofootball-shirts.com use HTTPS and have a valid SSL certificate?
retrofootball-shirts.com does not appear to have a valid SSL certificate configured. This means data transmitted to and from this site is not encrypted, which is a significant security concern.
What security headers does retrofootball-shirts.com implement?
retrofootball-shirts.com is missing important security headers: Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Strict-Transport-Security, Referrer-Policy, Permissions-Policy. Missing security headers can leave visitors vulnerable to cross-site scripting (XSS) and other web-based attacks.
What does the ScamLens community think about retrofootball-shirts.com?
No community votes or reports have been submitted for retrofootball-shirts.com yet. You can be the first to share your experience.
Where is retrofootball-shirts.com hosted?
retrofootball-shirts.com is hosted by Cloudflare, Inc. in Ottawa, Canada (ASN: ASAS13335 Cloudflare, Inc.).
What should I do about retrofootball-shirts.com?
Risk is moderate. Before using this site for sensitive transactions, verify its legitimacy independently (check official sources for the brand). Site operators should investigate and remediate the flagged ports and DNS issues. Safe for general browsing but exercise caution with personal/payment data.
Is this report useful?
Use this report to prompt others to keep cross-checking the email, phone number, and entity details instead of clearing it too early.
Forward to your parents — they deserve to browse safely too.
About this analysis
This report is generated from real-time data across 90+ threat intelligence sources, combined with AI analysis and community feedback.
Learn about our scoring methodology | Last analyzed: April 8, 2026
All Tucows Domains Inc. domains All Cloudflare, Inc. domains