urlscan.io logo urlscan.io
SecurityTrails logo

gondolaline.com Open in urlscan Pro
31.222.255.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Effective URL: https://gondolaline.com/0/0/0/5fe699299dc4b922ab5926351171d3eb/27/208-24120/943-250-20620
Submission: On August 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 31.222.255.42, located in Seychelles and belongs to ASBAXETN, RU. The main domain is gondolaline.com.
TLS certificate: Issued by R11 on July 16th 2024. Valid for: 3 months.
This is the only time gondolaline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 45.141.13.81 36113 (UTL-42-36113)
1 31.222.255.42 49392 (ASBAXETN)
4 3
Apex Domain
Subdomains		 Transfer
2 ssott.com
save.ssott.com
1 KB
1 gondolaline.com
gondolaline.com
592 B
0 stillcovers.cfd Failed
stillcovers.cfd Failed
4 3
Domain Requested by
2 save.ssott.com save.ssott.com
1 gondolaline.com save.ssott.com
0 stillcovers.cfd Failed gondolaline.com
4 3

This site contains no links.

Subject Issuer Validity Valid
gondolaline.com
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh

This page contains 1 frames:

Frame: https://stillcovers.cfd/ISP04/227503/35129701/121846110402/ow/4d9f3d275d9d4700287e2aa43786f902x
Frame ID: 4BB4DA3DB1B9EAA99EDD5E91759F1E2C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 HTTP 307
    https://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 HTTP 307
    http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 Page URL
  2. http://save.ssott.com/t/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 Page URL
  3. https://gondolaline.com/0/0/0/5fe699299dc4b922ab5926351171d3eb/27/208-24120/943-250-20620 Page URL

Page Statistics

4
Requests

25 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

2 kB
Transfer

1 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 HTTP 307
    https://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 HTTP 307
    http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 Page URL
  2. http://save.ssott.com/t/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 Page URL
  3. https://gondolaline.com/0/0/0/5fe699299dc4b922ab5926351171d3eb/27/208-24120/943-250-20620 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 HTTP 307
  • https://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27 HTTP 307
  • http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
save.ssott.com/
Redirect Chain
  • http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
  • https://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
  • http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
458 B
711 B 		Document
General
Check archive.org
Download Go to
Full URL
http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Protocol
HTTP/1.1
Server
45.141.13.81 South Bend, United States, ASN36113 (UTL-42-36113, US),
Reverse DNS
randox.tebaharwalo.click
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Aug 2024 01:16:27 GMT
X-Address
gin_throttle_mw_7200000000_84.19.175.183
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1724120187

Redirect headers

Location
http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Non-Authoritative-Reason
HttpsUpgrades
4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
save.ssott.com/t/ 		304 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
http://save.ssott.com/t/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Requested by
Host: save.ssott.com
URL: http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Protocol
HTTP/1.1
Server
45.141.13.81 South Bend, United States, ASN36113 (UTL-42-36113, US),
Reverse DNS
randox.tebaharwalo.click
Software
/
Resource Hash
3802deb6de7b76ca8115a84c3b37d274863fae34f52bb04164335a7588adb4dd

Request headers

Referer
http://save.ssott.com/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
304
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Aug 2024 01:16:29 GMT
X-Address
gin_throttle_mw_7200000000_84.19.175.183
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
498
X-Ratelimit-Reset
1724120187
Primary Request 943-250-20620
gondolaline.com/0/0/0/5fe699299dc4b922ab5926351171d3eb/27/208-24120/ 		158 B
592 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gondolaline.com/0/0/0/5fe699299dc4b922ab5926351171d3eb/27/208-24120/943-250-20620
Requested by
Host: save.ssott.com
URL: http://save.ssott.com/t/4ukxlk24120zjri208uabvjgeqhu943kmicomigwfizbih250ugzx20620w27
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
31.222.255.42 , Seychelles, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ccc83f368f838a914f37ea9ed29e976e00d78fc3ff001372048085268b72637b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

Referer
http://save.ssott.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Aug 2024 01:16:31 GMT
server
nginx/1.12.2
strict-transport-security
max-age=16000000; includeSubDomains; preload;
transfer-encoding
chunked
vary
Accept-Encoding
4d9f3d275d9d4700287e2aa43786f902x
stillcovers.cfd/ISP04/227503/35129701/121846110402/ow/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
stillcovers.cfd
URL
https://stillcovers.cfd/ISP04/227503/35129701/121846110402/ow/4d9f3d275d9d4700287e2aa43786f902x

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
gondolaline.com/ Name: uid2275
Value: 1218461104-20240819211631-201d4053a883f5a0438d4fc74a23bb40-0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gondolaline.com
save.ssott.com
stillcovers.cfd
stillcovers.cfd
31.222.255.42
45.141.13.81
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
3802deb6de7b76ca8115a84c3b37d274863fae34f52bb04164335a7588adb4dd
ccc83f368f838a914f37ea9ed29e976e00d78fc3ff001372048085268b72637b