larossola.it Open in urlscan Pro
89.34.236.43 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://larossola.it/
Submission Tags: falconsandbox
Submission: On November 25 via api (November 25th 2020, 11:15:55 am UTC) from US

Summary HTTP 8 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 89.34.236.43, located in Romania and belongs to ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT. The main domain is larossola.it.

This is the only time larossola.it was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	89.34.236.43 89.34.236.43	49367 (ASSEFLOW ...) (ASSEFLOW Amsterdam Internet Exchange (AMS-IX))
1	185.220.244.11 185.220.244.11	12637 (SEEWEB We...) (SEEWEB Web hosting)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	3

6 89.34.236.43 (Romania)

ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT)
PTR: sdov02.solodomini.com

larossola.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.220.244.11 (Switzerland)

ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT)
PTR: promax.artera.farm

www.7mates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	larossola.it larossola.it	100 KB
1	facebook.com www.facebook.com
1	7mates.com www.7mates.com	2 KB
8	3

	Domain	Requested by
6	larossola.it	larossola.it
1	www.facebook.com	larossola.it
1	www.7mates.com	larossola.it
8	3

This site contains links to these domains. Also see Links.

Domain
www.7mates.com
www.cinqueterre.com

Subject Issuer	Validity	Valid
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://larossola.it/
Frame ID: 8E94F66742FE9F255E2EBE0FAE3C6CCA
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?id=345831101862&
Frame ID: 0AAC470215A27A78EA1D0D394EC58435
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

8
Requests

13 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

102 kB
Transfer

101 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.7mates.com/

Search URL Search Domain Scan URL

URL: http://www.cinqueterre.com/
Title: Cinqueterre.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.facebook.com/plugins/likebox.php?id=345831101862& HTTP 307
https://www.facebook.com/plugins/likebox.php?id=345831101862&

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
larossola.it/ 3 KB
3 KB 148ms
91ms Document
text/html 89.34.236.43
ASSEFLOW Amsterda...

General

Check archive.org

Show headers Download Go to

Full URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 89.34.236.43 , Romania, ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT),
Reverse DNS: sdov02.solodomini.com
Software: nginx / PleskLin
Resource Hash: ae3a7d260859b91cdf70d987cf4440e51e95e44e94771fba93e3240818ed475d

Request headers

Host: larossola.it
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Wed, 25 Nov 2020 11:15:38 GMT
Content-Type: text/html
Content-Length: 3041
Last-Modified: Wed, 02 May 2012 08:25:55 GMT
Connection: keep-alive
ETag: "4fa0ef93-be1"
X-Powered-By: PleskLin
Accept-Ranges: bytes

GET
H/1.1 200
OK ita.gif
larossola.it/ 4 KB
4 KB 69ms
66ms Image
image/gif 89.34.236.43
ASSEFLOW Amsterda...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://larossola.it/ita.gif
Requested by: Host: larossola.it
URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 89.34.236.43 , Romania, ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT),
Reverse DNS: sdov02.solodomini.com
Software: nginx / PleskLin
Resource Hash: f27b588455e6ecddb495278156955c514295d8e5438c9d42e495c233ae265ac0

Request headers

Referer: http://larossola.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 25 Nov 2020 11:15:38 GMT
Last-Modified: Wed, 02 May 2012 08:23:28 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "4fa0ef00-f43"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3907

GET
H/1.1 200
OK en.gif
larossola.it/ 4 KB
4 KB 128ms
96ms Image
image/gif 89.34.236.43
ASSEFLOW Amsterda...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://larossola.it/en.gif
Requested by: Host: larossola.it
URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 89.34.236.43 , Romania, ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT),
Reverse DNS: sdov02.solodomini.com
Software: nginx / PleskLin
Resource Hash: 69b5c54e110e3ab373dc123f1cd3049b6ca1348f6d2797f9da470e9da1442be2

Request headers

Referer: http://larossola.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 25 Nov 2020 11:15:38 GMT
Last-Modified: Wed, 02 May 2012 08:24:30 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "4fa0ef3e-fd9"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4057

GET
H/1.1 200
OK fr.gif
larossola.it/ 4 KB
5 KB 126ms
94ms Image
image/gif 89.34.236.43
ASSEFLOW Amsterda...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://larossola.it/fr.gif
Requested by: Host: larossola.it
URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 89.34.236.43 , Romania, ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT),
Reverse DNS: sdov02.solodomini.com
Software: nginx / PleskLin
Resource Hash: 44ab292254cd6ba5924673179808876c0b54b03a98ac39f45dcd55aaea242e72

Request headers

Referer: http://larossola.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 25 Nov 2020 11:15:38 GMT
Last-Modified: Wed, 02 May 2012 08:23:28 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "4fa0ef00-117c"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4476

GET
H/1.1 200
OK de.gif
larossola.it/ 4 KB
5 KB 123ms
91ms Image
image/gif 89.34.236.43
ASSEFLOW Amsterda...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://larossola.it/de.gif
Requested by: Host: larossola.it
URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 89.34.236.43 , Romania, ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT),
Reverse DNS: sdov02.solodomini.com
Software: nginx / PleskLin
Resource Hash: eb27e2561d8b85545283558c60ae83a0d67e28e49a1117189780ea1e851869dc

Request headers

Referer: http://larossola.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 25 Nov 2020 11:15:38 GMT
Last-Modified: Wed, 02 May 2012 08:24:35 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "4fa0ef43-11c9"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4553

GET
H/1.1 200
OK welcome.jpg
larossola.it/ 79 KB
79 KB 119ms
88ms Image
image/jpeg 89.34.236.43
ASSEFLOW Amsterda...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://larossola.it/welcome.jpg
Requested by: Host: larossola.it
URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 89.34.236.43 , Romania, ASN49367 (ASSEFLOW Amsterdam Internet Exchange (AMS-IX), IT),
Reverse DNS: sdov02.solodomini.com
Software: nginx / PleskLin
Resource Hash: 6ac98b9493cd8f5940a8a0f0efd5a61a3b6c2e6e44437490c00c99763b55e347

Request headers

Referer: http://larossola.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 25 Nov 2020 11:15:38 GMT
Last-Modified: Wed, 02 May 2012 08:24:51 GMT
Server: nginx
X-Powered-By: PleskLin
ETag: "4fa0ef53-13c8b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81035

GET
H/1.1 200
OK segnalato-7mates.gif
www.7mates.com/img/banner/ 2 KB
2 KB 214ms
121ms Image
image/gif 185.220.244.11
SEEWEB Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.7mates.com/img/banner/segnalato-7mates.gif
Requested by: Host: larossola.it
URL: http://larossola.it/
Protocol: HTTP/1.1
Server: 185.220.244.11 , Switzerland, ASN12637 (SEEWEB Web hosting, colocation and cloud services, IT),
Reverse DNS: promax.artera.farm
Software: nginx /
Resource Hash: 6e0af784582d5da746dded8752633e023a1f7898364272044cbd0e76050da4e2

Request headers

Referer: http://larossola.it/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 25 Nov 2020 11:15:38 GMT
Last-Modified: Wed, 13 Jun 2012 10:34:21 GMT
Server: nginx
ETag: "4fd86cad-763"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1891
Expires: Fri, 25 Dec 2020 11:15:38 GMT

GET
H2

200

likebox.php
www.facebook.com/plugins/ Frame 0AAC
Redirect Chain

http://www.facebook.com/plugins/likebox.php?id=345831101862&
https://www.facebook.com/plugins/likebox.php?id=345831101862&

0
0

42ms
41ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?id=345831101862&

Requested by

Host: larossola.it
URL: http://larossola.it/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?id=345831101862&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://larossola.it/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://larossola.it/

Response headers

vary: Accept-Encoding
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: jWyWKQ4htq/7KkJAgGILNIBTUdKQwT4Twg6hXlD2LYh5bA4cWynBPcw+B8CcKSYFXsVFKgUiG9DkjDa9W9sqyQ==
date: Wed, 25 Nov 2020 11:15:38 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/likebox.php?id=345831101862&
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

larossola.it
www.7mates.com
www.facebook.com
185.220.244.11
2a03:2880:f12d:83:face:b00c:0:25de
89.34.236.43
44ab292254cd6ba5924673179808876c0b54b03a98ac39f45dcd55aaea242e72
69b5c54e110e3ab373dc123f1cd3049b6ca1348f6d2797f9da470e9da1442be2
6ac98b9493cd8f5940a8a0f0efd5a61a3b6c2e6e44437490c00c99763b55e347
6e0af784582d5da746dded8752633e023a1f7898364272044cbd0e76050da4e2
ae3a7d260859b91cdf70d987cf4440e51e95e44e94771fba93e3240818ed475d
eb27e2561d8b85545283558c60ae83a0d67e28e49a1117189780ea1e851869dc
f27b588455e6ecddb495278156955c514295d8e5438c9d42e495c233ae265ac0

larossola.it Open in urlscan Pro 89.34.236.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

13 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

102 kBTransfer

101 kBSize

0 Cookies

2 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

larossola.it Open in urlscan Pro
89.34.236.43 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

13 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

102 kB
Transfer

101 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions