www.mattiaburdisso.altervista.org

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 5.9.139.125, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.mattiaburdisso.altervista.org.
TLS certificate: Issued by R3 on January 7th 2023. Valid for: 3 months.

This is the only time www.mattiaburdisso.altervista.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	5.9.139.125 5.9.139.125	24940 (HETZNER-AS) (HETZNER-AS)
1	2620:100:6022... 2620:100:6022:18::a27d:4212	19679 (DROPBOX) (DROPBOX)
2	2

1 5.9.139.125 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ns592.altervista.org

www.mattiaburdisso.altervista.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:6022:18::a27d:4212 (United States)

ASN19679 (DROPBOX, US)

www.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	dropbox.com www.dropbox.com — Cisco Umbrella Rank: 2312
1	altervista.org www.mattiaburdisso.altervista.org	671 B
2	2

	Domain	Requested by
1	www.dropbox.com	www.mattiaburdisso.altervista.org
1	www.mattiaburdisso.altervista.org
2	2

This site contains no links.

Subject Issuer	Validity	Valid
mattiaburdisso.altervista.org R3	`2023-01-07` - `2023-04-07`	3 months	crt.sh
*.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-14` - `2023-11-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.mattiaburdisso.altervista.org/
Frame ID: 2E6E5B4687F49FBC829F0FBB77DFF556
Requests: 1 HTTP requests in this frame

Frame: https://www.dropbox.com/s/dkd9agw98d5y3of/movie.mp4?dl=0
Frame ID: 61310E7A4DEF5CED152377B6DB56DE57
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sito Web di Burdisso Mattia

Page Statistics

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mattiaburdisso.altervista.org/ 1017 B
671 B 55ms
11ms Document
text/html 5.9.139.125
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mattiaburdisso.altervista.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.9.139.125 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ns592.altervista.org
Software: Apache /
Resource Hash: 3020e9797950d5749d98ac4e496dae54fee8a2feda26b2d26959621c22734596

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 533
content-type: text/html
date: Fri, 10 Mar 2023 01:48:57 GMT
etag: "3f9-5cf2ac48a2e5b-gzip"
last-modified: Mon, 25 Oct 2021 10:24:36 GMT
server: Apache
vary: Accept-Encoding

GET
H2 200 movie.mp4
www.dropbox.com/s/dkd9agw98d5y3of/ Frame 6131 0
0 399ms
358ms Document
text/html 2620:100:6022:18::a27d:4212
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dropbox.com/s/dkd9agw98d5y3of/movie.mp4?dl=0

Requested by

Host: www.mattiaburdisso.altervista.org
URL: https://www.mattiaburdisso.altervista.org/

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6022:18::a27d:4212 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://.dropboxusercontent.com/p/hls_master_playlist/ https://.dropboxusercontent.com/p/hls_playlist/ ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-Z7OK8CfvFz4LmSnt+Zxt' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob: report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-Z7OK8CfvFz4LmSnt+Zxt' 'nonce-NbAeX7Enu5xdsn8UWYM1'
Strict-Transport-Security	max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mattiaburdisso.altervista.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-encoding: identity,gzip
cache-control: no-cache, no-store
content-encoding: gzip
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-Z7OK8CfvFz4LmSnt+Zxt' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob: report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-Z7OK8CfvFz4LmSnt+Zxt' 'nonce-NbAeX7Enu5xdsn8UWYM1'
content-type: text/html; charset=utf-8
date: Fri, 10 Mar 2023 01:48:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dropbox-request-id: b87f5a406e4f4ec7a389b75aab407253
x-dropbox-response-origin: far_remote
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow, noimageindex
x-xss-protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dropbox.com/	1970-01-20 19:49:32	Name: gvc Value: Mjc3ODQzNTIwMzc4MjY4NDU5MDQ5NjA5MDEyMzk4NDUxNDUyNzQx
.dropbox.com/	1970-01-20 19:49:32	Name: t Value: fS97Vz596tkqPnkZ2b_IlkWz
www.dropbox.com/	1970-01-20 19:49:32	Name: __Host-js_csrf Value: fS97Vz596tkqPnkZ2b_IlkWz
.dropbox.com/	1970-01-20 19:49:32	Name: locale Value: de

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.dropbox.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.dropbox.com
www.mattiaburdisso.altervista.org
2620:100:6022:18::a27d:4212
5.9.139.125
3020e9797950d5749d98ac4e496dae54fee8a2feda26b2d26959621c22734596

www.mattiaburdisso.altervista.org Open in urlscan Pro 5.9.139.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

1 kBTransfer

1 kBSize

4 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

www.mattiaburdisso.altervista.org Open in urlscan Pro
5.9.139.125 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

4
Cookies

2 HTTP transactions
0 data transactions