URL: https://rocketpool.it/
Submission Tags: @phish_report
Submission: On November 20 via api from FI — Scanned from IT

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 6 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is rocketpool.it.
TLS certificate: Issued by GTS CA 1P5 on November 12th 2023. Valid for: 3 months.
This is the only time rocketpool.it was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 151.106.32.15 34088 (GDY-FRANCE)
1 192.0.66.233 2635 (AUTOMATTIC)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
6 5
Apex Domain
Subdomains
Transfer
1 cwuobserver.com
cwuobserver.com
149 KB
1 keymedia.com
cdn-res.keymedia.com — Cisco Umbrella Rank: 199617
93 KB
1 crestresearch.ac.uk
crestresearch.ac.uk
53 KB
1 malwarebytes.com
www.malwarebytes.com — Cisco Umbrella Rank: 113527
1 foothillsneurology.com
foothillsneurology.com
33 KB
1 rocketpool.it
rocketpool.it
2 KB
6 6
Domain Requested by
1 cwuobserver.com rocketpool.it
1 cdn-res.keymedia.com rocketpool.it
1 crestresearch.ac.uk rocketpool.it
1 www.malwarebytes.com rocketpool.it
1 foothillsneurology.com rocketpool.it
1 rocketpool.it
6 6

This site contains no links.

Subject Issuer Validity Valid
rocketpool.it
GTS CA 1P5
2023-11-12 -
2024-02-10
3 months crt.sh
foothillsneurology.com
cPanel, Inc. Certification Authority
2023-11-19 -
2024-02-17
3 months crt.sh
*.malwarebytes.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-17 -
2024-10-04
a year crt.sh
crestresearch.ac.uk
GTS CA 1P5
2023-10-15 -
2024-01-13
3 months crt.sh
keymedia.com
Cloudflare Inc ECC CA-3
2023-03-19 -
2024-03-18
a year crt.sh
cwuobserver.com
E1
2023-11-07 -
2024-02-05
3 months crt.sh

This page contains 1 frames:

Primary Page: https://rocketpool.it/
Frame ID: DC9E379F97B5342F3E42C7CF8EA8C5B7
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

The Dark Side of Social Media

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

6
Requests

100 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

329 kB
Transfer

329 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
rocketpool.it/
4 KB
2 KB
Document
General
Full URL
https://rocketpool.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb0fb1baffda727a485f09c421c7994f698f5d625aa128b82a68473e67b18e06

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language
it-IT,it;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
828e936d5e62bb05-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 20 Nov 2023 06:18:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wp6IXuakZktd0fRPWyWhB0GLxjQAOlPs8ZAOXpMm2cXvLq1%2BjtntZqoOJg8g5syP1dZDV%2BwBtRxJqlGVynm6iNzpzF7qgNZ4LAidPyOKEoqNwn9w%2FAzyiqvkWagqiNYZ0fsAMjGmiFC1p0Jo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
AdobeStock_429806646-scaled.jpeg
foothillsneurology.com/dev/wp-content/uploads/
33 KB
33 KB
Image
General
Full URL
https://foothillsneurology.com/dev/wp-content/uploads/AdobeStock_429806646-scaled.jpeg
Requested by
Host: rocketpool.it
URL: https://rocketpool.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.106.32.15 Roubaix, France, ASN34088 (GDY-FRANCE, DE),
Reverse DNS
ns31235675.ip-151-106-32.eu
Software
Apache /
Resource Hash
691a2f6a5f7df04806fdd3ff76b074f10919d50b5600887af0a4f7e57ae04d43

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://rocketpool.it/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 20 Nov 2023 06:18:29 GMT
last-modified
Mon, 27 Sep 2021 20:16:00 GMT
server
Apache
vary
Accept,Accept-Encoding
content-type
image/webp
cache-control
max-age=10368000
accept-ranges
bytes
content-length
33690
expires
Tue, 19 Mar 2024 06:18:29 GMT
shutterstock_1207152967.jpg
www.malwarebytes.com/blog/images/uploads/2019/03/
0
0
Image
General
Full URL
https://www.malwarebytes.com/blog/images/uploads/2019/03/shutterstock_1207152967.jpg
Requested by
Host: rocketpool.it
URL: https://rocketpool.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.233 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://rocketpool.it/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

social-disinformation-1.1280x720.jpg
crestresearch.ac.uk/site/assets/files/3040/
52 KB
53 KB
Image
General
Full URL
https://crestresearch.ac.uk/site/assets/files/3040/social-disinformation-1.1280x720.jpg
Requested by
Host: rocketpool.it
URL: https://rocketpool.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59c0b079267f33e7015331e53772b5e15cdc84c48bdcf805c9b71062ce5a23b3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://rocketpool.it/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 20 Nov 2023 06:18:29 GMT
cf-cache-status
HIT
last-modified
Thu, 07 Jan 2021 15:06:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
23670
etag
"5ff72387-cfe6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bP4PZ4Y%2FoLKFlnl2l7MLkiqNVQ4lAGqvD%2F9xN8vQUNb4T4H200%2BeTXz8IFC2S19jiQlTHjaAUL%2FbpXMq5XJQvCMClwaX1b5pUTJcGhfdYGoDZw1Rm39s3dR2CK73EPF4GVRsH8mw0JkwUmH74LYpstzd"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
828e936e6ed7bab7-MXP
alt-svc
h3=":443"; ma=86400
content-length
53222
0308_637884859614233314.jpg
cdn-res.keymedia.com/cms/images/us/036/
92 KB
93 KB
Image
General
Full URL
https://cdn-res.keymedia.com/cms/images/us/036/0308_637884859614233314.jpg
Requested by
Host: rocketpool.it
URL: https://rocketpool.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4563 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69bce177dd4358f69351ae2df268ef7f16e3e220d4889526661b66aee651fe5a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://rocketpool.it/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 20 Nov 2023 06:18:30 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5
/0dGxAQOmZyCb9eM6f02/g==
alt-svc
h3=":443"; ma=86400
content-length
94059
x-ms-lease-status
unlocked
last-modified
Wed, 18 May 2022 15:52:41 GMT
server
cloudflare
etag
0x8DA38E6710BAB81
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ouXo5yo1GCzGXxu%2F9JyJhv958uhI%2BzaGBU%2BrPuRsgjotwUdNccSsTiurbPPIDW5DtF5b9T77vwQHgwMMWfB6FN5Je%2FdvxAMux75k80RU8m431vRmiw78kgrXfsUuJR8xfCgIlzVtYsw0JCEF%2FAv18vQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-ms-request-id
7eff91cb-c01e-004a-5679-1b3234000000
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
828e936e5a95524a-MXP
Screenshot-95.png
cwuobserver.com/wp-content/uploads/2021/02/
148 KB
149 KB
Image
General
Full URL
https://cwuobserver.com/wp-content/uploads/2021/02/Screenshot-95.png
Requested by
Host: rocketpool.it
URL: https://rocketpool.it/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3201e9d0dadced7c989a3b1815131005430714b1a910e86a58e8a590ab01889c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://rocketpool.it/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 20 Nov 2023 06:18:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
398478
alt-svc
h3=":443"; ma=86400
content-length
151894
last-modified
Wed, 17 Feb 2021 04:32:19 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gbfu%2B94ffjQDTpSGybRMVYZYnuNVN0db7tIwvZPO9cpi9l%2ByYSLIeMTpPLVvHSfkQTWQxavgb51l0b35ViQP7CEEapiAwdvIUxY8zqDFZWwn9y1CY%2FxdfwBNXDhyoSlccjinBzslFceK5%2Bqqd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
828e936e5e514c54-MXP
expires
Fri, 15 Dec 2023 15:37:11 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://www.malwarebytes.com/blog/images/uploads/2019/03/shutterstock_1207152967.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()