delavallee-tea.com - urlscan.io

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 188.130.25.23, located in France and belongs to EURO-WEB-AS, FR. The main domain is delavallee-tea.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on February 5th 2020. Valid for: 3 months.

This is the only time delavallee-tea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.96.204.96 185.96.204.96	200760 (ELOGIC-AS...) (ELOGIC-AS Elogic Srl - Cloud Services)
3	188.130.25.23 188.130.25.23	35393 (EURO-WEB-AS) (EURO-WEB-AS)
3	1

1 185.96.204.96 (Italy) 1 redirects

ASN200760 (ELOGIC-AS Elogic Srl - Cloud Services, IT)

www.soluzionefarmacia.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.130.25.23 (France)

ASN35393 (EURO-WEB-AS, FR)
PTR: premrt1.phpnet.org

delavallee-tea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	delavallee-tea.com delavallee-tea.com	44 KB
1	soluzionefarmacia.it 1 redirects www.soluzionefarmacia.it	338 B
3	2

	Domain	Requested by
3	delavallee-tea.com	delavallee-tea.com
1	www.soluzionefarmacia.it	1 redirects
3	2

This site contains no links.

Subject Issuer	Validity	Valid
delavallee-tea.com Let's Encrypt Authority X3	`2020-02-05` - `2020-05-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com
Frame ID: D66921C28E6F403D132E23C3B966A3C8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.soluzionefarmacia.it/samba/?0@=Y3JhaWcuZnJvZWxpY2hAYmFtbC5jb20N HTTP 302
https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

44 kB
Transfer

44 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.soluzionefarmacia.it/samba/?0@=Y3JhaWcuZnJvZWxpY2hAYmFtbC5jb20N HTTP 302
https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	503	Primary Request / Show response delavallee-tea.com/works/updater2020/update/ Redirect Chain http://www.soluzionefarmacia.it/samba/?0@=Y3JhaWcuZnJvZWxpY2hAYmFtbC5jb20N https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com	1 KB 1 KB	1028ms 939ms	Document text/html	188.130.25.23 EURO-WEB-AS
General Check archive.org Show headers Download Go to Full URL https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.130.25.23 , France, ASN35393 (EURO-WEB-AS, FR), Reverse DNS premrt1.phpnet.org Software nginx / Resource Hash `fe82b1df5eba0353572fc1cbdc3ade0022afd5618609263d0513f843313c333c` Request headers :method GET :authority delavallee-tea.com :scheme https :path /works/updater2020/update/?email=craig.froelich@baml.com pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers status 503 server nginx date Tue, 11 Feb 2020 06:52:24 GMT content-type text/html; charset=utf-8 content-length 669 retry-after 3600 set-cookie PrestaShop-9085077627ba476bd3eb8faa345cd38f=def502004fd881eeda4d058aa71a99c47977e6609c0d7a1bc87813ca2be52736976c3979b4a8912e9eddd8847bcec8ac6b530fc2a928a7280b45fae987a38643b74e0f75198cf3b1d90dc0d29dbec5dcdfb24c44fa90fb7731540b94e4d6f889214fb75396f39232a4c85c05b9c87ce8101b95df4742833595db8534f871a9adffb4d7e20a9ea7a4d2ee79051e4afb444fda3c6952d202f99beca151895243adb28c35a2eb82aa81c4af89b62153abe768ba3bb3; expires=Mon, 02-Mar-2020 06:52:24 GMT; Max-Age=1728000; path=/; domain=delavallee-tea.com; secure; httponly vary Accept-Encoding content-encoding gzip Redirect headers Date Tue, 11 Feb 2020 06:52:23 GMT Server Apache/2.4.18 (Ubuntu) X-Powered-By PHP/5.6.30 Location https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H2	200	error.css delavallee-tea.com/themes/classic/assets/css/	1 KB 548 B	32ms 31ms	Stylesheet text/css	188.130.25.23 EURO-WEB-AS
General Check archive.org Show headers Download Go to Full URL https://delavallee-tea.com/themes/classic/assets/css/error.css Requested by Host: delavallee-tea.com URL: https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.130.25.23 , France, ASN35393 (EURO-WEB-AS, FR), Reverse DNS premrt1.phpnet.org Software nginx / Resource Hash `e05a316e113a1f370e87ae6c09cbc2c3a6c450f4f8fad0adc9c0e7b30d89035d` Request headers Referer https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Tue, 11 Feb 2020 06:52:24 GMT content-encoding gzip last-modified Wed, 05 Feb 2020 13:56:19 GMT server nginx etag "479-59dd48556a8e4-gzip" vary Accept-Encoding content-type text/css status 200 accept-ranges bytes content-length 376
GET H2	200	my-shop-logo-1580913026.jpg delavallee-tea.com/img/	42 KB 42 KB	50ms 50ms	Image image/jpeg	188.130.25.23 EURO-WEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://delavallee-tea.com/img/my-shop-logo-1580913026.jpg Requested by Host: delavallee-tea.com URL: https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.130.25.23 , France, ASN35393 (EURO-WEB-AS, FR), Reverse DNS premrt1.phpnet.org Software nginx / Resource Hash `7c72401ab1af9e878e65d66701638330247162d3018a17643c9eecc2299086a7` Request headers Referer https://delavallee-tea.com/works/updater2020/update/?email=craig.froelich@baml.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Tue, 11 Feb 2020 06:52:24 GMT content-encoding gzip last-modified Wed, 05 Feb 2020 14:30:26 GMT server nginx etag "a7ed-59dd4ff5bddb4-gzip" vary Accept-Encoding content-type image/jpeg status 200 accept-ranges bytes content-length 42629

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.delavallee-tea.com/	1970-01-19 07:45:31	Name: PrestaShop-9085077627ba476bd3eb8faa345cd38f Value: def502004fd881eeda4d058aa71a99c47977e6609c0d7a1bc87813ca2be52736976c3979b4a8912e9eddd8847bcec8ac6b530fc2a928a7280b45fae987a38643b74e0f75198cf3b1d90dc0d29dbec5dcdfb24c44fa90fb7731540b94e4d6f889214fb75396f39232a4c85c05b9c87ce8101b95df4742833595db8534f871a9adffb4d7e20a9ea7a4d2ee79051e4afb444fda3c6952d202f99beca151895243adb28c35a2eb82aa81c4af89b62153abe768ba3bb3

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

delavallee-tea.com
www.soluzionefarmacia.it
185.96.204.96
188.130.25.23
7c72401ab1af9e878e65d66701638330247162d3018a17643c9eecc2299086a7
e05a316e113a1f370e87ae6c09cbc2c3a6c450f4f8fad0adc9c0e7b30d89035d
fe82b1df5eba0353572fc1cbdc3ade0022afd5618609263d0513f843313c333c

delavallee-tea.com Open in urlscan Pro 188.130.25.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

44 kBTransfer

44 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

delavallee-tea.com Open in urlscan Pro
188.130.25.23 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

44 kB
Transfer

44 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions