www.alessioramaccioni.it

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 89.46.106.82, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.alessioramaccioni.it.
TLS certificate: Issued by Actalis Domain Validation Server CA G2 on December 5th 2019. Valid for: a year.

This is the only time www.alessioramaccioni.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address		AS Autonomous System
3	89.46.106.82 89.46.106.82		31034 (ARUBA-ASN) (ARUBA-ASN)
3	1

3 89.46.106.82 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: webx1201.aruba.it

www.alessioramaccioni.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	alessioramaccioni.it www.alessioramaccioni.it	65 KB
3	1

	Domain	Requested by
3	www.alessioramaccioni.it	www.alessioramaccioni.it
3	1

This site contains no links.

Subject Issuer	Validity	Valid
*.alessioramaccioni.it Actalis Domain Validation Server CA G2	`2019-12-05` - `2020-12-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r/
Frame ID: B29C1AF032953399C1B737E3F0AF6873
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

65 kB
Transfer

142 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.alessioramaccioni.it/wp-includes/css/dist/b2020r/	491 B 633 B	410ms 242ms	Document text/html	89.46.106.82 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.46.106.82 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1201.aruba.it Software aruba-proxy / Resource Hash `8d06b299c4dec483c1878d37e63988a9b76f4a496b6fda67cab0e217bff8df7d` Request headers :method GET :authority www.alessioramaccioni.it :scheme https :path /wp-includes/css/dist/b2020r/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 server aruba-proxy date Thu, 23 Jan 2020 07:42:41 GMT content-type text/html; charset=UTF-8 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache set-cookie cazanova=e352c2e2fc9b6a688cbe2db8ba3de7fa3c2890c1; expires=Thu, 23-Jan-2020 09:42:41 GMT; Max-Age=7200; path=/; HttpOnly vary Accept-Encoding content-encoding gzip x-servername ipvsproxy102.ad.aruba.it
GET H2	200	captcha.js Show response www.alessioramaccioni.it/wp-includes/css/dist/b2020r//assets/js/	123 KB 45 KB	113ms 113ms	Script application/javascript	89.46.106.82 ARUBA-ASN
General Check archive.org Show headers Download Go to Full URL https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r//assets/js/captcha.js Requested by Host: www.alessioramaccioni.it URL: https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.46.106.82 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1201.aruba.it Software aruba-proxy / Resource Hash `abda937cf2741f8b08acc1fa946f155ee91073120f8de3dbcd26f70fc24f698b` Request headers Referer https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-servername ipvsproxy102.ad.aruba.it date Thu, 23 Jan 2020 07:42:41 GMT content-encoding gzip last-modified Mon, 07 Oct 2019 15:02:48 GMT server aruba-proxy etag "1ecbb-59453584a1600-gzip" vary Accept-Encoding content-type application/javascript status 200 accept-ranges bytes content-length 45839
GET H2	200	captcha.png www.alessioramaccioni.it/wp-includes/css/dist/b2020r//	19 KB 19 KB	273ms 273ms	Image image/png	89.46.106.82 ARUBA-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r//captcha.png?_1579765364038 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 89.46.106.82 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT), Reverse DNS webx1201.aruba.it Software aruba-proxy / Resource Hash `4530f6d6393462bdbb6231a87d1ce066c92dc65e5a2fb867a084d30a5acb3cc3` Request headers Referer https://www.alessioramaccioni.it/wp-includes/css/dist/b2020r/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-servername ipvsproxy102.ad.aruba.it pragma no-cache date Thu, 23 Jan 2020 07:42:44 GMT content-encoding gzip server aruba-proxy vary Accept-Encoding content-type image/png status 200 cache-control no-store, no-cache, must-revalidate content-length 19183 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.alessioramaccioni.it/	1970-01-19 06:49:32	Name: cazanova Value: e352c2e2fc9b6a688cbe2db8ba3de7fa3c2890c1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.alessioramaccioni.it
89.46.106.82
4530f6d6393462bdbb6231a87d1ce066c92dc65e5a2fb867a084d30a5acb3cc3
8d06b299c4dec483c1878d37e63988a9b76f4a496b6fda67cab0e217bff8df7d
abda937cf2741f8b08acc1fa946f155ee91073120f8de3dbcd26f70fc24f698b

www.alessioramaccioni.it Open in urlscan Pro 89.46.106.82 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

65 kBTransfer

142 kBSize

1 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

1 Cookies

Indicators

www.alessioramaccioni.it Open in urlscan Pro
89.46.106.82 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

65 kB
Transfer

142 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!