www.assettocorsa.it Open in urlscan Pro
31.11.36.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://assettocorsa.net/
Effective URL:
https://www.assettocorsa.it/en/
Submission: On March 16 via api (March 16th 2022, 9:48:08 am UTC) from GB — Scanned from IT

Summary HTTP 20 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 31.11.36.8, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.assettocorsa.it.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on February 26th 2022. Valid for: a year.

This is the only time www.assettocorsa.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.149.128.160 62.149.128.160	31034 (ARUBA-ASN) (ARUBA-ASN)
1 1	89.46.106.87 89.46.106.87	31034 (ARUBA-ASN) (ARUBA-ASN)
1 10	31.11.36.8 31.11.36.8	31034 (ARUBA-ASN) (ARUBA-ASN)
3	104.111.214.240 104.111.214.240	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	185.30.21.27 185.30.21.27	60527 (XSOLLA-AS) (XSOLLA-AS)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	46.101.132.18 46.101.132.18	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	185.30.21.21 185.30.21.21	60527 (XSOLLA-AS) (XSOLLA-AS)
1	104.111.252.240 104.111.252.240	16625 (AKAMAI-AS) (AKAMAI-AS)
20	8

1 62.149.128.160 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: mxd1.aruba.it

assettocorsa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.46.106.87 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: webx1206.aruba.it

www.assettocorsa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 31.11.36.8 (Arezzo, Italy) 1 redirects

ASN31034 (ARUBA-ASN, IT)
PTR: webx1482.aruba.it

www.assettocorsa.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.214.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-240.deploy.static.akamaitechnologies.com

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.30.21.27 (United States)

ASN60527 (XSOLLA-AS, US)

static.xsolla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.101.132.18 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.30.21.21 (United States)

ASN60527 (XSOLLA-AS, US)

secure.xsolla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.252.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-252-240.deploy.static.akamaitechnologies.com

cdn.xsolla.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	assettocorsa.it 1 redirects www.assettocorsa.it	513 KB
5	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 10141 www.iubenda.com — Cisco Umbrella Rank: 11987 hits-i.iubenda.com — Cisco Umbrella Rank: 11059	58 KB
3	xsolla.com static.xsolla.com — Cisco Umbrella Rank: 108837 secure.xsolla.com — Cisco Umbrella Rank: 61653	136 KB
2	assettocorsa.net 2 redirects assettocorsa.net www.assettocorsa.net	498 B
1	xsolla.net cdn.xsolla.net — Cisco Umbrella Rank: 87854	1 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	349 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	63 KB
20	7

	Domain	Requested by
10	www.assettocorsa.it	1 redirects www.assettocorsa.it
2	secure.xsolla.com	www.assettocorsa.it static.xsolla.com
2	hits-i.iubenda.com	cdn.iubenda.com
2	cdn.iubenda.com	www.assettocorsa.it cdn.iubenda.com
1	cdn.xsolla.net	www.assettocorsa.it
1	www.google-analytics.com	www.googletagmanager.com
1	www.iubenda.com	cdn.iubenda.com
1	static.xsolla.com	www.assettocorsa.it
1	www.googletagmanager.com	www.assettocorsa.it
1	www.assettocorsa.net	1 redirects
1	assettocorsa.net	1 redirects
20	11

This site contains links to these domains. Also see Links.

Domain
store.steampowered.com
console.assettocorsa.net
acc.505games.com

Subject Issuer	Validity	Valid
*.assettocorsa.it Actalis Domain Validation Server CA G3	`2022-02-26` - `2023-03-29`	a year	crt.sh
www.iubenda.com DigiCert SHA2 Secure Server CA	`2022-01-31` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.xsolla.com Thawte RSA CA 2018	`2021-08-23` - `2022-09-23`	a year	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-14`	a year	crt.sh
cdn.xsolla.net DigiCert SHA2 Secure Server CA	`2021-10-01` - `2022-09-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.assettocorsa.it/en/
Frame ID: ECDC9FA05E2880885788261F6B4D028A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Assetto Corsa

Page URL History Show full URLs

http://assettocorsa.net/ HTTP 302
http://www.assettocorsa.net/ HTTP 301
https://www.assettocorsa.it/ HTTP 302
https://www.assettocorsa.it/en/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Page Statistics

20
Requests

100 %
HTTPS

20 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

771 kB
Transfer

1549 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://store.steampowered.com/app/244210/Assetto_Corsa/
Title: Buy Now (PC)

Search URL Search Domain Scan URL

URL: http://console.assettocorsa.net/
Title: Buy Now (Console)

Search URL Search Domain Scan URL

URL: https://acc.505games.com/
Title: Buy Now (Console)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://assettocorsa.net/ HTTP 302
http://www.assettocorsa.net/ HTTP 301
https://www.assettocorsa.it/ HTTP 302
https://www.assettocorsa.it/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.assettocorsa.it/en/
Redirect Chain

http://assettocorsa.net/
http://www.assettocorsa.net/
https://www.assettocorsa.it/
https://www.assettocorsa.it/en/

12 KB
4 KB

2793ms
2793ms

Document
text/html

31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 8d8e3ac1d350473fc9e9cbd6007e9768b0ca68e2b50de9e28faaaa5307caf1cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: it-IT,it;q=0.9

Response headers

server: aruba-proxy
date: Wed, 16 Mar 2022 09:48:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <https://www.assettocorsa.it/wp-json/>; rel="https://api.w.org/", <https://www.assettocorsa.it/wp-json/wp/v2/pages/5402>; rel="alternate"; type="application/json", <https://www.assettocorsa.it/>; rel=shortlink
x-servername: ipvsproxy241.ad.aruba.it
content-encoding: gzip

Redirect headers

server: aruba-proxy
date: Wed, 16 Mar 2022 09:47:59 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.assettocorsa.it/en/
vary: Accept-Language
x-redirect-by: Polylang
x-servername: ipvsproxy241.ad.aruba.it

GET
H2 200 main.min.css
www.assettocorsa.it/competizione/wp-content/themes/fosfostrap/_style/build/css/ 130 KB
22 KB 111ms
111ms Stylesheet
text/css 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.assettocorsa.it/competizione/wp-content/themes/fosfostrap/_style/build/css/main.min.css
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: f396748e114094ca7843353edb432bbf7027cf1c0374c8e3cbf4405326c3f9e9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
pragma: public
date: Wed, 16 Mar 2022 09:48:02 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 27 Aug 2021 14:16:14 GMT
server: aruba-proxy
etag: "207c3-5ca8b2042d2cd-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 21909
expires: Thu, 16 Mar 2023 09:48:02 GMT

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 591 B
563 B 90ms
26ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9864dbd8e2058f3f0882606a88af4b52dfa2e68de88ce00df00fb1feb70b310a

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:48:02 GMT
content-encoding: br
last-modified: Tue, 15 Mar 2022 08:51:09 GMT
etag: "6230537d-133"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=10800
content-type: application/javascript
content-length: 307
expires: Wed, 16 Mar 2022 12:48:02 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 120ms
61ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2ZY9QWWFH6

Requested by

Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a75f977eed4570e346ab7271a0c216e4e9d9142a526eb5d39c42b36cdaec398e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:48:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64312
x-xss-protection: 0
expires: Wed, 16 Mar 2022 09:48:03 GMT

GET
H2 200 AssettoCorsa-lungo.svg
www.assettocorsa.it/wp-content/themes/AssettoCorsa/00-Style-Dev/img/ 7 KB
3 KB 33ms
33ms Image
image/svg+xml 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/wp-content/themes/AssettoCorsa/00-Style-Dev/img/AssettoCorsa-lungo.svg
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 5417eb86a242a59c1c4be5cbde1347f01f8d7034d8c1e33bf48d76dac0ca5e37

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
date: Wed, 16 Mar 2022 09:48:02 GMT
content-encoding: gzip
last-modified: Mon, 11 Jan 2021 09:18:17 GMT
server: aruba-proxy
vary: Accept-Encoding
content-type: image/svg+xml

GET
H2 200 logo-acc-gtwc.png
www.assettocorsa.it/competizione/wp-content/themes/fosfostrap5/_assets/build/img/ 12 KB
12 KB 75ms
75ms Image
image/png 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/competizione/wp-content/themes/fosfostrap5/_assets/build/img/logo-acc-gtwc.png
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 98bec6f5c942c69d9c4435692b849b1f3934bce9f0f38cf6f0305568a1028e4d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
pragma: public
date: Wed, 16 Mar 2022 09:48:02 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 06 Jul 2021 11:13:37 GMT
server: aruba-proxy
etag: "2ed8-5c6728376b5bb"
vary: X-Forwarded-Proto,Accept-Encoding,Accept
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 11992
expires: Thu, 16 Mar 2023 09:48:02 GMT

GET
H2 200 logo_steam.png
www.assettocorsa.it/switch-img/ 6 KB
6 KB 41ms
40ms Image
image/png 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/switch-img/logo_steam.png
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
date: Wed, 16 Mar 2022 09:48:02 GMT
last-modified: Sat, 09 Jan 2021 08:39:26 GMT
server: aruba-proxy
accept-ranges: bytes
content-length: 6369
content-type: image/png

GET
H2 200 logo_ps4.png
www.assettocorsa.it/switch-img/ 3 KB
3 KB 38ms
38ms Image
image/png 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/switch-img/logo_ps4.png
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 11418c061460703478ac097404e6c45459c36b1ba440a0e57d43b2bd06932d2e

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
date: Wed, 16 Mar 2022 09:48:02 GMT
last-modified: Sat, 09 Jan 2021 08:39:26 GMT
server: aruba-proxy
accept-ranges: bytes
content-length: 2634
content-type: image/png

GET
H2 200 logo_xbox.png
www.assettocorsa.it/switch-img/ 7 KB
7 KB 42ms
42ms Image
image/png 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/switch-img/logo_xbox.png
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 7ef903df331cf8cdce7bacb4593ac34bd7dc526d5272056170d6d5eea679d76d

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
date: Wed, 16 Mar 2022 09:48:02 GMT
last-modified: Sat, 09 Jan 2021 08:39:26 GMT
server: aruba-proxy
accept-ranges: bytes
content-length: 7143
content-type: image/png

GET
H/1.1 200
OK widget.min.js Show response
static.xsolla.com/embed/pay2play/2.1.5/ 436 KB
130 KB 709ms
354ms Script
application/javascript 185.30.21.27
XSOLLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.xsolla.com/embed/pay2play/2.1.5/widget.min.js
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.30.21.27 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software: nginx /
Resource Hash: 31911c2160dd7e81c7dedd0d5b769f3b96c39052fc3c0d0b32f9ba2439e58aac

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 09:48:03 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=315360000
Connection: keep-alive
Link: <https://secure.xsolla.com/favicon.ico>; rel=preload; as=image, <https://cdn.xsolla.net/img/favicon.ico>; rel=preload; as=image
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AC-toRight.jpg
www.assettocorsa.it/switch-img/ 103 KB
103 KB 58ms
58ms Image
image/jpeg 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/switch-img/AC-toRight.jpg
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 09e4dbc0c43db6cdccaf518c33303999b15eb05c70d26ef6bbc8dda88e185a8b

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
date: Wed, 16 Mar 2022 09:48:02 GMT
last-modified: Sat, 09 Jan 2021 08:39:26 GMT
server: aruba-proxy
accept-ranges: bytes
content-length: 105025
content-type: image/jpeg

GET
H2 200 ACC-toLeft-2021.jpg
www.assettocorsa.it/switch-img/ 353 KB
353 KB 72ms
72ms Image
image/jpeg 31.11.36.8
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.assettocorsa.it/switch-img/ACC-toLeft-2021.jpg
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: webx1482.aruba.it
Software: aruba-proxy /
Resource Hash: 9b984fd1c92e958ec2af05fccfe3e0553a3820ecfe1078445f44b2b3d223c7e9

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-servername: ipvsproxy241.ad.aruba.it
date: Wed, 16 Mar 2022 09:48:02 GMT
last-modified: Fri, 27 Aug 2021 14:06:44 GMT
server: aruba-proxy
accept-ranges: bytes
content-length: 361345
content-type: image/jpeg

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/ 271 KB
56 KB 26ms
26ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-240.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f694ce570f9785dd10d595f5c5f75821386fcac08c115eac501fc465f7135af4

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:48:02 GMT
content-encoding: br
last-modified: Tue, 15 Mar 2022 08:51:08 GMT
etag: "6230537c-df69"
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
access-control-allow-origin: *
cache-control: public, must-revalidate, proxy-revalidate, max-age=31536000
content-type: application/javascript
content-length: 57193
expires: Thu, 16 Mar 2023 09:48:02 GMT

GET
H2 200 63378152.js Show response
www.iubenda.com/cookie-solution/confs/js/ 127 B
507 B 29ms
25ms Script
application/javascript 104.111.214.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.iubenda.com/cookie-solution/confs/js/63378152.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-240.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b9ddbbea9bbbc6f219ab0ccf160c8d7485fd90fdf6aba7153d2d8271d91b22b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000
access-control-request-method: *
etag: "620cfb81-7f"
content-encoding: gzip
content-length: 126
last-modified: Wed, 16 Feb 2022 13:26:25 GMT
server: nginx
date: Wed, 16 Mar 2022 09:48:03 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, PUT, DELETE, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
expires: Thu, 17 Mar 2022 09:48:03 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
349 B 96ms
36ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2ZY9QWWFH6&gtm=2oe3e0&_p=613124199&sr=1600x1200&ul=en-us&cid=1236207231.1647424083&_s=1&dl=https%3A%2F%2Fwww.assettocorsa.it%2Fen%2F&dt=Assetto%20Corsa&sid=1647424083&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZY9QWWFH6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 09:48:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.assettocorsa.it
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
402 B 31ms
31ms XHR
text/plain 46.101.132.18
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.36.2/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.132.18 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer: https://www.assettocorsa.it/
Accept-Language: it-IT,it;q=0.9
Authorization: Basic aGl0czFfdTpoaXRzMV91cHdk
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 16 Mar 2022 09:48:03 GMT
server: nginx
x-influxdb-build: OSS
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://www.assettocorsa.it
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
request-id: 2c4d9583-a50e-11ec-9ef1-0242ac110002
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
x-influxdb-version: 1.8.2
x-request-id: 2c4d9583-a50e-11ec-9ef1-0242ac110002

OPTIONS
H2 204 write
hits-i.iubenda.com/ 0
0 80ms
24ms Preflight
text/plain 46.101.132.18
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.101.132.18 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://www.assettocorsa.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 16 Mar 2022 09:48:03 GMT
access-control-allow-origin: https://www.assettocorsa.it
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: *, authorization
access-control-max-age: 1728000
access-control-allow-credentials: true
content-length: 0
content-type: text/plain charset=UTF-8

GET
H/1.1 200
OK favicon.ico
secure.xsolla.com/ 32 KB
3 KB 537ms
179ms Image
image/x-icon 185.30.21.21
XSOLLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.xsolla.com/favicon.ico

Requested by

Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.30.21.21 , United States, ASN60527 (XSOLLA-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

6096c75480b69d48d95d4fac4d3011e4a1d1ba3438886b713ae6d76287523389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 09:48:04 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/x-icon
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 favicon.ico
cdn.xsolla.net/img/ 1 KB
1 KB 100ms
26ms Image
image/x-icon 104.111.252.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.xsolla.net/img/favicon.ico
Requested by: Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.252.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-240.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8644480307d609cba80a33f9e6e11527600895cfb8fabfa7738aeac5badd79a3

Request headers

Accept-Language: it-IT,it;q=0.9
Referer: https://www.assettocorsa.it/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 09:48:03 GMT
content-encoding: gzip
last-modified: Sat, 13 Jul 2013 20:17:30 GMT
server: nginx
etag: W/"51e1b5da-57e"
vary: Accept-Encoding
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=315360000, public
timing-allow-origin: *
content-length: 821
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H/1.1 200
OK init Show response
secure.xsolla.com/paystation2/api/pay2play/ 5 KB
2 KB 662ms
307ms XHR
application/json 185.30.21.21
XSOLLA-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.xsolla.com/paystation2/api/pay2play/init

Requested by

Host: static.xsolla.com
URL: https://static.xsolla.com/embed/pay2play/2.1.5/widget.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.30.21.21 , United States, ASN60527 (XSOLLA-AS, US),

Reverse DNS

Software

nginx /

Resource Hash

a35a300e63615bf268e59acba5849609c1a71659928e1f4afcdb954c2951a8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.assettocorsa.it/
Accept-Language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache, no-cache
Date: Wed, 16 Mar 2022 09:48:04 GMT
Content-Encoding: gzip
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, max-age=0, must-revalidate, no-store, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.assettocorsa.it/	1970-01-20 10:22:40	Name: pll_language Value: en
.assettocorsa.it/	1970-01-20 19:08:16	Name: _ga Value: GA1.1.1236207231.1647424083
.assettocorsa.it/	1970-01-20 19:08:16	Name: _ga_2ZY9QWWFH6 Value: GS1.1.1647424083.1.0.1647424084.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.assettocorsa.it/en/ Message: The resource https://cdn.xsolla.net/img/favicon.ico was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.assettocorsa.it/en/ Message: The resource https://secure.xsolla.com/favicon.ico was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assettocorsa.net
cdn.iubenda.com
cdn.xsolla.net
hits-i.iubenda.com
secure.xsolla.com
static.xsolla.com
www.assettocorsa.it
www.assettocorsa.net
www.google-analytics.com
www.googletagmanager.com
www.iubenda.com
104.111.214.240
104.111.252.240
185.30.21.21
185.30.21.27
2a00:1450:4001:808::200e
2a00:1450:4001:82f::2008
31.11.36.8
46.101.132.18
62.149.128.160
89.46.106.87
09e4dbc0c43db6cdccaf518c33303999b15eb05c70d26ef6bbc8dda88e185a8b
11418c061460703478ac097404e6c45459c36b1ba440a0e57d43b2bd06932d2e
31911c2160dd7e81c7dedd0d5b769f3b96c39052fc3c0d0b32f9ba2439e58aac
5417eb86a242a59c1c4be5cbde1347f01f8d7034d8c1e33bf48d76dac0ca5e37
5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699
6096c75480b69d48d95d4fac4d3011e4a1d1ba3438886b713ae6d76287523389
7ef903df331cf8cdce7bacb4593ac34bd7dc526d5272056170d6d5eea679d76d
8644480307d609cba80a33f9e6e11527600895cfb8fabfa7738aeac5badd79a3
8d8e3ac1d350473fc9e9cbd6007e9768b0ca68e2b50de9e28faaaa5307caf1cd
9864dbd8e2058f3f0882606a88af4b52dfa2e68de88ce00df00fb1feb70b310a
98bec6f5c942c69d9c4435692b849b1f3934bce9f0f38cf6f0305568a1028e4d
9b984fd1c92e958ec2af05fccfe3e0553a3820ecfe1078445f44b2b3d223c7e9
a35a300e63615bf268e59acba5849609c1a71659928e1f4afcdb954c2951a8e0
a75f977eed4570e346ab7271a0c216e4e9d9142a526eb5d39c42b36cdaec398e
b9ddbbea9bbbc6f219ab0ccf160c8d7485fd90fdf6aba7153d2d8271d91b22b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f396748e114094ca7843353edb432bbf7027cf1c0374c8e3cbf4405326c3f9e9
f694ce570f9785dd10d595f5c5f75821386fcac08c115eac501fc465f7135af4

www.assettocorsa.it Open in urlscan Pro 31.11.36.8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

20 %IPv6

7 Domains

11 Subdomains

8 IPs

3 Countries

771 kBTransfer

1549 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

3 Cookies

2 Console Messages

Indicators

www.assettocorsa.it Open in urlscan Pro
31.11.36.8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

20 %
IPv6

7
Domains

11
Subdomains

8
IPs

3
Countries

771 kB
Transfer

1549 kB
Size

3
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!