meta.amicidelvinile.it Open in urlscan Pro
80.88.87.206 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://meta.amicidelvinile.it/
Effective URL:
https://meta.amicidelvinile.it/
Submission: On July 02 via api (July 2nd 2024, 12:07:31 pm UTC) from US — Scanned from IT

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 17 HTTP transactions. The main IP is 80.88.87.206, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is meta.amicidelvinile.it.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 23rd 2024. Valid for: 3 months.

This is the only time meta.amicidelvinile.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Chase (Banking)

Domain & IP information

	IP Address	AS Autonomous System
5	80.88.87.206 80.88.87.206	31034 (ARUBA-ASN) (ARUBA-ASN)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2.21.20.28 2.21.20.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	4

5 80.88.87.206 (Arezzo, Italy)

ASN31034 (ARUBA-ASN, IT)
PTR: linc015.arubabusiness.it

meta.amicidelvinile.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.21.20.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-28.deploy.static.akamaitechnologies.com

static.chasecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 5357	303 KB
5	chasecdn.com static.chasecdn.com — Cisco Umbrella Rank: 8320	366 KB
5	amicidelvinile.it meta.amicidelvinile.it	76 KB
17	3

	Domain	Requested by
6	ka-f.fontawesome.com	kit.fontawesome.com
5	static.chasecdn.com	meta.amicidelvinile.it
5	meta.amicidelvinile.it	meta.amicidelvinile.it
1	kit.fontawesome.com	meta.amicidelvinile.it
17	4

This site contains links to these domains. Also see Links.

Domain
secure05ea.chase.com

Subject Issuer	Validity	Valid
meta.amicidelvinile.it cPanel, Inc. Certification Authority	`2024-04-23` - `2024-07-22`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh
static2.chasecdn.com Entrust Certification Authority - L1M	`2024-04-08` - `2025-04-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://meta.amicidelvinile.it/
Frame ID: 5E6FED46622A6E05EE58360A9328F55B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in - chase.com

Page URL History Show full URLs

http://meta.amicidelvinile.it/ HTTP 307
https://meta.amicidelvinile.it/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

745 kB
Transfer

1439 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://secure05ea.chase.com/web/auth/?fromOrigin=https://secure05ea.chase.com
Title: Chase.com homepage

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://meta.amicidelvinile.it/ HTTP 307
https://meta.amicidelvinile.it/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
meta.amicidelvinile.it/
Redirect Chain

http://meta.amicidelvinile.it/
https://meta.amicidelvinile.it/

28 KB
5 KB

408ms
158ms

Document
text/html

80.88.87.206
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.amicidelvinile.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.88.87.206 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: linc015.arubabusiness.it
Software: LiteSpeed /
Resource Hash: 0a2541365b8f6b6ecf37c25acece36bf0f8142aff4258a9c81be5e1b64171a34

Request headers

Accept-Language: it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 4821
content-type: text/html
date: Tue, 02 Jul 2024 12:07:24 GMT
last-modified: Tue, 11 Apr 2023 23:28:44 GMT
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

Location: https://meta.amicidelvinile.it/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 fd69f7a966.js Show response
kit.fontawesome.com/ 12 KB
5 KB 686ms
215ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/fd69f7a966.js
Requested by: Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5730ae022b37d48ca9b7a3cdfc2a1dc1515fdc96c453a936184cf59e807567e8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Origin: https://meta.amicidelvinile.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 89ce83f14dfabb17-MXP
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F928sWb6sqD0m3lO-UUB

GET
H2 404 mds-chase-icons.css
meta.amicidelvinile.it/ 0
0 76ms
74ms Stylesheet
text/html 80.88.87.206
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.amicidelvinile.it/mds-chase-icons.css
Requested by: Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.88.87.206 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: linc015.arubabusiness.it
Software: LiteSpeed /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 02 Jul 2024 12:07:24 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1251
content-type: text/html

GET
H2 200 blue-ui.css
meta.amicidelvinile.it/css/ 498 KB
55 KB 131ms
130ms Stylesheet
text/css 80.88.87.206
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.amicidelvinile.it/css/blue-ui.css
Requested by: Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.88.87.206 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: linc015.arubabusiness.it
Software: LiteSpeed /
Resource Hash: 3303fd8e3e10ea99269b96fcffa1370d6e40a21f02a712920f875b04a91e3205

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:24 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 20:48:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 56260
expires: Tue, 09 Jul 2024 12:07:24 GMT

GET
H2 200 logon.css
meta.amicidelvinile.it/css/ 108 KB
15 KB 201ms
200ms Stylesheet
text/css 80.88.87.206
ARUBA-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.amicidelvinile.it/css/logon.css
Requested by: Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.88.87.206 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: linc015.arubabusiness.it
Software: LiteSpeed /
Resource Hash: e5d0a447f490c92ed00d4ddd4dccf8f6247c5a90af5597d612b0bd1ebed3cd70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:24 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 20:53:16 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15802
expires: Tue, 09 Jul 2024 12:07:24 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 101 KB
22 KB 795ms
210ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=fd69f7a966
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fd69f7a966.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
via: 1.1 8c91fcc64b7a86489661ea1249599ca2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 172019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8BD5T%2BM56FBjapxCDH0PTlkTVAZNbR%2FzcYfFliL%2FN8TB2CCbcsv0ohBVx%2Bx3GeWeo47H6azHIGBvREwWjZeO3x7gYnhXX0FfxDDFzWb0pCjziVVpe0VOobbu3YcBfksp6nd7Pn13Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89ce83f69bd0d696-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: vfvv-J44Ry-Oehg6UPshGoJEsstd6NZj2K5WC07DStDIdyjWWzJZgA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 920ms
336ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=fd69f7a966
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fd69f7a966.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
via: 1.1 5b23e906a0b30aeeaaccd141aadaa56c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 172019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cLeaShQ49Fc78hxvJvuJbb8aGrHxLEdkpZHW5zgN1FB9eXvWmAIgLsjNYDAkN8djazBXs3R0ygAUGEOMmn4w7K3A4Yc%2FZthJnLLz4FGNr2gO%2FAvNMBKmAq7speJPoNYT1E6aFk%2BJA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89ce83f69bcfd696-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: _yVBf_myi_JddPEgOIdduVLQwWYLxibyqhRrp4fDlGjJ-S_XDDhI1Q==

GET
H2 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 823 B
710 B 922ms
338ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=fd69f7a966
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fd69f7a966.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:26 GMT
via: 1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 172019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TmcqutDoZtcK%2FkdIfzyIGxkCMNumJPYGC00EMHiboGF8hM5z3bTl4w11M5pRVkGeFLFVcr448RKppV4QoRwkBPu42Wae%2Fk%2FHjQjT6cyiq6Pcef4DDyNfjUO%2Bf3yQaZhRPvZFleaPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89ce83f69bced696-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nZDRtjHIGkz35P5VAloU6L8WquD0o8BRZZ7du4IltRA5Pf4YdOPO4Q==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 2 KB
1 KB 791ms
208ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=fd69f7a966
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fd69f7a966.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
via: 1.1 e5b75c92aeb08b72d17d5fe9dd0647e0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 172019
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxouORFCTmv9H279T%2BfzTAoJ%2FS6yma7ily6BbOGYHBl4Iby9uzjxkW2VGdZsYHegepxtLvpXS%2BovNkpp1k1yq2%2FaKdNdt%2BRORzX1ZSck1ZnyQKTJcEet0jTUk9CLhoAo8wnWwkTh1g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 89ce83f69bcbd696-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: _70fJ8vMS712XXbKCuvPX4-17qErgbMs1C-5yb7HAIhyuxg2uMMesQ==

GET
H2 200 wordmark-white.svg
meta.amicidelvinile.it/img/ 1 KB
742 B 71ms
70ms Image
image/svg+xml 80.88.87.206
ARUBA-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meta.amicidelvinile.it/img/wordmark-white.svg
Requested by: Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/css/logon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 80.88.87.206 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS: linc015.arubabusiness.it
Software: LiteSpeed /
Resource Hash: d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/css/logon.css
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:25 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 20:53:14 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 628
expires: Tue, 09 Jul 2024 12:07:25 GMT

GET
H2 200 background.desktop.day.1.jpeg
static.chasecdn.com/content/geo-images/images/ 299 KB
299 KB 327ms
81ms Image
image/jpeg 2.21.20.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.chasecdn.com/content/geo-images/images/background.desktop.day.1.jpeg

Requested by

Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

01978e63789284edde4bb064e7d3215fad57fb5b7ea373b031b5b97021868085

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-dispatcher: dispatcher8useast1-28575362
date: Tue, 02 Jul 2024 12:07:26 GMT
strict-transport-security: max-age=86400 ; preload
last-modified: Thu, 25 Apr 2024 15:46:06 GMT
x-ams-migration: TRUE
x-amzn-trace-id: 0.5c173317.1719922046.413be6b
x-vhost: private-publish
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719922046044_389224284_68402795_24_3615_39_119_219";dur=1
accept-ranges: bytes
content-length: 306152

GET
H2 200 opensans-regular.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ 24 KB
25 KB 316ms
85ms Font
font/woff 2.21.20.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/dam/cpo-static/fonts/opensans-regular.woff

Requested by

Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Origin: https://meta.amicidelvinile.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-dispatcher: dispatcher2useast1-28539364
date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; preload
last-modified: Sat, 06 Apr 2024 05:32:01 GMT
x-ams-migration: TRUE
x-amzn-trace-id: 0.5c173317.1719922046.413bf3e
x-vhost: private-publish
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719922046060_389224284_68403006_21_3596_37_0_255";dur=1
accept-ranges: bytes
content-length: 24762

GET
H2 200 opensans-bold.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ 14 KB
14 KB 416ms
185ms Font
font/woff 2.21.20.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/dam/cpo-static/fonts/opensans-bold.woff

Requested by

Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

0634f735018d63980fb935914bd910ebd51ed5ed0a03c8811607aca0c2e7c532

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Origin: https://meta.amicidelvinile.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-dispatcher: dispatcher6useast1-28628439
date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; preload
last-modified: Thu, 13 Jun 2024 22:54:46 GMT
x-ams-migration: TRUE
x-amzn-trace-id: 0.5c173317.1719922046.413bf40
x-vhost: private-publish
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719922046199_389224284_68403008_16_4335_37_139_255";dur=1
accept-ranges: bytes
content-length: 13902

GET
H2 200 opensans-semibold.woff
static.chasecdn.com/content/dam/cpo-static/fonts/ 25 KB
25 KB 384ms
153ms Font
font/woff 2.21.20.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/dam/cpo-static/fonts/opensans-semibold.woff

Requested by

Host: meta.amicidelvinile.it
URL: https://meta.amicidelvinile.it/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Origin: https://meta.amicidelvinile.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-dispatcher: dispatcher7useast1-28628439
date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; preload
last-modified: Sat, 15 Jun 2024 15:23:25 GMT
x-ams-migration: TRUE
x-amzn-trace-id: 0.5c173317.1719922046.413bf3f
x-vhost: private-publish
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719922046199_389224284_68403007_16_3576_37_0_255";dur=1
accept-ranges: bytes
content-length: 25008

GET
H2 200 chasefavicon.ico
static.chasecdn.com/content/dam/cpo-static/images/ 31 KB
3 KB 128ms
127ms Other
image/vnd.microsoft.icon 2.21.20.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.chasecdn.com/content/dam/cpo-static/images/chasefavicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-21-20-28.deploy.static.akamaitechnologies.com

Software

Resource Hash

625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-dispatcher: dispatcher6useast1-28628439
date: Tue, 02 Jul 2024 12:07:26 GMT
content-encoding: gzip
strict-transport-security: max-age=86400 ; preload
last-modified: Fri, 14 Jun 2024 01:21:43 GMT
x-ams-migration: TRUE
x-amzn-trace-id: 0.5c173317.1719922046.413c6a4
x-vhost: private-publish
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1719922046543_389224284_68404900_13_3215_44_0_219";dur=1
accept-ranges: bytes
content-length: 2460

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 153 KB
153 KB 366ms
364ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-solid-900.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Origin: https://meta.amicidelvinile.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:27 GMT
via: 1.1 4eac31fa332b238427dad87ea3716264.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 172020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 156388
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "ae015e3286ef56a0daf8e83838a32a88"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQGvfc8qdmTjkilc652dT1hgA1vUcEEljvGiry5jLZ7w3YvV9eQUphBD0vmiAlv8Xn5hU7vZXSA%2FDAQcnsR%2FFz6Vo7x731NpgaBUfNN8DoTCrH%2BxSc1m9w27kibuO9bWbks8yhwOvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 89ce83fa6fdcd696-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: DPedYZm0jR0-10OZXpCxBBCbswfenZeDRJg6_nlU1YlRk0dmqiD7Yg==

GET
H2 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 115 KB
116 KB 467ms
467ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://meta.amicidelvinile.it/
Origin: https://meta.amicidelvinile.it
Accept-Language: it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 02 Jul 2024 12:07:27 GMT
via: 1.1 7945bb9729c0979279f468dfe8446e58.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: CDG52-P2
age: 172020
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 117856
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "5674af1ac41fe62c1b4568cbb6a031ff"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98mLeANOz89UkydkuFUFvsKlG8Dnp4468EnrkFwxPClq74y%2F6BrY0IuGg8dLr%2BFv9vt%2FfMfOf98nExY2W6uaWP7XppBH1eEQa66XqshljSTEi%2FB1WripOqGzR%2FAyZoB0ctZHkrnq9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 89ce83fa6fe0d696-CDG
access-control-allow-headers: fa-kit-token
x-amz-cf-id: -2T7-6yyhxUvSpw170Jb8l1SOcaGeC3oVqsRw01V38MzO8kIxgCtRg==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Chase (Banking)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://meta.amicidelvinile.it/mds-chase-icons.css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ka-f.fontawesome.com
kit.fontawesome.com
meta.amicidelvinile.it
static.chasecdn.com
172.64.147.188
172.67.139.119
2.21.20.28
80.88.87.206
01978e63789284edde4bb064e7d3215fad57fb5b7ea373b031b5b97021868085
0634f735018d63980fb935914bd910ebd51ed5ed0a03c8811607aca0c2e7c532
0a2541365b8f6b6ecf37c25acece36bf0f8142aff4258a9c81be5e1b64171a34
0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
3303fd8e3e10ea99269b96fcffa1370d6e40a21f02a712920f875b04a91e3205
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
41dca0965bdfd255f85e7fc8e9a3dc1fe3eb810996c553d4ef2b8872737ee825
5730ae022b37d48ca9b7a3cdfc2a1dc1515fdc96c453a936184cf59e807567e8
625816f80596303e9de8e68695973369faa462b416202825b03899c781464fb9
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
b8422277fc69c8e6ab51112dbf25048e40425cc497490fee251b56d7ef0ca179
d2113460c69de50edc6206a20deec3c2bc2733929f53817f1faca74ab34c33e3
d3bf9c143e5e360da41736b1d4e833b5ac6b6f7093ddc91ffc538233a78488d0
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e5d0a447f490c92ed00d4ddd4dccf8f6247c5a90af5597d612b0bd1ebed3cd70
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

meta.amicidelvinile.it Open in urlscan Pro 80.88.87.206 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

4 IPs

3 Countries

745 kBTransfer

1439 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

meta.amicidelvinile.it Open in urlscan Pro
80.88.87.206 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

745 kB
Transfer

1439 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!