www.assettocorsa.it Open in urlscan Pro
31.11.36.8  Malicious Activity! Public Scan

Submitted URL: http://www.assettocorsa.it/
Effective URL: https://www.assettocorsa.it/en/
Submission: On October 25 via api from US — Scanned from IT

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main IP is 31.11.36.8, located in Arezzo, Italy and belongs to ARUBA-ASN, IT. The main domain is www.assettocorsa.it.
TLS certificate: Issued by Actalis Domain Validation Server CA G3 on February 26th 2022. Valid for: a year.
This is the only time www.assettocorsa.it was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Steam (Gaming)

Domain & IP information

IP Address AS Autonomous System
2 11 31.11.36.8 31034 (ARUBA-ASN)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:400... 15169 (GOOGLE)
1 185.30.21.27 60527 (XSOLLA-AS)
2 2001:4860:480... 15169 (GOOGLE)
1 138.199.37.226 60068 (CDN77 ^_^)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
2 185.30.21.21 60527 (XSOLLA-AS)
1 96.16.146.196 16625 (AKAMAI-AS)
21 9
Apex Domain
Subdomains
Transfer
11 assettocorsa.it
www.assettocorsa.it
513 KB
5 iubenda.com
cdn.iubenda.com — Cisco Umbrella Rank: 10143
www.iubenda.com — Cisco Umbrella Rank: 11527
hits-i.iubenda.com — Cisco Umbrella Rank: 11472
62 KB
3 xsolla.com
static.xsolla.com — Cisco Umbrella Rank: 141515
secure.xsolla.com — Cisco Umbrella Rank: 77919
136 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2668
403 B
1 xsolla.net
cdn.xsolla.net — Cisco Umbrella Rank: 123230
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
75 KB
21 6
Domain Requested by
11 www.assettocorsa.it 2 redirects www.assettocorsa.it
2 secure.xsolla.com www.assettocorsa.it
static.xsolla.com
2 hits-i.iubenda.com cdn.iubenda.com
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.iubenda.com www.assettocorsa.it
cdn.iubenda.com
1 cdn.xsolla.net www.assettocorsa.it
1 www.iubenda.com cdn.iubenda.com
1 static.xsolla.com www.assettocorsa.it
1 www.googletagmanager.com www.assettocorsa.it
21 9

This site contains links to these domains. Also see Links.

Domain
store.steampowered.com
console.assettocorsa.net
acc.505games.com
Subject Issuer Validity Valid
*.assettocorsa.it
Actalis Domain Validation Server CA G3
2022-02-26 -
2023-03-29
a year crt.sh
*.iubenda.com
Sectigo RSA Domain Validation Secure Server CA
2022-01-14 -
2023-02-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-09-26 -
2022-12-19
3 months crt.sh
*.xsolla.com
Thawte RSA CA 2018
2022-09-05 -
2023-09-25
a year crt.sh
cdn.xsolla.net
DigiCert TLS RSA SHA256 2020 CA1
2022-09-27 -
2023-09-27
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.assettocorsa.it/en/
Frame ID: B9B5CB0E5714A809265E8555AC498199
Requests: 20 HTTP requests in this frame

Screenshot

Page Title

Assetto Corsa

Page URL History Show full URLs

  1. http://www.assettocorsa.it/ HTTP 301
    https://www.assettocorsa.it/ HTTP 302
    https://www.assettocorsa.it/en/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • iubenda\.com/cookie-solution/confs/js/

Page Statistics

21
Requests

100 %
HTTPS

44 %
IPv6

6
Domains

9
Subdomains

9
IPs

4
Countries

787 kB
Transfer

1614 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.assettocorsa.it/ HTTP 301
    https://www.assettocorsa.it/ HTTP 302
    https://www.assettocorsa.it/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.assettocorsa.it/en/
Redirect Chain
  • http://www.assettocorsa.it/
  • https://www.assettocorsa.it/
  • https://www.assettocorsa.it/en/
12 KB
4 KB
Document
General
Full URL
https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
8d8e3ac1d350473fc9e9cbd6007e9768b0ca68e2b50de9e28faaaa5307caf1cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 02:02:50 GMT
link
<https://www.assettocorsa.it/wp-json/>; rel="https://api.w.org/", <https://www.assettocorsa.it/wp-json/wp/v2/pages/5402>; rel="alternate"; type="application/json", <https://www.assettocorsa.it/>; rel=shortlink
server
aruba-proxy
vary
Accept-Encoding
x-servername
ipvsproxy241.ad.aruba.it

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 25 Oct 2022 02:02:49 GMT
location
https://www.assettocorsa.it/en/
server
aruba-proxy
vary
Accept-Language
x-redirect-by
Polylang
x-servername
ipvsproxy241.ad.aruba.it
main.min.css
www.assettocorsa.it/competizione/wp-content/themes/fosfostrap/_style/build/css/
130 KB
22 KB
Stylesheet
General
Full URL
https://www.assettocorsa.it/competizione/wp-content/themes/fosfostrap/_style/build/css/main.min.css
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
f396748e114094ca7843353edb432bbf7027cf1c0374c8e3cbf4405326c3f9e9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
pragma
public
date
Tue, 25 Oct 2022 02:02:50 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 27 Aug 2021 14:16:14 GMT
server
aruba-proxy
etag
"207c3-5ca8b2042d2cd-gzip"
vary
X-Forwarded-Proto,Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
21909
expires
Wed, 25 Oct 2023 02:02:50 GMT
iubenda_cs.js
cdn.iubenda.com/cs/
587 B
827 B
Script
General
Full URL
https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-DE-860 /
Resource Hash
44481ad77d6a2047b44741cdcad4685a4beae89b92599106c67e1394b231958f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:02:50 GMT
content-encoding
br
cdn-edgestorageid
865
p3p
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat
10/24/2022 13:47:38
cdn-pullzone
954456
last-modified
Fri, 21 Oct 2022 07:00:46 GMT
server
BunnyCDN-DE-860
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"6352439e-136"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control
public, max-age=3600
cdn-requestid
addecb8fc2b5db0539bb6ad3ee0f551c
cdn-requestcountrycode
IT
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
211 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZY9QWWFH6
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80a900eba27d2dc72b2352c7c47f0839881299cfe1027a7cfc27d4f0bff65fd0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:02:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76108
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 25 Oct 2022 02:02:50 GMT
AssettoCorsa-lungo.svg
www.assettocorsa.it/wp-content/themes/AssettoCorsa/00-Style-Dev/img/
7 KB
3 KB
Image
General
Full URL
https://www.assettocorsa.it/wp-content/themes/AssettoCorsa/00-Style-Dev/img/AssettoCorsa-lungo.svg
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
5417eb86a242a59c1c4be5cbde1347f01f8d7034d8c1e33bf48d76dac0ca5e37

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Tue, 25 Oct 2022 02:02:50 GMT
content-encoding
gzip
last-modified
Mon, 11 Jan 2021 09:18:17 GMT
server
aruba-proxy
vary
Accept-Encoding
content-type
image/svg+xml
logo-acc-gtwc.png
www.assettocorsa.it/competizione/wp-content/themes/fosfostrap5/_assets/build/img/
12 KB
12 KB
Image
General
Full URL
https://www.assettocorsa.it/competizione/wp-content/themes/fosfostrap5/_assets/build/img/logo-acc-gtwc.png
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
98bec6f5c942c69d9c4435692b849b1f3934bce9f0f38cf6f0305568a1028e4d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
pragma
public
date
Tue, 25 Oct 2022 02:02:50 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 06 Jul 2021 11:13:37 GMT
server
aruba-proxy
etag
"2ed8-5c6728376b5bb"
vary
X-Forwarded-Proto,Accept-Encoding,Accept
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11992
expires
Wed, 25 Oct 2023 02:02:50 GMT
logo_steam.png
www.assettocorsa.it/switch-img/
6 KB
6 KB
Image
General
Full URL
https://www.assettocorsa.it/switch-img/logo_steam.png
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Tue, 25 Oct 2022 02:02:50 GMT
last-modified
Sat, 09 Jan 2021 08:39:26 GMT
server
aruba-proxy
accept-ranges
bytes
content-length
6369
content-type
image/png
logo_ps4.png
www.assettocorsa.it/switch-img/
3 KB
3 KB
Image
General
Full URL
https://www.assettocorsa.it/switch-img/logo_ps4.png
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
11418c061460703478ac097404e6c45459c36b1ba440a0e57d43b2bd06932d2e

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Tue, 25 Oct 2022 02:02:50 GMT
last-modified
Sat, 09 Jan 2021 08:39:26 GMT
server
aruba-proxy
accept-ranges
bytes
content-length
2634
content-type
image/png
logo_xbox.png
www.assettocorsa.it/switch-img/
7 KB
7 KB
Image
General
Full URL
https://www.assettocorsa.it/switch-img/logo_xbox.png
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
7ef903df331cf8cdce7bacb4593ac34bd7dc526d5272056170d6d5eea679d76d

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Tue, 25 Oct 2022 02:02:50 GMT
last-modified
Sat, 09 Jan 2021 08:39:26 GMT
server
aruba-proxy
accept-ranges
bytes
content-length
7143
content-type
image/png
widget.min.js
static.xsolla.com/embed/pay2play/2.1.5/
436 KB
130 KB
Script
General
Full URL
https://static.xsolla.com/embed/pay2play/2.1.5/widget.min.js
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.30.21.27 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
31911c2160dd7e81c7dedd0d5b769f3b96c39052fc3c0d0b32f9ba2439e58aac

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 02:02:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Link
<https://secure.xsolla.com/favicon.ico>; rel=preload; as=image, <https://cdn.xsolla.net/img/favicon.ico>; rel=preload; as=image
Expires
Thu, 31 Dec 2037 23:55:55 GMT
AC-toRight.jpg
www.assettocorsa.it/switch-img/
103 KB
103 KB
Image
General
Full URL
https://www.assettocorsa.it/switch-img/AC-toRight.jpg
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
09e4dbc0c43db6cdccaf518c33303999b15eb05c70d26ef6bbc8dda88e185a8b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Tue, 25 Oct 2022 02:02:50 GMT
last-modified
Sat, 09 Jan 2021 08:39:26 GMT
server
aruba-proxy
accept-ranges
bytes
content-length
105025
content-type
image/jpeg
ACC-toLeft-2021.jpg
www.assettocorsa.it/switch-img/
353 KB
353 KB
Image
General
Full URL
https://www.assettocorsa.it/switch-img/ACC-toLeft-2021.jpg
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.11.36.8 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
webx1482.aruba.it
Software
aruba-proxy /
Resource Hash
9b984fd1c92e958ec2af05fccfe3e0553a3820ecfe1078445f44b2b3d223c7e9

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/en/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername
ipvsproxy241.ad.aruba.it
date
Tue, 25 Oct 2022 02:02:50 GMT
last-modified
Fri, 27 Aug 2021 14:06:44 GMT
server
aruba-proxy
accept-ranges
bytes
content-length
361345
content-type
image/jpeg
core-en.js
cdn.iubenda.com/cookie_solution/iubenda_cs/1.42.4/
295 KB
60 KB
Script
General
Full URL
https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.42.4/core-en.js
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::860:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-DE-860 /
Resource Hash
5add7ae669fc16c9b2c5e8c70d38006306df3e6545b0419c4a2b72671ceacd82

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:02:50 GMT
content-encoding
br
cdn-edgestorageid
756
p3p
CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat
10/24/2022 13:48:53
cdn-pullzone
954456
last-modified
Fri, 21 Oct 2022 07:00:45 GMT
server
BunnyCDN-DE-860
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"6352439d-ee61"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control
public, max-age=31536000
cdn-requestid
4b7331b6420561ea89dfcf98a93a9768
cdn-requestcountrycode
IT
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZY9QWWFH6&gtm=2oeaj0&_p=1228680259&cid=1678857340.1666663370&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666663370&sct=1&seg=0&dl=https%3A%2F%2Fwww.assettocorsa.it%2Fen%2F&dt=Assetto%20Corsa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZY9QWWFH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:02:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.assettocorsa.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
63378152.js
www.iubenda.com/cookie-solution/confs/js/
199 B
866 B
Script
General
Full URL
https://www.iubenda.com/cookie-solution/confs/js/63378152.js
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.42.4/core-en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.226 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-138-199-37-226.datapacket.com
Software
BunnyCDN-DE-832 /
Resource Hash
fcad9d7cd2ef282a024cca6ac29c169db73d587da1ccb2ccbb7af19c6491005b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:02:50 GMT
access-control-request-method
*
content-encoding
br
strict-transport-security
max-age=63072000
cdn-edgestorageid
832
cdn-cachedat
10/25/2022 02:02:50
cdn-pullzone
966339
last-modified
Thu, 20 Oct 2022 14:21:34 GMT
server
BunnyCDN-DE-832
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"6351596e-c7"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
POST, PUT, DELETE, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
BYPASS
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control
public, max-age=3600
access-control-allow-credentials
true
cdn-requestid
868d1adae0577ed52f072b7ea365e3fb
cdn-requestcountrycode
IT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
cdn-status
200
cdn-requestpullsuccess
True
write
hits-i.iubenda.com/
0
661 B
XHR
General
Full URL
https://hits-i.iubenda.com/write?db=hits1
Requested by
Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.42.4/core-en.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-DE-863 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.assettocorsa.it/
accept-language
it-IT,it;q=0.9
Authorization
Basic aGl0czFfdTpoaXRzMV91cHdk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Oct 2022 02:02:50 GMT
cdn-edgestorageid
723
x-influxdb-build
OSS
x-influxdb-version
1.8.2
cdn-cachedat
10/25/2022 02:02:50
cdn-pullzone
967785
request-id
2141299b-5409-11ed-bf38-0242ac110002
x-request-id
2141299b-5409-11ed-bf38-0242ac110002
server
BunnyCDN-DE-863
cdn-proxyver
1.03
cdn-requestpullcode
204
access-control-allow-methods
DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin
https://www.assettocorsa.it
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
access-control-expose-headers
Date, X-InfluxDB-Version, X-InfluxDB-Build
cache-control
public, max-age=0
cdn-requestid
c7ab224b1eacb94dbd6e935685310f44
cdn-requestcountrycode
IT
access-control-allow-headers
Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
cdn-status
204
cdn-requestpullsuccess
True
write
hits-i.iubenda.com/
0
0
Preflight
General
Full URL
https://hits-i.iubenda.com/write?db=hits1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::863:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software
BunnyCDN-DE-863 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.assettocorsa.it
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*, authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cache-control
public, max-age=0
cdn-cachedat
10/25/2022 02:02:50
cdn-edgestorageid
723
cdn-proxyver
1.03
cdn-pullzone
967785
cdn-requestcountrycode
IT
cdn-requestid
ea068feba2152a4102b858907466ad88
cdn-requestpullcode
204
cdn-requestpullsuccess
True
cdn-status
204
cdn-uid
a7bd0c3f-43db-400a-80e2-073f933f3c99
date
Tue, 25 Oct 2022 02:02:50 GMT
server
BunnyCDN-DE-863
favicon.ico
secure.xsolla.com/
32 KB
3 KB
Image
General
Full URL
https://secure.xsolla.com/favicon.ico
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.30.21.21 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
6096c75480b69d48d95d4fac4d3011e4a1d1ba3438886b713ae6d76287523389
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Oct 2022 02:02:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/x-icon
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
favicon.ico
cdn.xsolla.net/img/
1 KB
1 KB
Image
General
Full URL
https://cdn.xsolla.net/img/favicon.ico
Requested by
Host: www.assettocorsa.it
URL: https://www.assettocorsa.it/en/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.146.196 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-146-196.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8644480307d609cba80a33f9e6e11527600895cfb8fabfa7738aeac5badd79a3

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 02:02:51 GMT
content-encoding
gzip
last-modified
Sat, 13 Jul 2013 20:17:30 GMT
server
nginx
etag
W/"51e1b5da-57e"
vary
Accept-Encoding
content-type
image/x-icon
access-control-allow-origin
*
cache-control
max-age=315360000, public
timing-allow-origin
*
content-length
821
expires
Thu, 31 Dec 2037 23:55:55 GMT
init
secure.xsolla.com/paystation2/api/pay2play/
5 KB
2 KB
XHR
General
Full URL
https://secure.xsolla.com/paystation2/api/pay2play/init
Requested by
Host: static.xsolla.com
URL: https://static.xsolla.com/embed/pay2play/2.1.5/widget.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.30.21.21 , United States, ASN60527 (XSOLLA-AS, US),
Reverse DNS
Software
nginx /
Resource Hash
d168bb0f9bd133d92de2ad42011aa0e500e79fcee510bf57df73493ac7fb4245
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.assettocorsa.it/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache, no-cache
Date
Tue, 25 Oct 2022 02:02:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, max-age=0, must-revalidate, no-store, no-cache, no-store, must-revalidate, max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
0
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZY9QWWFH6&gtm=2oeaj0&_p=1228680259&cid=1678857340.1666663370&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666663370&sct=1&seg=0&dl=https%3A%2F%2Fwww.assettocorsa.it%2Fen%2F&dt=Assetto%20Corsa&en=scroll&ep.anonymize_ip=true&epn.percent_scrolled=90&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZY9QWWFH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://www.assettocorsa.it/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 02:02:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.assettocorsa.it
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Steam (Gaming)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _iub function| gtag object| dataLayer object| options object| s object| head object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| XPay2PlayWidget

3 Cookies

Domain/Path Name / Value
www.assettocorsa.it/ Name: pll_language
Value: en
.assettocorsa.it/ Name: _ga_2ZY9QWWFH6
Value: GS1.1.1666663370.1.0.1666663370.0.0.0
.assettocorsa.it/ Name: _ga
Value: GA1.1.1678857340.1666663370

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.assettocorsa.it/en/
Message:
The resource https://cdn.xsolla.net/img/favicon.ico was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.assettocorsa.it/en/
Message:
The resource https://secure.xsolla.com/favicon.ico was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.iubenda.com
cdn.xsolla.net
hits-i.iubenda.com
region1.google-analytics.com
secure.xsolla.com
static.xsolla.com
www.assettocorsa.it
www.googletagmanager.com
www.iubenda.com
138.199.37.226
185.30.21.21
185.30.21.27
2001:4860:4802:34::36
2400:52e0:1e00::860:1
2400:52e0:1e00::863:1
2a00:1450:4001:802::2008
31.11.36.8
96.16.146.196
09e4dbc0c43db6cdccaf518c33303999b15eb05c70d26ef6bbc8dda88e185a8b
11418c061460703478ac097404e6c45459c36b1ba440a0e57d43b2bd06932d2e
31911c2160dd7e81c7dedd0d5b769f3b96c39052fc3c0d0b32f9ba2439e58aac
44481ad77d6a2047b44741cdcad4685a4beae89b92599106c67e1394b231958f
5417eb86a242a59c1c4be5cbde1347f01f8d7034d8c1e33bf48d76dac0ca5e37
5438b6377ef91265bc90d9ee9c75cf703514d03f0ff9a51bed3bb4ab5a3bb699
5add7ae669fc16c9b2c5e8c70d38006306df3e6545b0419c4a2b72671ceacd82
6096c75480b69d48d95d4fac4d3011e4a1d1ba3438886b713ae6d76287523389
7ef903df331cf8cdce7bacb4593ac34bd7dc526d5272056170d6d5eea679d76d
80a900eba27d2dc72b2352c7c47f0839881299cfe1027a7cfc27d4f0bff65fd0
8644480307d609cba80a33f9e6e11527600895cfb8fabfa7738aeac5badd79a3
8d8e3ac1d350473fc9e9cbd6007e9768b0ca68e2b50de9e28faaaa5307caf1cd
98bec6f5c942c69d9c4435692b849b1f3934bce9f0f38cf6f0305568a1028e4d
9b984fd1c92e958ec2af05fccfe3e0553a3820ecfe1078445f44b2b3d223c7e9
d168bb0f9bd133d92de2ad42011aa0e500e79fcee510bf57df73493ac7fb4245
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f396748e114094ca7843353edb432bbf7027cf1c0374c8e3cbf4405326c3f9e9
fcad9d7cd2ef282a024cca6ac29c169db73d587da1ccb2ccbb7af19c6491005b