www.frankdfagnano.com

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 199.204.248.120, located in United States and belongs to WEBINT, US. The main domain is www.frankdfagnano.com.
TLS certificate: Issued by R3 on December 27th 2023. Valid for: 3 months.

This is the only time www.frankdfagnano.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
4	199.204.248.120 199.204.248.120	11989 (WEBINT) (WEBINT)
1	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.19.88.69 162.19.88.69	16276 (OVH) (OVH)
7	4

4 199.204.248.120 (United States)

ASN11989 (WEBINT, US)
PTR: cp10.machighway.com

www.frankdfagnano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.88.69 (France)

ASN16276 (OVH, FR)
PTR: ns3221384.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	frankdfagnano.com www.frankdfagnano.com	257 KB
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 19634	1 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2829	156 B
1	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 903	1 KB
7	4

	Domain	Requested by
4	www.frankdfagnano.com	www.frankdfagnano.com
1	i.postimg.cc	www.frankdfagnano.com
1	api.ipify.org	www.frankdfagnano.com
1	aadcdn.msftauth.net	www.frankdfagnano.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
cpcontacts.frankdfagnano.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-12-01` - `2024-12-01`	a year	crt.sh
ipify.org GTS CA 1P5	`2024-01-22` - `2024-04-21`	3 months	crt.sh
postimg.cc R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.frankdfagnano.com/
Frame ID: C794D115E30A1BEF3105FB732B963153
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

access

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

260 kB
Transfer

259 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.frankdfagnano.com/	646 B 973 B	667ms 116ms	Document text/html	199.204.248.120 WEBINT
General Check archive.org Show headers Download Go to Full URL https://www.frankdfagnano.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.204.248.120 , United States, ASN11989 (WEBINT, US), Reverse DNS cp10.machighway.com Software Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 / Resource Hash `58ac5cc33b7f68061aed522858e39ae608686a478f6512c99b12f166ac3b7edd` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 646 Content-Type text/html Date Sat, 10 Feb 2024 12:25:19 GMT ETag "34a01cb-286-610de4a0c79fb" Keep-Alive timeout=30, max=100 Last-Modified Thu, 08 Feb 2024 12:52:51 GMT Server Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4
GET H/1.1	200 OK	main.4d8fcd05.js Show response www.frankdfagnano.com/static/js/	242 KB 243 KB	117ms 117ms	Script application/javascript	199.204.248.120 WEBINT
General Check archive.org Show headers Download Go to Full URL https://www.frankdfagnano.com/static/js/main.4d8fcd05.js Requested by Host: www.frankdfagnano.com URL: https://www.frankdfagnano.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.204.248.120 , United States, ASN11989 (WEBINT, US), Reverse DNS cp10.machighway.com Software Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 / Resource Hash `2f7de4b0d26130e4dc56ea239c66f3cebf58a85f6cf7697cc400f19d3a9f5b96` Request headers accept-language de-DE,de;q=0.9 Referer https://www.frankdfagnano.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Sat, 10 Feb 2024 12:25:19 GMT Last-Modified Thu, 08 Feb 2024 12:52:51 GMT Server Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 ETag "34c1315-3c9e1-610de4a0c899b" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=99 Content-Length 248289
GET H/1.1	200 OK	main.ab849390.css www.frankdfagnano.com/static/css/	9 KB 10 KB	347ms 117ms	Stylesheet text/css	199.204.248.120 WEBINT
General Check archive.org Show headers Download Go to Full URL https://www.frankdfagnano.com/static/css/main.ab849390.css Requested by Host: www.frankdfagnano.com URL: https://www.frankdfagnano.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.204.248.120 , United States, ASN11989 (WEBINT, US), Reverse DNS cp10.machighway.com Software Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 / Resource Hash `fc87e3f1930a326e499b8e09e2d49e3e9e6c1ab771cb7c083555dabf8b829c13` Request headers accept-language de-DE,de;q=0.9 Referer https://www.frankdfagnano.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Sat, 10 Feb 2024 12:25:19 GMT Last-Modified Thu, 08 Feb 2024 12:52:51 GMT Server Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 ETag "34c12df-2585-610de4a0c7de3" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=100 Content-Length 9605
GET H2	200	2_bc3d32a696895f78c19df6c717586a5d.svg aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/	2 KB 1 KB	448ms 34ms	Image image/svg+xml	152.199.23.37 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg Requested by Host: www.frankdfagnano.com URL: https://www.frankdfagnano.com/static/css/main.ab849390.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.23.37 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (ama/48D1) / Resource Hash `0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68` Request headers accept-language de-DE,de;q=0.9 Referer https://www.frankdfagnano.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 10 Feb 2024 12:24:27 GMT content-encoding gzip content-md5 DhdidjYrlCeaRJJRG/y9mA== age 5482088 x-cache HIT content-length 673 x-ms-lease-status unlocked last-modified Wed, 12 Feb 2020 22:01:50 GMT server ECAcc (ama/48D1) etag 0x8D7B007297AE131 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id b5bf7475-201e-00f1-4640-2ad471000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	logo.564db913a7fa0ca42727161c6d031bef.svg www.frankdfagnano.com/static/media/	4 KB 4 KB	115ms 115ms	Image image/svg+xml	199.204.248.120 WEBINT
General Check archive.org Show headers Download Go to Show image Full URL https://www.frankdfagnano.com/static/media/logo.564db913a7fa0ca42727161c6d031bef.svg Requested by Host: www.frankdfagnano.com URL: https://www.frankdfagnano.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 199.204.248.120 , United States, ASN11989 (WEBINT, US), Reverse DNS cp10.machighway.com Software Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 / Resource Hash `04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a` Request headers accept-language de-DE,de;q=0.9 Referer https://www.frankdfagnano.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Date Sat, 10 Feb 2024 12:25:20 GMT Last-Modified Thu, 08 Feb 2024 12:52:51 GMT Server Apache/2.4.52 (cPanel) OpenSSL/1.1.1m mod_bwlimited/1.4 ETag "34c131b-e43-610de4a0cb494" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=30, max=98 Content-Length 3651
GET H2	200	/ Show response api.ipify.org/	23 B 156 B	248ms 190ms	XHR application/json	104.26.12.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: www.frankdfagnano.com URL: https://www.frankdfagnano.com/static/js/main.4d8fcd05.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `166cfb5f2c52cb9d0d52032fab465688fc97d07cf480a8ddb4536da7a9ef15df` Request headers Accept application/json, text/plain, / Referer https://www.frankdfagnano.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 12:24:27 GMT cf-cache-status DYNAMIC server cloudflare vary Origin content-type application/json access-control-allow-origin * cf-ray 85345442bd6c0858-FRA content-length 23
GET H2	200	swipe.png i.postimg.cc/x1qR9tzv/	884 B 1 KB	88ms 27ms	Image image/png	162.19.88.69 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.postimg.cc/x1qR9tzv/swipe.png Requested by Host: www.frankdfagnano.com URL: https://www.frankdfagnano.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.88.69 , France, ASN16276 (OVH, FR), Reverse DNS ns3221384.ip-162-19-88.eu Software nginx / Resource Hash `8dc9d7f2be71e0f35b358e763545085d4d35476570b64dd10f38e5884d5f3698` Request headers accept-language de-DE,de;q=0.9 Referer https://www.frankdfagnano.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 12:24:27 GMT last-modified Thu, 20 Jul 2023 23:45:04 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 884 expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
api.ipify.org
i.postimg.cc
www.frankdfagnano.com
104.26.12.205
152.199.23.37
162.19.88.69
199.204.248.120
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
166cfb5f2c52cb9d0d52032fab465688fc97d07cf480a8ddb4536da7a9ef15df
2f7de4b0d26130e4dc56ea239c66f3cebf58a85f6cf7697cc400f19d3a9f5b96
58ac5cc33b7f68061aed522858e39ae608686a478f6512c99b12f166ac3b7edd
8dc9d7f2be71e0f35b358e763545085d4d35476570b64dd10f38e5884d5f3698
fc87e3f1930a326e499b8e09e2d49e3e9e6c1ab771cb7c083555dabf8b829c13

www.frankdfagnano.com Open in urlscan Pro 199.204.248.120 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

260 kBTransfer

259 kBSize

0 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

www.frankdfagnano.com Open in urlscan Pro
199.204.248.120 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

260 kB
Transfer

259 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!