ScanMalware.com

Security Scan Report: www.architettifirenze.it

Redirected to:
https://architettifirenze.it/
Site favicon
Submitted: May 29, 2026, 9:14:31 AMCompleted: May 29, 2026, 9:15:54 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 11 HTTP transactions. The main domain is architettifirenze.it and was registered NaN years ago.

Submitted URL: https://www.architettifirenze.it

Effective URL: https://architettifirenze.it/Redirected

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

The site hosts critical stealer and keylogger JavaScript; classified as a confirmed malware distribution scam.

Risk Factors
Critical stealer YARA match
High severity keylogger YARA matches
Critical JavaScript obfuscation and base64/charcode manipulation
Dynamic code execution via Function constructor
Unranked domain despite brand claim
Safety Factors
Domain age >20 years (well‑established)
Self‑branding matches the domain
No credential or payment forms present
No network IDS alerts detected
No external Indicators of Compromise matched
Established domain (7365 days old) with no strong malicious indicators — risk clamped from 10 to 5
Domain age information unavailable

Details

Page Title

Ordine e Fondazione Architetti di Firenze

Scan Type

public

Language

🇮🇹

Italian

(80% confidence)

Category

government public service

(82%)

Domain Information

Domain 'www.architettifirenze.it' uses the Italian country-code top-level domain (.it), featuring subdomain 'www'. Count 17 characters in 'architettifirenze' split between seven vowels and 10 consonants. Breaking it apart gives four words: arch, it, etti, firenze. Median word length comes out to 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.architettifirenze.it

Page Load Overview

4.15s
Total Load Time
107
HTTP Requests
9
Domains
1.2 MB
Total Size

Language Analysis

Primary Language

🇮🇹Italian
Code: it
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:it
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:it
Text Length:6,046 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service82% confidence
Type: spa
Method: ml+structural

All Detected Categories

government public service
82%
education learning
58%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3735.157.26.135Frankfurt am Main, Hesse, Germany
AS16509Amazon.com, Inc.
35184.24.77.154Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
3575.2.60.5United States
AS16509Amazon.com, Inc.
1073--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E48409316F406429892EC1D47D31BB9C5C5F604BDB825CFCE1ACCF9877CDE922922A66

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:WuOi5O0GM5rUILGM5rUtPfNMU+Vn8CDGRG4YqtPSRtgJl+EvMU+Vn8CDGRG4Yqt0:sGfNfd

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:403852:NjFGgDBEWbCZpoIQDVBoyaimVGIAAJMvIAgghW0B1ATkBoQAcYABhNFaARCJ1AoJAgwgaDALS+zgbABgmLJwIkQFCRag0JZB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffff9999d191ffff
Perceptual Hash:ec91936d93926c65
Difference Hash:ce23333323232758
Wavelet Hash:6f9081818181ffff
Color Hash:#7940bf

Other Hashes

Crop Resistant:ce23333323232758,1818bb4b476725a8

Scan History

Scan history not available

Unable to load historical scan data