ScanMalware.com

Security Scan Report: lefrecce.it

Submitted: May 24, 2026, 5:35:10 AMCompleted: May 24, 2026, 5:37:52 AMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 61 HTTP transactions. The main domain is lefrecce.it and was registered NaN years ago.

Submitted URL: https://lefrecce.it

The Cisco Umbrella rank of the primary domain is #393,491 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 78%

5
Risk Score

Site mimics Trenitalia branding on an unrelated low‑rank domain with heavily obfuscated JavaScript; moderate risk of brand impersonation.

Risk Factors
Brand impersonation on low‑rank domain
Heavy JavaScript obfuscation
Low Cisco Umbrella reputation for a major brand
Safety Factors
Long domain age (over 16 years)
No malicious Indicators of Compromise
No forms collecting credentials or payments
No network IDS alerts
Domain age information unavailable

Details

Page Title

Home Trenitalia | Trenitalia

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(82%)

Domain Information

Within the Italian country-code top-level domain (.it), 'lefrecce.it' is registered with no subdomain. The core label 'lefrecce' covers 8 characters split between three vowels and 5 consonants. Segmentation suggests two words: le, frecce. Expect four characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://lefrecce.it

Page Load Overview

30.12s
Total Load Time
1
HTTP Requests
1
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:729 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software82% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
82%
documentation technical
59%
adult content
56%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1146.75.122.132Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
063.140.62.139United States
AS16509Amazon.com, Inc.
02.18.64.212Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
0104.18.87.42United States
AS13335Cloudflare, Inc.
023.52.181.12Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
052.51.187.96Dublin, Leinster, Ireland
AS16509Amazon.com, Inc.
023.45.101.35Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
023.36.163.230Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
0157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
0142.250.154.97United States
AS15169Google LLC
111--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T140C4542185E02433219762997A719B48FFA2D18BD94E16017EAD4F885FF3F72AD0F60D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:J4qAmQUuc2L1wS13QKsE9tsCrekGwZhvRC+/y8:JGy8

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:567331:kq2YxWBSRhwmoqnRBZCPAqhFB6M2EPqhBDw/sSSKh4lICAYKRgqYQ+wBiUhRFGwSAKBQxRADVTRbcAPCpIg4SIZSoUswHwxQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffffe7e7ffc381
Perceptual Hash:bcc33d506f504f32
Difference Hash:86902f0b0d361e33
Wavelet Hash:008ee7cbe7c7c381
Color Hash:#c587a6

Other Hashes

Crop Resistant:86902f0b0d361e33,03034323a3a30343,1008303232300810

Scan History

Scan history not available

Unable to load historical scan data