ScanMalware.com

Security Scan Report: open.toscana.it

Redirected to:
https://terreregionali.toscana.it/it-it/home
Site favicon
Submitted: May 28, 2026, 10:30:44 AMCompleted: May 28, 2026, 10:31:56 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is terreregionali.toscana.it and was registered NaN years ago.

Submitted URL: http://open.toscana.it/web/terre-di-toscana

Effective URL: https://terreregionali.toscana.it/it-it/homeRedirected

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

Critical phishing and keylogger YARA detections on an established domain confirm a credential phishing scam.

Risk Factors
Critical phishing YARA detection
High‑severity keylogger YARA detections
Obfuscated JavaScript with CRITICAL score
Malicious script presence without user‑visible forms
Safety Factors
Domain age >10 years (4391 days)
No credential or payment forms detected
No Indicators of Compromise matches
No network IDS alerts
Established domain (4391 days old) with no strong malicious indicators — risk clamped from 10 to 5
Domain age information unavailable

Details

Page Title

Ente Terre Regionali Toscane

Scan Type

public

Language

🇮🇹

Italian

(80% confidence)

Category

documentation technical

(62%)

Domain Information

You're looking at domain 'open.toscana.it' on the Italian country-code top-level domain (.toscana.it) with no subdomain. The core label 'open' covers 4 characters containing two vowels alongside two consonants. Tokenizing the label suggests 1 word: open. Median word length is 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://open.toscana.it/web/terre-di-toscana

Page Load Overview

2.38s
Total Load Time
51
HTTP Requests
3
Domains
2.5 MB
Total Size

Language Analysis

Primary Language

🇮🇹Italian
Code: it
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:it
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:it
Text Length:4,623 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical62% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

documentation technical
62%
social media network
47%
government public service
46%
government
40%
real estate property
28%

Detected Features

Search
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
26151.11.50.116Florence, Tuscany, Italy
AS24994genesys informatica srl
25159.213.168.98Campi Bisenzio, Tuscany, Italy
AS6882Regione Toscana
512--

Detected Technologies2

MetaGenerator
100%
JQueryv3.6.0
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T18453C81064F0253711628AC9BAA0AF26BF97E197E94E1600B6BD0BC41FDBC81ED1774F

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:9+FOdey0Mp01w2rG3rd04as4G1mYzsHGAB+RpyzsFGR/bTPsCaQQQOwIxjadjj3y:wE/3rd04VAmQ+LM+0djj3Mq+kY

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:61898:IQIDAYBEMWZAAcAQbISvKGSiYDhQdzkIdSjnEYYlCQgUhgKmQT5QiILLzjClTKBBlphcmGQBFEgIhgKAgWBEpoKAJIIAX1EY

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffff00c8c9ffff00
Perceptual Hash:f9f106967871650e
Difference Hash:1b3b9399992c1f33
Wavelet Hash:fdff000088ffef00
Color Hash:#3a7869

Other Hashes

Crop Resistant:1b3b9399992c1f33,0101010101010101,e599939b93999999,1f17312ab7b3131b

Scan History

Scan history not available

Unable to load historical scan data