https://www.casamaia.it/s%C3%BCperbahis-bahis/
104.21.31.196 · Cloudflare, Inc.
Toronto, Canada
—
520 · 13.9s
Valid· WE1, Google Trust Services, US
COMPLETED
Domain Intelligence: casamaia.it
Scanned 2 times since Jun 13, 2026, 11:34 AM UTC
Linked Phishing Report
This scan is attached to a vendor submission report
Brand
ATO
Vendors
28/31
Status
partial
Registered-domain escalation
Submit casamaia.it as the primary IOC, enriched with evidence from hostile subdomains like www.casamaia.it.
No KB/IOK detections were recorded for this scan.
Scanner blocked by cloudflare
This scan likely captured a block/challenge page, so the AI analysis may not reflect the real site victims see.
technology | ecommerce · 7/19/2026
The page displays a Cloudflare 520 error for ATO, with branding that visually mimics the Cloudflare/visitor-status dashboard rather than a specific legitimate brand login. The page content is an error page generated by Cloudflare, not a credential-collecting impersonation of a known brand. However, the screenshot and HTML indicate SPA-like behavior and potential credential-collection UI could be present on the origin, but the current page is an error page served via Cloudflare with no explicit impersonation of a particular brand beyond generic status visuals.
Capture
Stages: 2
Canonical: Settled Render
Changed: No
Credential Signals
Forms: 0
Password fields: 0
Late-stage login UI: No
Resource Signals
Resources: 7
Hosts: 1
Domains: 1
The page shows a legitimate Cloudflare 520 error for the domain ATO, not an explicit impersonation of a known brand. The evidence is insufficient to claim credential harvesting or impersonation on this page. However, the presence of Cloudflare’s error UI and SPA hints indicates the origin server may be misconfigured or temporarily unavailable. Monitor for recurring impersonation indicators or if the origin later serves credential-collecting UI under a misleading brand; currently, treat as potential first-party error exposure with watchful monitoring.
Monitor