ScanMalware.com

Security Scan Report: viewdoc.newcolours.lt

Redirected to:
blob:https://hirealocaltrader.co.uk/d513e3d1-f234-4bdc-a0d8-2408833db4...
Submitted: Apr 22, 2026, 11:02:15 PMCompleted: Apr 22, 2026, 11:03:28 PMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 35 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://viewdoc.newcolours.lt/wx.htm

Effective URL: blob:https://hirealocaltrader.co.uk/d513e3d1-f234-4bdc-a0d8-2408833db4cdRedirected

AI Security Verdict

High Risk

Confidence: 94%

8
Risk Score

The site impersonates Wells Fargo with credential‑stealing forms and hidden fields, posing a high‑risk phishing threat.

Risk Factors
Unranked domain claiming to be a major bank
Disguised password fields (type=text with password placeholder)
Hidden password fields
Cross‑origin credential form submissions
Unicode evasion in form fields
Domain age information unavailable

Details

Page Title

Sign On to View Your Personal Accounts | Wells Fargo

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(38%)

Domain Information

The domain name 'viewdoc.newcolours.lt' uses the Lithuanian country-code top-level domain (.lt) and includes subdomain 'viewdoc'. The second-level label 'newcolours' is 10 characters long split between four vowels and six consonants. Breaking it apart gives 2 words: new, colours. The median word length lands at five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://viewdoc.newcolours.lt/wx.htm

Page Load Overview

0.65s
Total Load Time
46
HTTP Requests
10
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,146 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking38% confidence
Type: spa
Method: ml+structural

All Detected Categories

finance banking
38%
government public service
26%
e-commerce
25%
social_media
25%

Detected Features

Login Form
Search
Payment

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
623.56.207.73Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
5104.17.24.14United States
AS13335Cloudflare, Inc.
5142.251.127.148Germany
AS20940
5194.135.86.224Lithuania
AS212531UAB Interneto vizija
5172.66.47.148United States
AS13335Cloudflare, Inc.
5184.24.77.9Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
5151.101.130.137United States
AS54113Fastly, Inc.
588.208.196.137United Kingdom
AS8560IONOS SE
5142.251.127.95UnknownUnknown
469--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17114F852D38888F582238FD8A55E6A063690D139C1959CD0FDEC82597FFBD48BD2E3D8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:KYN18X9WdeAmFxvvu062avuC3vua2qvuT3vuyvuNR2UvuTSvuhU2Hg2xP2hvumr8:V18t2dfHFUNBofw/Ty8tsQHWFTt34h

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:195045:CABAD6kUFUGCBTNMAQVEDFJEzGrgFoIoCmApOQUAIuFZY2MFcDy2YJBkjSCQsJBCOeMEICIEADCAgBxQCSpCBEsDEgJP6Ni0

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003c3f3f3939ffff
Perceptual Hash:8b02746974777c69
Difference Hash:fde9e9e9e3736bba
Wavelet Hash:003c3c3d39397b1f
Color Hash:#e07d6c

Other Hashes

Crop Resistant:fde9e9e9e3736bba,c4fff9e9e9e9e9e9,13131311d1fce003

Scan History

Scan history not available

Unable to load historical scan data