ScanMalware.com

Security Scan Report: s1097730.ha009.t.mydomain.zone

Redirected to: https://s1097730.ha009.t.mydomain.zone/

Site favicon
Submitted: Jan 18, 2026, 2:16:33 AMCompleted: Jan 18, 2026, 2:17:44 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 3 domains to perform 18 HTTP transactions. The main domain is s1097730.ha009.t.mydomain.zone and was registered NaN years ago.

Submitted URL: http://s1097730.ha009.t.mydomain.zone/

Effective URL: https://s1097730.ha009.t.mydomain.zone/Redirected

The Cisco Umbrella rank of the primary domain is #908,447 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing site impersonating PayPal and harvesting credentials.

Risk Factors
Brand impersonation on a low‑ranking, non‑official domain
Disguised password fields (type='text' with password placeholder)
Hidden password field
Unicode evasion technique
Credential‑harvesting forms without legitimate purpose
Domain age information unavailable

Details

Page Title

Order Summary - PayPal

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(43%)

Domain Information

You're looking at domain 's1097730.ha009.t.mydomain.zone' on the .zone top-level domain, featuring subdomain 's1097730.ha009.t'. The second-level label 'mydomain' is 8 characters long split between three vowels and five consonants. Breaking it apart gives 2 words: my, domain. Expect 4 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://s1097730.ha009.t.mydomain.zone/

Page Load Overview

1.44s
Total Load Time
19
HTTP Requests
3
Domains
52 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,768 chars
Detector Agreement:75%

Website Classification

Primary Category

technology software43% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
43%
e-commerce shopping
37%
finance banking
35%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
738.114.101.33Dallas, Texas, United States
AS398343BAXET-GROUP
6146.75.123.1United States
AS398343
6104.21.31.228United States
AS13335CLOUDFLARENET
193--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C882E82040F845B7619381E1AAE6AE0B3EC9D603CB0A45507AFC4BE55FD7D87CE2716D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:TqSMR+teX1D2qz+UkSJpnsnsaf4qqBTkt2kOcT94q9n+SnNJJJJJ5JnS+AHxDBDh:2hRGel2OJ2lfqBOflrJJJJJPN2Ddtf1z

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:19157:qJxwgCGgmBSoFkkIEEPIVQVwzsMQkmMsCDkREEkFgDEAlRCRA0QAhkQayNYgDEoiJwCIsBQH1UEhgxLBUDMpUAWREWCGkKoM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:bfcfcbf1f3ffffff
Perceptual Hash:e93992866c4e96b3
Difference Hash:2394921216240000
Wavelet Hash:98cec181f1f3f0f0
Color Hash:#4057bf

Other Hashes

Crop Resistant:2394921216240000,011756684aa6270f

Scan History

Scan history not available

Unable to load historical scan data