Security Scan Report: vanatus.surge.sh

Submitted: Nov 2, 2025, 9:28:30 AMCompleted: Nov 2, 2025, 9:29:38 AMpubliccompleted
Loading additional data...

Summary

This website contacted 17 IPs in 2 countries across 6 domains to perform 10 HTTP transactions. The main domain is vanatus.surge.sh.

Submitted URL: https://vanatus.surge.sh/[email protected]

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing page harvesting credentials on a newly created, unranked domain.

Risk Factors
New or unregistered domain with credential‑harvesting form
Unranked domain presenting a login interface
Email address embedded in URL as a lure
Generic login page title "Login Verify Bot" on a non‑official domain
Domain age information unavailable

Details

Page Title

Login Verify Bot

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

news media journalism

(39%)

Domain Information

Within the .sh country-code top-level domain, 'vanatus.surge.sh' is registered and includes subdomain 'vanatus'. The registrable portion 'surge' spans 5 characters split between two vowels and 3 consonants. Breaking it apart gives 1 word: surge. The linguistic tilt is Portuguese for 'surge'. You will also see it in Portuguese (Brazil) and English contexts. Net impression: Portuguese phrase with single-word simplicity.

Screenshot

Security scan screenshot of https://vanatus.surge.sh/?admin=shiggins@infomanagerinc.com

Page Load Overview

37.57s
Total Load Time
10
HTTP Requests
6
Domains
88 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:151 chars
Detector Agreement:100%

Website Classification

Primary Category

news media journalism39% confidence
Type: static
Method: ml+structural

All Detected Categories

news media journalism
39%
government public service
34%
finance banking
34%
documentation technical
32%
adult content
31%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
10138.68.112.220Frankfurt am Main, Hesse, Germany
AS14061DIGITALOCEAN-ASN
0142.250.186.170United States
AS15169GOOGLE
0104.21.39.75United States
AS13335CLOUDFLARENET
0172.66.157.4United States
AS13335CLOUDFLARENET
0142.250.186.35United States
AS15169GOOGLE
065.9.175.66United States
AS16509AMAZON-02
02606:4700:10::ac42:9d04United States
AS13335CLOUDFLARENET
02606:4700:10::6814:2c1eUnited States
AS13335CLOUDFLARENET
0172.67.143.169United States
AS13335CLOUDFLARENET
0104.20.44.30United States
AS13335CLOUDFLARENET
1017--

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C6149E14D7F39E3E04824AAB595677C1A57CB7F0C7EC81FB31A6AE63F5639A1C219200

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:JpBM773ne5CcvvDQZOkEx0fXuj2oqckzI9XT6RAafYIKnnZ09nBqUXs8:FM/e5C+vDQZXEMXPf2jyYIKnKn28

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:196140:gETGC/FhpqBBBgWjMA42wA0HHQAEAUiJDDIQAmTkRkrBPGKFRhAhAEZViAXEAMJRByamIJCYQAGBjBbCE05BwwwbwEEobaKL

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe3fbe3e7ffffff
Perceptual Hash:e666999b32319999
Difference Hash:000e164d4c300000
Wavelet Hash:07032323203c3c3c
Color Hash:#4062bf

Other Hashes

Crop Resistant:000e164d4c300000

Scan History

Scan history not available

Unable to load historical scan data