ScanMalware.com

Security Scan Report: api-mediation.hipposbro.com

Redirected to: https://api.mediation.amberweather.com/google-auth/login.php

Submitted: Feb 24, 2026, 1:51:05 PMCompleted: Feb 24, 2026, 1:52:55 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 1 HTTP transaction. The main domain is api.mediation.amberweather.com and was registered NaN years ago.

Submitted URL: https://api-mediation.hipposbro.com

Effective URL: https://api.mediation.amberweather.com/google-auth/login.phpRedirected

The Cisco Umbrella rank of the primary domain is #157,547 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 70%

7
Risk Score

Impersonates Google login on low‑ranked domain; likely phishing – avoid.

Risk Factors
Brand impersonation: Google branding on unrelated low‑rank domain
Low Cisco Umbrella ranking for brand claim
Domain mismatch: api-mediation.hipposbro.com not associated with Google
Domain age information unavailable

Details

Page Title

Login with Google Account OAuth

Scan Type

public

Language

🇺🇸

English

(70% confidence)

Category

news media journalism

(33%)

Domain Information

Within the commercial generic top-level domain (.com), 'api-mediation.hipposbro.com' is registered, featuring subdomain 'api-mediation'. Its registrable label 'hipposbro' stretches across 9 characters split between three vowels and 6 consonants. Tokenizing the label suggests two words: hippos, bro. Median word length comes out to 4.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://api-mediation.hipposbro.com

Page Load Overview

2.63s
Total Load Time
4
HTTP Requests
2
Domains
1 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:70%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:70%
Script Type:Latin
Text Length:78 chars
Detector Agreement:100%

Website Classification

Primary Category

news media journalism33% confidence
Type: static
Method: ml+structural

All Detected Categories

news media journalism
33%
technology software
26%
government public service
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
254.178.254.93Tokyo, Tokyo, Japan
AS16509Amazon.com, Inc.
23.114.146.152Tokyo, Tokyo, Japan
AS16509Amazon.com, Inc.
42--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T160F023FB62901C079980E4406C4132983C535A457D91EE58BEB0016F4DC243703C52A6

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

12:haxvhQRvxX25y+oxfgGk/mYdsaFmNex07T9lecRG+a5tk9/Oin5tk90daMmfYj:ha0ZxG5y5xoGwtFmNexW9PGVk9/Okk9e

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:646:AAAAAgIAAAAAAGAAAAAAAAAAAAAAAAQAAAAAAgAAAQAAAADAAAAAAAAAAgAAAAAAAACgAACAAAAAAAQEAAAAAADgAAAAAAAA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7ffffffffffffff
Perceptual Hash:b233333333333333
Difference Hash:0c00000000000000
Wavelet Hash:e7ffffff00000000
Color Hash:#9ae06c

Other Hashes

Crop Resistant:0c00000000000000

Scan History

Scan history not available

Unable to load historical scan data