ScanMalware.com

Security Scan Report: onlinerow.lenovocust.com

Redirected to:
https://onlinerow.lenovocust.com/lenovo/OnlineCustomization/Screens/Da...
Site favicon
Submitted: May 13, 2026, 11:41:12 AMCompleted: May 13, 2026, 11:43:33 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 34 HTTP transactions. The main domain is onlinerow.lenovocust.com and was registered NaN years ago.

Submitted URL: https://onlinerow.lenovocust.com

Effective URL: https://onlinerow.lenovocust.com/lenovo/OnlineCustomization/Screens/Dashboard.htmlRedirected

The Cisco Umbrella rank of the primary domain is #641,265 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 94%

9
Risk Score

The site impersonates Lenovo, collects credentials via disguised fields, and triggers a critical C2 IDS alert, indicating a confirmed phishing scam.

Risk Factors
Credential collection via hidden password fields
Brand impersonation with low‑reputation domain
Critical malware C2 alert from IDS
Low domain reputation (Umbrella rank >600 k)
Unicode confusion in form inputs
Domain age information unavailable

Details

Page Title

Lenovo Commercial Customization System

Scan Type

public

Language

🇺🇸

English

(40% confidence)

Category

technology software

(75%)

Domain Information

Domain 'onlinerow.lenovocust.com' uses the commercial generic top-level domain (.com), featuring subdomain 'onlinerow'. The core label 'lenovocust' covers 10 characters with 4 vowels and six consonants. Breaking it apart gives three words: leno, voc, ust. Median word length is three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://onlinerow.lenovocust.com

Page Load Overview

1.02s
Total Load Time
33
HTTP Requests
2
Domains
30 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:40%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:40%
Script Type:Latin
Text Length:887 chars
Detector Agreement:75%

Website Classification

Primary Category

technology software75% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
75%
corporate business
39%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1754.251.131.239Singapore, Singapore
AS16509Amazon.com, Inc.
1618.245.31.86United States
AS16509Amazon.com, Inc.
332--

Detected Technologies3

AngularJS
50%
jQuery
20%
ECharts
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1EB72725EAD96BA38040D05C7C872E76C672F0335F39B897472B78A907B8A5D8C72A480

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:JwdGFXHSq2+kkK+XR+/iJOzp5O/Y5OehjMOZ:XF9dboMQpL

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:17405:AqCgmNQxIIklMAymApcsAiAljAQYOWgjTkhIFy5BgBGyiYdgVwBsAoAhRN3QIYEYAhYGASpPgQRAATHoaUASCSAYSAU+ESBA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:feffffffffffffe7
Perceptual Hash:f2cc72cc72cc72c8
Difference Hash:000000000000100c
Wavelet Hash:f0f0f0f00f0f0f07
Color Hash:#50783a

Other Hashes

Crop Resistant:000000000000100c

Scan History

Scan history not available

Unable to load historical scan data