ScanMalware.com

Security Scan Report: hq.operationshero.com

Redirected to: https://auth.operationshero.com/login

Submitted: Jan 19, 2026, 6:45:13 PMCompleted: Jan 19, 2026, 6:46:28 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 1 country across 6 domains to perform 32 HTTP transactions. The main domain is auth.operationshero.com and was registered NaN years ago.

Submitted URL: https://hq.operationshero.com

Effective URL: https://auth.operationshero.com/loginRedirected

The Cisco Umbrella rank of the primary domain is #233,324 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing login page impersonating Google on a low‑ranked OperationsHERO domain.

Risk Factors
Brand impersonation of Google on a low‑ranking domain
Hidden password field (potential credential harvesting)
Credential‑collecting login form on non‑official domain
Domain age information unavailable

Details

Page Title

Login to OperationsHERO

Scan Type

public

Language

🇺🇸

English

(44% confidence)

Category

technology software

(73%)

Domain Information

You're looking at domain 'hq.operationshero.com' on the commercial generic top-level domain (.com) with subdomain 'hq'. Its registrable label 'operationshero' stretches across 14 characters holding 7 vowels versus seven consonants. Tokenizing the label suggests two words: operations, hero. Median word length comes out to seven characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://hq.operationshero.com

Page Load Overview

3.27s
Total Load Time
28
HTTP Requests
6
Domains
444 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:44%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:44%
Script Type:Latin
Text Length:266 chars
Detector Agreement:75%

Website Classification

Primary Category

technology software73% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
73%
education learning
51%
government public service
36%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8151.101.2.137United States
AS15169
4104.26.15.15United States
AS13335CLOUDFLARENET
4172.67.74.86United States
AS13335CLOUDFLARENET
4142.251.208.3United States
AS15169GOOGLE
4104.16.174.226United States
AS13335CLOUDFLARENET
4142.251.141.138United States
AS15169GOOGLE
286--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1EC32911499F205212043906067AAAB997F51D103CB0BCF047BED6BE6AFCBE815CB72DD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:w9+qq8IFjPagQQlRaJqXIJ2JHjSy/3b8OFTUxL8nx/R:WXq5jPaZlktgOFTUWnx/R

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:11661:EDE+A86IAIAASBagY0CAhNZEU1lwQ0AV4gEQEFAgQARExiA7RkQCJwy5gTBDVYKQEh0AMmAoZCFgLBVMEwAABRAqwsWBBQGG

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:f8f8f8f8f8e0f0e0
Perceptual Hash:db9b66649933644c
Difference Hash:2828282820000000
Wavelet Hash:f8f8f8f8f8e0c0c0
Color Hash:#af87c5

Other Hashes

Crop Resistant:2828282820000000

Scan History

Scan history not available

Unable to load historical scan data