ScanMalware.com

Security Scan Report: qr-codes.io

Redirected to: https://www.amazon.com/ap/signin?yyy

Submitted: Nov 11, 2025, 2:40:42 AMCompleted: Nov 11, 2025, 2:41:21 AMpubliccompleted
Loading additional data...

Summary

This website contacted 85 IPs in 0 countries across 12 domains to perform 29 HTTP transactions. The main domain is amazon.com.

Submitted URL: https://qr-codes.io/Pru3fC

Effective URL: https://www.amazon.com/ap/signin?yyyRedirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Suspicious QR‑code redirect to Amazon login; treat as high‑risk phishing.

Risk Factors
Brand impersonation on unusual, unranked domain
Unranked/low‑reputation domain (not in Cisco Umbrella top 1M)
Potentially newly registered domain (age unknown)
Redirect from suspicious domain to a login page
Lack of legitimate redirect service indication
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(65% confidence)

Category

unknown

(0%)

Domain Information

Domain 'qr-codes.io' uses the British Indian Ocean Territory country-code top-level domain (.io) and has no subdomain. The second-level label 'qr-codes' is 8 characters long containing two vowels alongside 5 consonants, notching 1 hyphen. Tokenizing the label suggests 2 words: qr, codes. The median word length lands at 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://qr-codes.io/Pru3fC

Page Load Overview

3.37s
Total Load Time
29
HTTP Requests
12
Domains
224 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:65%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:65%
Script Type:Latin
Text Length:130 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: dynamic
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2934.237.135.182UnknownUnknown
044.212.213.97UnknownUnknown
044.216.132.245UnknownUnknown
03.174.55.35UnknownUnknown
0142.250.186.104UnknownUnknown
0216.58.206.68UnknownUnknown
020.15.105.116UnknownUnknown
0142.250.184.200UnknownUnknown
018.210.138.193UnknownUnknown
0108.138.26.70UnknownUnknown
2985--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D78339D9F650303365B32179A0AF550B223B136378888891B85DE4E42F79AEE4377F6D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:dfdIi1YxKHjekhGTLveBsAADtQVWcSA4uTw:dfdaxKDek0/v8sAAUXwuk

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:83873:BKFOIIgLsAJQAIIBgnJJgLAEQSpRMBEHBMDGQ9DpFGgXBYQ2SZgBEMBQSBGCgOWGFICCHAaIdRJClUAJl0QEwASGAQh1UkAJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:c3c3ffffffffffff
Perceptual Hash:b33333332286cece
Difference Hash:0e0c000000000000
Wavelet Hash:c3c3ffff00000000
Color Hash:#79b9d2

Other Hashes

Crop Resistant:0e0c000000000000

Scan History

Scan history not available

Unable to load historical scan data