Security Scan Report: stuiport.gaestehaus-kranzfelder.de

Redirected to: http://stuiport.gaestehaus-kranzfelder.de/

Submitted: Oct 9, 2025, 10:02:25 PMCompleted: Oct 9, 2025, 10:03:47 PMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 3 countries across 3 domains to perform 55 HTTP transactions. The main domain is stuiport.gaestehaus-kranzfelder.de and was registered NaN years ago.

Submitted URL: http://stuiport.gaestehaus-kranzfelder.de/challenge.php?token=bd6d229a4b8bef0c64dbc56a88b2842c

Effective URL: http://stuiport.gaestehaus-kranzfelder.de/Redirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page impersonating STRATO to steal credentials

Risk Factors
Brand impersonation on an unrelated domain
Password login form collecting credentials
Exfiltration endpoint (telegram_handler.php) instead of official STRATO backend
Unranked domain presenting a well‑known brand
Domain age information unavailable

Details

Page Title

STRATO Sicherheitsprüfung

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

documentation technical

(98%)

Domain Information

The domain 'stuiport.gaestehaus-kranzfelder.de' uses the German country-code top-level domain (.de) with subdomain 'stuiport'. Its registrable label 'gaestehaus-kranzfelder' stretches across 22 characters holding eight vowels versus 13 consonants, plus 1 hyphen. Word splitting yields seven words: ga, este, haus, kr, anz, f, elder. The median word length lands at 3 characters. The linguistic tilt is Norwegian for 'ga'. Secondary signals appear in Danish and Romanian.

Screenshot

Security scan screenshot of http://stuiport.gaestehaus-kranzfelder.de/challenge.php?token=bd6d229a4b8bef0c64dbc56a88b2842c

Page Load Overview

42.30s
Total Load Time
55
HTTP Requests
3
Domains
118 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:3,781 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical98% confidence
Type: spa
Method: ml+structural

All Detected Categories

documentation technical
98%
blog personal website
92%
corporate business
80%
technology software
78%
government public service
70%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7192.67.198.33Germany
AS6724Strato GmbH
645.43.142.5United Kingdom
AS16276OVH SAS
668.183.23.146North Bergen, New Jersey, United States
AS14061DIGITALOCEAN-ASN
645.43.142.3UnknownUnknown
645.43.142.2UnknownUnknown
645.43.142.4UnknownUnknown
645.43.142.6UnknownUnknown
645.43.142.7UnknownUnknown
62a01:238:20a:202:6660:0:198:33UnknownUnknown
559--

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B4138360ADF23D36011791F532A99F067BB6D503CA4A5C0872BC17982FD7F825C5739A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:A3lFXYlTghtv3/HhRScQ1fWHIj0uh4PAHsvnDZCQRemU6o98QJ+YUwc:+WTQ8FsTvNd698z9b

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:41838:EEUJzgGQCtABLKICASQqBBwIgKGfUKcAaaagAoEEAgIAIgiA5RBhYFAFESKYikQ1AIRh0DpGHiCKEpwjgBXwQnpMAAZIfBkE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data