ScanMalware.com

Security Scan Report: ndk2-susters.top

Submitted: Dec 11, 2025, 7:56:03 PMCompleted: Dec 11, 2025, 7:57:35 PMpubliccompleted
Loading additional data...

Summary

This website contacted 32 IPs in 2 countries across 9 domains to perform 684 HTTP transactions. The main domain is ndk2-susters.top and was registered NaN years ago.

Submitted URL: https://ndk2-susters.top/desktop/game/slot/pragmaticplay

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

New domain with hidden/disguised password fields and brand impersonation – confirmed phishing scam.

Risk Factors
Newly registered domain (<7 days) with login form
Disguised password fields (type='text' with password placeholder)
Hidden password fields present in HTML
Unicode evasion used to obscure field names
Brand impersonation/typosquatting of a well‑known service (Telegram) on an unranked domain
Domain age information unavailable

Details

Page Title

SUSTER123 # Zona Bermain Game Online Daring Gacor Terbaru & Terbaik

Scan Type

public

Language

🇮🇩

ID

(80% confidence)

Category

gambling betting

(93%)

Domain Information

You're looking at domain 'ndk2-susters.top' on the .top top-level domain with no subdomain. Count 12 characters in 'ndk2-susters' with 2 vowels and 8 consonants, notching 1 digit and 1 hyphen. Splitting it apart reveals 6 words: nd, k, 2, s, uster, s. Median word length comes out to one character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ndk2-susters.top/desktop/game/slot/pragmaticplay

Page Load Overview

59.66s
Total Load Time
684
HTTP Requests
9
Domains
8.8 MB
Total Size

Language Analysis

Primary Language

🇮🇩Indonesian
Code: id
Confidence:80%
Script:Unknown
Direction:ltr

Detection Details

Language Code:id
Detection Confidence:80%
Script Type:Unknown
HTML Lang Attribute:id
Text Length:13,301 chars
Detector Agreement:50%

Website Classification

Primary Category

gambling betting93% confidence
Type: webapp
Method: ml+structural

All Detected Categories

gambling betting
93%
entertainment media
81%
documentation technical
75%
technology software
59%
adult content
42%

Detected Features

Login Form
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3323.36.162.25Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2152.222.232.184United States
AS16509AMAZON-02
2165.8.102.99United States
AS16509AMAZON-02
21172.67.217.79United States
AS13335CLOUDFLARENET
21104.21.24.62United States
AS13335CLOUDFLARENET
2152.222.232.119United States
AS16509AMAZON-02
2152.222.232.47United States
AS16509AMAZON-02
2123.50.131.153Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2123.36.162.17Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2152.222.232.141United States
AS16509AMAZON-02
68432--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T182B4A63254561A773A3310E875703F9A9D91D75BEA639BC1B3FCABA713E1CE4A423210

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:8JDP5ZIANNfhEv5Tgvs3/N3iyhn6eXgweXglMpbcvoDc0oLBOo73DoTx:8Lomvs3/N3HpAuMpF

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:501234:gMALysRy2Eo54DoIJWEEQB4x7AEAM8hgkMA7IHagY0gJMRhQZi7QzJY5QGItSA5JgIsFgARMAQWctJTJraiNcsB1EEqCCJgs

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0c007c3d193d3d3d
Perceptual Hash:8a75532b559393a9
Difference Hash:49b5f17173616969
Wavelet Hash:2c003d3d393d3d3d
Color Hash:#231f93

Other Hashes

Crop Resistant:ad010df5f11e23b7,d4d2f2b2f1f5d9d9,49b4f17173616969

Scan History

Scan history not available

Unable to load historical scan data