ScanMalware.com

Security Scan Report: nervous-banach.173-214-170-82.plesk.page

Redirected to:
blob:https://surveillance.addisfinders.com/67a1b609-59ac-41ee-9c9e-3b2...
Site favicon
Submitted: Jun 3, 2026, 1:45:40 PMCompleted: Jun 3, 2026, 1:47:01 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://nervous-banach.173-214-170-82.plesk.page/link.html

Effective URL: blob:https://surveillance.addisfinders.com/67a1b609-59ac-41ee-9c9e-3b2d598fe1c5Redirected

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

Site impersonates CapitalOne, uses hidden password fields and a blob URL to harvest credentials – confirmed phishing scam.

Risk Factors
Brand impersonation
Disguised password fields
Unicode evasion
Blob URL usage
Unranked domain
Safety Factors
Established domain (2268 days old) with no strong malicious indicators — risk clamped from 9 to 5
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(55%)

Domain Information

You're looking at domain 'nervous-banach.173-214-170-82.plesk.page' on the .page top-level domain, featuring subdomain 'nervous-banach.173-214-170-82'. Its registrable label 'plesk' stretches across 5 characters split between one vowel and four consonants. Tokenizing the label suggests 2 words: pl, esk. Average segment length settles at 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://nervous-banach.173-214-170-82.plesk.page/link.html

Page Load Overview

3.11s
Total Load Time
8
HTTP Requests
6
Domains
67 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,461 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking55% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
55%
government public service
40%
documentation technical
37%
corporate business
33%
adult content
31%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4173.214.170.82United States
AS19318Interserver, Inc
450.87.221.167Phoenix, Arizona, United States
AS46606Unified Layer
82--

Detected Technologies4

PasswordField
100%
WordPress
75%
Plesk
40%
Microsoft ASP.NET
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T143436536619341BADCB3CAC857EB2A463E849887E0C9D12477AC9AD84F838D5D47D3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:s7FSF3FuWFzF+fs8utovnh8utovWX9KTHZrCt1WtjL/plyA7qvE6mw:GQl0WxMTvCvPBCt1WtjLRlyA7q86mw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:59223:gUsABxQKYMoJUIFJgpkwSsBNlphLjKgBMgjGAANMBQaSABgB0TGRNgEhQRzUoCqHSSDCYjZyoCK1Ig8gEUAME6ACGyA7IbSA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fa5bde7c3ffcfff
Perceptual Hash:b3cbcc27639c8931
Difference Hash:e968704c4d2a2c00
Wavelet Hash:7f373c2c0424df00
Color Hash:#9d87c5

Other Hashes

Crop Resistant:e968704c4d2a2c00

Scan History

Scan history not available

Unable to load historical scan data