ScanMalware.com

Security Scan Report: www.qihongtu.net

Submitted: Dec 9, 2025, 10:37:02 PMCompleted: Dec 9, 2025, 10:39:00 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 1 domain to perform 4 HTTP transactions. The main domain is qihongtu.net.

Submitted URL: https://www.qihongtu.net/?token=UUv0vMBUuMC1TwzZbezLvMCJTMCH52Aa

AI Security Verdict

High Risk

Confidence: 85%

9
Risk Score

Site hosts a hidden password field on an unranked domain, indicating credential‑harvesting phishing.

Risk Factors
Hidden password field
Credential harvesting form on a low‑reputation, unranked domain
Possibly newly registered domain
Domain age information unavailable

Details

Page Title

扩容

Scan Type

public

Language

🇨🇳

Chinese

(60% confidence)

Category

documentation technical

(90%)

Domain Information

The domain name 'www.qihongtu.net' uses the network infrastructure generic top-level domain (.net) and includes subdomain 'www'. Its registrable label 'qihongtu' stretches across 8 characters containing 3 vowels alongside five consonants. Splitting it apart reveals 3 words: qi, hong, tu. Average segment length settles at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.qihongtu.net/?token=UUv0vMBUuMC1TwzZbezLvMCJTMCH52Aa

Page Load Overview

29.54s
Total Load Time
4
HTTP Requests
1
Domains
N/A
Total Size

Language Analysis

Primary Language

🇨🇳Chinese
Code: zh
Confidence:60%
Script:Han
Direction:ltr

Detection Details

Language Code:zh
Detection Confidence:60%
Script Type:Han
HTML Lang Attribute:zh-CN
Text Length:243 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical90% confidence
Type: webapp
Method: ml+structural

All Detected Categories

documentation technical
90%
healthcare medical
79%
technology software
74%
entertainment media
74%
adult content
72%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1172.67.222.225United States
AS13335CLOUDFLARENET
1104.21.54.25United States
AS13335CLOUDFLARENET
12606:4700:3030::ac43:dee1United States
AS13335CLOUDFLARENET
12606:4700:3032::6815:3619United States
AS13335CLOUDFLARENET
44--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15D42349A59B304A57D17E4FD1BE7474A32A48003C40EC9543F9C678C4FCE9C6AA62B9E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:RvV0/LTGZiku30qeMbyJbNdIb4x/mlJT7eomQREZm:3Xlu0m

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:13101:AQCnBFwMEMFKuA4UIAKLKAtCApFMixQaeBUlB0oAKtEojjgAAYGQTtCEAsRSIQI3JFEgBiApIhcETxmxEASAFDAfcIAEFlFW

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00003c3cffffffff
Perceptual Hash:9616246db94e4e9b
Difference Hash:86e461791a661f06
Wavelet Hash:00003c2ccff3c7ff
Color Hash:#a1c587

Other Hashes

Crop Resistant:c469615916061b06,4124d46460696161

Scan History

Scan history not available

Unable to load historical scan data