ScanMalware.com

Security Scan Report: godly-sign95s1dff0sdf450df1220f2e10.surge.sh

Redirected to: https://rechnungdirekt24.com/

Submitted: Oct 13, 2025, 4:36:17 PMCompleted: Oct 13, 2025, 4:37:12 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main domain is rechnungdirekt24.com and was registered NaN years ago.

Submitted URL: https://godly-sign95s1dff0sdf450df1220f2e10.surge.sh/

Effective URL: https://rechnungdirekt24.com/Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Impersonates STRATO AG on a brand‑new unranked domain; likely payment phishing – avoid.

Risk Factors
Brand impersonation of STRATO AG
Newly registered domain (<7 days)
Unranked domain (not in top 1M Cisco Umbrella)
Urgent payment demand without secure transaction mechanism
Domain age information unavailable

Details

Page Title

Ihre Rechnungen - STRATO AG

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

corporate business

(82%)

Domain Information

You're looking at domain 'godly-sign95s1dff0sdf450df1220f2e10.surge.sh' on the .sh country-code top-level domain and includes subdomain 'godly-sign95s1dff0sdf450df1220f2e10'. The second-level label 'surge' is 5 characters long with two vowels and three consonants. Word splitting yields 1 word: surge. The median word length lands at 5 characters. The linguistic tilt is Portuguese for 'surge'. It also appears in Portuguese (Brazil) and English contexts.

Screenshot

Security scan screenshot of https://godly-sign95s1dff0sdf450df1220f2e10.surge.sh/

Page Load Overview

4.63s
Total Load Time
5
HTTP Requests
3
Domains
17 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:1,127 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate business82% confidence
Type: static
Method: ml+structural

All Detected Categories

corporate business
82%
technology software
72%
government public service
69%
cryptocurrency blockchain
68%
finance banking
67%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1188.166.132.94Amsterdam, North Holland, Netherlands
AS14061DIGITALOCEAN-ASN
1185.15.59.240United States
AS14907WIKIMEDIA
1103.179.189.95Vietnam
AS135905VIETNAM POSTS AND TELECOMMUNICATIONS GROUP
12a02:ec80:300:ed1a::2:bUnited States
AS14907WIKIMEDIA
54--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1004393AAA2F3216A7917A1792BBB57562335C047C50ACC183FCD1348CF867E5AC537AC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:BJwFMpXafA8Qy8FLF72yFditW+C/xx+xXPWjSv:7wCFafALy8ZJ2yKgX+1P7v

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:55879:goJRggmxVApyjLCCRxggikSmgTAhQQcECHjXTccdAkVMgCIwSEsgpCMhBkYqCgBzCHgRhElAmgwNowCbYOAERDBhBQ2QSBCK

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data