ScanMalware.com

Security Scan Report: mohaaeinfra.com

Redirected to:
https://phptc.org/de/sparkasse/auth/plz.php
Site favicon
Submitted: Oct 11, 2025, 10:39:40 AMCompleted: Oct 11, 2025, 10:40:31 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main domain is phptc.org.

Submitted URL: https://mohaaeinfra.com/de/click.php

Effective URL: https://phptc.org/de/sparkasse/auth/plz.phpRedirected

AI Security Verdict

High Risk

Confidence: 85%

7
Risk Score

High‑risk phishing site impersonating Sparkasse; do not trust.

Risk Factors
Brand impersonation on a non‑official, unranked domain
Mimicking a known financial service (Sparkasse) on an unusual domain
Collection of personal data via form on a spoofed banking page
Domain age information unavailable

Details

Page Title

Ihre Sparkasse vor Ort

Scan Type

public

Language

🇩🇪

German

(50% confidence)

Category

finance banking

(72%)

Domain Information

The domain name 'mohaaeinfra.com' uses the commercial generic top-level domain (.com). The registrable portion 'mohaaeinfra' spans 11 characters split between 6 vowels and 5 consonants. Breaking it apart gives 5 words: moh, a, a, e, infra. Expect one character per word on average. Most frequently, 'a' shows up in Hungarian. It also appears in Italian and Galician contexts.

Screenshot

Security scan screenshot of https://mohaaeinfra.com/de/click.php

Page Load Overview

19.11s
Total Load Time
10
HTTP Requests
3
Domains
44 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:de
Text Length:421 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking72% confidence
Type: static
Method: ml+structural

All Detected Categories

finance banking
72%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2107.180.115.196United States
AS398101GO-DADDY-COM-LLC
2185.15.59.240United States
AS14907WIKIMEDIA
2184.168.106.27Singapore, Singapore
AS26496AS-26496-GO-DADDY-COM-LLC
22a02:ec80:300:ed1a::2:bUnited States
AS14907WIKIMEDIA
104--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10441DD1180F790B7417281D1A9AA0F1B2DC1A77BE6DB054036FE47D81FDDD82E807524

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24:bCLSwrTdpuLGt2Kj3+wnikAugPhT7gyCvATCJLWFznVgF0Hj:oSAT/uLGtPj3Mk4P97TCvt5WtVV

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2014:IAAFCAgADAOIAAAEIAAAAFAQAAAAAAIAAAhBAAACACgAQAAEAkAAAQkAAARQAgIAAABABECAAEAACBAAARgGEAEACEAAAACg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data