ScanMalware.com

Security Scan Report: eu-central-1.protection.sophos.com

Redirected to: https://iolcos.ph/wp-content/plugins-old/?mkc98mov=a15498837154ccbe5f06aefcd5c7e82b864a95ee2add654728c1c9121aa92764fbd2976f5655ce77e0a654235179e974fb627096f7169fbccc0d28f4dab3b542&token=834223058010864&hash=86146842615935&auth=4ea5c508a6566e76240543f8feb06fd457777be39549c4016436afda65d2330emkc98mos&lang=86146842615935&aqs=mkc98mor&redzo.kucevic%40bauxpert-wilkens.com=

Submitted: Jan 13, 2026, 7:11:49 AMCompleted: Jan 13, 2026, 7:14:15 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main domain is iolcos.ph.

Submitted URL: https://eu-central-1.protection.sophos.com/?d=iolcos.ph&u=aHR0cHM6Ly9pb2xjb3MucGgvd3AtY29udGVudC9wbHVnaW5zLW9sZD9yZWR6by5rdWNldmljQGJhdXhwZXJ0LXdpbGtlbnMuY29t&i=NjQ4MDlkZjVlNTMwZjQ0MWI1ZDI3YWU2&t=dTdkQmJhR1N3U0JMSU1yOHl3M2JZaDBLWXhHc3F4MFlQazQ1V3RpU0N0MD0=&h=4be8c7ca6a7745f09a2ea92e3c283eb6&s=AVNPUEhUT0NFTkNSWVBUSVbpB-jmcMeQZa5GUFnqBWOz3K3BLfotC9wIiI5Uj7DcESW6nM50xbYJHVhYpEzi9bI

Effective URL: https://iolcos.ph/wp-content/plugins-old/?mkc98mov=a15498837154ccbe5f06aefcd5c7e82b864a95ee2add654728c1c9121aa92764fbd2976f5655ce77e0a654235179e974fb627096f7169fbccc0d28f4dab3b542&token=834223058010864&hash=86146842615935&auth=4ea5c508a6566e76240543f8feb06fd457777be39549c4016436afda65d2330emkc98mos&lang=86146842615935&aqs=mkc98mor&redzo.kucevic%40bauxpert-wilkens.com=Redirected

The Cisco Umbrella rank of the primary domain is #2,361 of the top 1 million websitesTop 10K Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing page harvesting credentials; confirmed scam.

Risk Factors
Brand impersonation on an unrelated domain
Credential harvesting form (email + password)
Use of WordPress internal directories for a login page
Multiple redirects to a suspicious final URL
Domain age not established (potentially newly registered)
Domain age information unavailable

Details

Page Title

login to your Bauxpert-wilkens

Scan Type

public

Language

🇺🇸

English

(59% confidence)

Category

cryptocurrency blockchain

(38%)

Domain Information

The domain 'eu-central-1.protection.sophos.com' uses the commercial generic top-level domain (.com), featuring subdomain 'eu-central-1.protection'. The registrable portion 'sophos' spans 6 characters with two vowels and four consonants. Word splitting yields 2 words: soph, os. The median word length lands at 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://eu-central-1.protection.sophos.com/?d=iolcos.ph&u=aHR0cHM6Ly9pb2xjb3MucGgvd3AtY29udGVudC9wbHVnaW5zLW9sZD9yZWR6by5rdWNldmljQGJhdXhwZXJ0LXdpbGtlbnMuY29t&i=NjQ4MDlkZjVlNTMwZjQ0MWI1ZDI3YWU2&t=dTdkQmJhR1N3U0JMSU1yOHl3M2JZaDBLWXhHc3F4MFlQazQ1V3RpU0N0MD0=&h=4be8c7ca6a7745f09a2ea92e3c283eb6&s=AVNPUEhUT0NFTkNSWVBUSVbpB-jmcMeQZa5GUFnqBWOz3K3BLfotC9wIiI5Uj7DcESW6nM50xbYJHVhYpEzi9bI

Page Load Overview

57.34s
Total Load Time
6
HTTP Requests
5
Domains
635 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:59%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:59%
Script Type:Latin
Text Length:146 chars
Detector Agreement:100%

Website Classification

Primary Category

cryptocurrency blockchain38% confidence
Type: static
Method: ml+structural

All Detected Categories

cryptocurrency blockchain
38%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1110.34.166.211Thailand
AS35908VPLSNET
1217.160.0.66Germany
AS8560IONOS SE
118.165.140.19United States
AS16509AMAZON-02
134.120.54.55Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
1104.16.175.226United States
AS13335CLOUDFLARENET
65--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A3E342E9D04C14C47722C44BAB85B77CA5BAF739D4814CA9F16F480C5ED2A6822C6F7E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:/1MCMPMCMjMCM4MCMwMCM3sVM3709gbQZMfjSFOlyPG9OXgRM0BastJZB:4709gUGGFwyPG9OwRM0BFnZB

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:147857:GJIQgWAKExPAChHBmYjDKlACkWgZCOmyggEZAIuKHggFIBELGDOGFlI6oFIEAVgDKIU0CxkDCIKiZQKJFSIAA1UiyiMQBtWw

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7e7e7e7e7ff
Perceptual Hash:b399cccc89339933
Difference Hash:000c0c0c0c0c0c00
Wavelet Hash:3f2727272424243c
Color Hash:#6053ac

Other Hashes

Crop Resistant:000c0c0c0c0c0c00

Scan History

Scan history not available

Unable to load historical scan data