ScanMalware.com

Security Scan Report: dailymed.nlm.nih.gov

Site favicon
Submitted: Jun 19, 2026, 7:32:47 PMCompleted: Jun 19, 2026, 7:34:23 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 2 HTTP transactions. The main domain is dailymed.nlm.nih.gov and was registered NaN years ago.

Submitted URL: https://dailymed.nlm.nih.gov/dailymed/lookup.cfm?setid=81a06b90-50d3-40c1-98ca-0e344c76b2c4

The Cisco Umbrella rank of the primary domain is #10,460 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 82%

7
Risk Score

The page contains disguised password fields and credential‑harvesting patterns on a reputable government domain, indicating a high‑risk phishing attempt.

Risk Factors
Credential harvesting form
Disguised password fields
Unicode evasion in form inputs
Dynamic code execution via eval()
Domain age information unavailable

Details

Page Title

DailyMed - CYMBALTA- duloxetine hydrochloride capsule, delayed release

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

healthcare medical

(76%)

Domain Information

Domain 'dailymed.nlm.nih.gov' uses the United States government-restricted top-level domain (.gov) with subdomain 'dailymed.nlm'. The registrable portion 'nih' spans 3 characters split between 1 vowel and two consonants. It segments into one word: nih. The median word length lands at 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://dailymed.nlm.nih.gov/dailymed/lookup.cfm?setid=81a06b90-50d3-40c1-98ca-0e344c76b2c4

Page Load Overview

3.66s
Total Load Time
94
HTTP Requests
12
Domains
2.4 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:121,726 chars
Detector Agreement:100%

Website Classification

Primary Category

healthcare medical76% confidence
Type: spa
Method: ml+structural

All Detected Categories

healthcare medical
76%
government public service
66%
government
48%
news media journalism
45%
phishing/scam
40%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2523.53.43.67Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
23142.251.20.139United States
AS15169Google LLC
2354.80.76.209Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
23192.178.183.95United States
AS15169Google LLC
944--

Detected Technologies12

X-UA-Compatible
100%
Modernizrv3.11.4.min.921695bdca0e
100%
JQueryv3.5.1
100%
Google-AnalyticsvUniversal
100%
Google Analytics
55%
Google Tag Manager
50%
HSTS
40%
jQuery UI
20%
Qualtrics
20%
Google Hosted Libraries
20%
Crazy Egg
20%
AddThis
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F3540A6161D0123E856385D3B6A63FA5BBF24067D3112940B4FD8A7F9FC2E61B63334A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:pR5dvtIakUoeC9S9DxyeOY4Tsf2PpLlWDo6YP:pRGoOi656YP

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:305486:RgJgQsQcrM8SDREaoAYqNMoUp1QAUAQsAGAgMQWAYXAgoBOZjCUlpADlBBBJWKBJCwCRCJ4CYo0AjISpGTyTpBoCNAwMXmjQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3c043c3c3c7effff
Perceptual Hash:9242654be69ac7cb
Difference Hash:e1e9e9f9f9e9f98e
Wavelet Hash:3c003c1c3c3c7df7
Color Hash:#2d865e

Other Hashes

Crop Resistant:e1e9e9f9f9e9f98e,4204000000004204,5151404050404040

Scan History

Scan history not available

Unable to load historical scan data