ScanMalware.com

Security Scan Report: htxinternalpay.net

Redirected to: https://htxinternalpay.net/

Submitted: Dec 26, 2025, 12:56:34 PMCompleted: Dec 26, 2025, 12:56:59 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main domain is htxinternalpay.net and was registered NaN years ago.

Submitted URL: http://htxinternalpay.net/

Effective URL: https://htxinternalpay.net/Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed phishing scam; do not provide any credentials.

Risk Factors
Brand impersonation (HTX) on a newly registered domain
Credential harvesting form with password fields
Domain age less than 7 days (critical risk)
Unranked domain not listed in Cisco Umbrella top 1M
Domain age information unavailable

Details

Page Title

HTX Internalpay | Identity Verification

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

cryptocurrency blockchain

(85%)

Domain Information

The domain 'htxinternalpay.net' uses the network infrastructure generic top-level domain (.net) without a subdomain. Count 14 characters in 'htxinternalpay' holding four vowels versus 10 consonants. Segmentation suggests 4 words: h, tx, internal, pay. Average segment length settles at 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://htxinternalpay.net/

Page Load Overview

1.41s
Total Load Time
16
HTTP Requests
9
Domains
69 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,426 chars
Detector Agreement:75%

Website Classification

Primary Category

cryptocurrency blockchain85% confidence
Type: webapp
Method: ml+structural

All Detected Categories

cryptocurrency blockchain
85%
finance banking
69%
adult content
28%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4212.102.56.179United States
AS54113
2104.26.12.42Germany
AS53667
2151.101.194.137Luxembourg
AS60068
2104.17.24.14United States
AS13335CLOUDFLARENET
263.181.126.237Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
2198.251.88.188Luxembourg, Luxembourg, Luxembourg
AS53667PONYNET
2104.16.174.226UnknownUnknown
167--

Detected Technologies2

PasswordField
100%
JQueryv3.6.0
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1191355A12697485ADE4B90C9AFAA1A48609AD307C100DC4CFFDE47E7CF42A38FD1B754

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:lqtwMFCEPvtSlPvV7nZ7viJBJBse+fZHzaDbcduhPty0gKIBKen8QT/rifyzJZlO:eBFEV2RN

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:44132:TMQxAutgQHMEgKzC9QGICktKEc8UoQwQBICSE2F4jBRAAGoiIkVDQsQrLMAoghBgU2kilS3SYBkIA0gWQQDFCEAZ7OEJEBWS

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00f3f3f3f3f3f3f2
Perceptual Hash:e41b1b1b1b1b1b1b
Difference Hash:6646666666666666
Wavelet Hash:00f2f2f2f2f0f0f0
Color Hash:#87c5ab

Other Hashes

Crop Resistant:6646666666666666,81534e32324e5381,9480c0c0d4900200

Scan History

Scan history not available

Unable to load historical scan data