ScanMalware.com

Security Scan Report: fs.hidravitalis.com

Submitted: Oct 15, 2025, 8:07:55 PMCompleted: Oct 15, 2025, 8:08:29 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main domain is fs.hidravitalis.com and was registered NaN years ago.

Submitted URL: https://fs.hidravitalis.com/auth.php

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site likely used for credential and payment data harvesting; treat as high‑risk phishing.

Risk Factors
Credential harvesting pattern: password fields without username/email
Collection of payment data on a recently registered, unranked domain
Hidden password fields for CVV and ATM PIN
Domain age < 180 days with sensitive data collection
Domain age information unavailable

Details

Page Title

Account Verification

Scan Type

public

Language

🇺🇸

English

(52% confidence)

Category

finance banking

(52%)

Domain Information

You're looking at domain 'fs.hidravitalis.com' on the commercial generic top-level domain (.com) and includes subdomain 'fs'. The core label 'hidravitalis' covers 12 characters containing 5 vowels alongside 7 consonants. Segmentation suggests four words: hid, ra, vital, is. Median word length is 2.5 characters. 'huid' is most common in Dutch usage. It also appears in Afrikaans and Hungarian contexts.

Screenshot

Security scan screenshot of https://fs.hidravitalis.com/auth.php

Page Load Overview

11.65s
Total Load Time
6
HTTP Requests
3
Domains
107 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:52%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:52%
Script Type:Latin
HTML Lang Attribute:en
Text Length:303 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking52% confidence
Type: static
Method: ml+structural

All Detected Categories

finance banking
52%
documentation technical
31%
adult content
27%
e-commerce
20%

Detected Features

Payment

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1178.211.133.32Madrid, Madrid, Spain
AS56958Raiola Networks S.L.
1142.250.186.67United States
AS15169GOOGLE
1142.250.181.234United States
AS15169GOOGLE
12a00:1450:4001:827::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
12a00:1450:4001:811::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
12a12:d280:100:32::Madrid, Madrid, Spain
AS56958Raiola Networks S.L.
66--

Detected Technologies2

PasswordField
100%
HTTP/3
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T187B1675666F304667A83A5786FB557122F21C103C10ACEA87E8C63D8CF81F8099F339C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:nexohNzY7Kp5tjmnryHwi/+bIiJiPjENC2qpPqd8I0q1fqv+GMb:exohNzY7Kp5tjmeHwi/+bIiJKjBLQJpl

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:5361:KFIgAgMqIRQgVKsAASE5AIAEAQWABAAAAKQJEEQAKjA3BpsRAAAAIzAJZIhiJsCUAKAFoAmAIFCkBAwGFAIIQKiACRJCIiIA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data