ScanMalware.com

Security Scan Report: href.li

Redirected to:
https://servicecentre.latitudefinancial.com.au/login?migration=true&ge...
Site favicon
Submitted: May 16, 2026, 5:18:25 AMCompleted: May 16, 2026, 5:20:19 AMpubliccompleted
Loading additional data...

Summary

This website contacted 26 IPs in 2 countries across 20 domains to perform 68 HTTP transactions. The main domain is servicecentre.latitudefinancial.com.au.

Submitted URL: https://href.li/?https://servicecentre.latitudefinancial.com.au/login?migration=true&gemid2=lfs-web&gemid2=lfs-web%3Ahome%3Ahome%3Aheader&_gl=1*13ijgge*_gcl_au*MTYwMDMwMDQ2Ni4xNzc4MTI3MjM2*_ga*MTY1NjM2MjU1LjE3NzgxMjcyMzU.*_ga_HN02VX7PXM*czE3NzgxNDE2MTckbzQkZzEkdDE3NzgxNDE2NDgkajI5JGwwJGgw*_ga_VZY6JWYT4Y*czE3NzgxNDE2MTgkbzQkZzEkdDE3NzgxNDE2NDgkajMwJGwwJGgw

Effective URL: https://servicecentre.latitudefinancial.com.au/login?migration=true&gemid2=lfs-web&gemid2=lfs-web%3Ahome%3Ahome%3Aheader&_gl=1*13ijgge*_gcl_au*MTYwMDMwMDQ2Ni4xNzc4MTI3MjM2*_ga*MTY1NjM2MjU1LjE3NzgxMjcyMzU.*_ga_HN02VX7PXM*czE3NzgxNDE2MTckbzQkZzEkdDE3NzgxNDE2NDgkajI5JGwwJGgw*_ga_VZY6JWYT4Y*czE3NzgxNDE2MTgkbzQkZzEkdDE3NzgxNDE2NDgkajMwJGwwJGgwRedirected

The Cisco Umbrella rank of the primary domain is #129,868 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 88%

7
Risk Score

Site shows strong malware indicators despite a legitimate‑looking final domain; avoid and report.

Risk Factors
Critical IDS alerts indicating malware activity
Highly obfuscated JavaScript
Unranked/low‑rank domain impersonating a well‑known brand
Use of a redirect service (href.li) to hide the true destination
External network calls to suspicious messenger service
Domain age information unavailable

Details

Page Title

Latitude Service Centre

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(48%)

Domain Information

The domain 'href.li' uses the .li country-code top-level domain while skipping any subdomain. The second-level label 'href' is 4 characters long split between 1 vowel and three consonants. Tokenizing the label suggests one word: href. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://href.li/?https://servicecentre.latitudefinancial.com.au/login?migration=true&gemid2=lfs-web&gemid2=lfs-web%3Ahome%3Ahome%3Aheader&_gl=1*13ijgge*_gcl_au*MTYwMDMwMDQ2Ni4xNzc4MTI3MjM2*_ga*MTY1NjM2MjU1LjE3NzgxMjcyMzU.*_ga_HN02VX7PXM*czE3NzgxNDE2MTckbzQkZzEkdDE3NzgxNDE2NDgkajI5JGwwJGgw*_ga_VZY6JWYT4Y*czE3NzgxNDE2MTgkbzQkZzEkdDE3NzgxNDE2NDgkajMwJGwwJGgw

Page Load Overview

4.02s
Total Load Time
68
HTTP Requests
20
Domains
2.8 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,828 chars
Detector Agreement:75%

Website Classification

Primary Category

finance banking48% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
48%
technology software
45%
documentation technical
34%
government public service
31%
adult content
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
18157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
2142.250.154.97United States
AS15169Google LLC
23.233.158.26Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
2104.18.0.22United States
AS13335Cloudflare, Inc.
299.84.152.13United States
AS16509Amazon.com, Inc.
2157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
2192.0.78.27San Francisco, California, United States
AS2635Automattic, Inc
2143.204.181.43United States
AS16509Amazon.com, Inc.
2104.18.1.22United States
AS13335Cloudflare, Inc.
23.233.158.24Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
6826--

Detected Technologies6

X-UA-Compatible
100%
HSTS
40%
Google Analytics
35%
Unpkg
20%
Tealium
20%
Facebook Pixel
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T106F25EA6664838316D171FC0B42DAB17B1AF506EEEF7CED4C3F8496627E6D998847C00

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:5QgQrQNlX2tDbvazfDYGFcHg7RZeXT9eO97u6Jhe7+7m72BBjrm+EJxlGYg3bhVO:2gBr4V7u6JhgAYihbujeYR

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:35853:sbIQIEgZERGWIGgCM6QAsIIkEEO6wUaQxilh7AFgEwBRqQvIqAAUnCHASGCUIzgi6IRQQAA0cCJtgUCQGiKqtEHABSIMQcCE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:000c0e0e0e21ffff
Perceptual Hash:92126d6ded6de812
Difference Hash:03ccccdcdc43c5c5
Wavelet Hash:000c0e0e0e73ffff
Color Hash:#aa40bf

Other Hashes

Crop Resistant:03ccccdcdc43c5c5,888aa2c0ae2b8caa,33ccccccdc4c43c5

Scan History

Scan history not available

Unable to load historical scan data