ScanMalware.com

Security Scan Report: dkbaktualisierungsicherheitsstandard.renscrone.nl

Submitted: Oct 31, 2025, 4:01:46 AMCompleted: Oct 31, 2025, 4:02:43 AMpubliccompleted
Loading additional data...

Summary

This website contacted 22 IPs in 3 countries across 6 domains to perform 16 HTTP transactions. The main domain is dkbaktualisierungsicherheitsstandard.renscrone.nl and was registered NaN years ago.

Submitted URL: https://dkbaktualisierungsicherheitsstandard.renscrone.nl/login/login.php

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing site impersonating DKB; high risk for credential theft.

Risk Factors
Brand impersonation on non‑official domain
Password login form collecting credentials
Unranked/low‑reputation domain claiming a major brand
Domain age information unavailable

Details

Page Title

DKB Banking

Scan Type

public

Language

🇩🇪

German

(50% confidence)

Category

finance banking

(60%)

Domain Information

Within the Dutch country-code top-level domain (.nl), 'dkbaktualisierungsicherheitsstandard.renscrone.nl' is registered and includes subdomain 'dkbaktualisierungsicherheitsstandard'. Its registrable label 'renscrone' stretches across 9 characters split between 3 vowels and six consonants. It segments into 2 words: rens, crone. Median word length comes out to 4.5 characters. 'res' most strongly signals Slovenian. Usage also turns up in Danish and Norwegian contexts.

Screenshot

Security scan screenshot of https://dkbaktualisierungsicherheitsstandard.renscrone.nl/login/login.php

Page Load Overview

36.14s
Total Load Time
16
HTTP Requests
6
Domains
274 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:50%
Script Type:Latin
Text Length:257 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking60% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
60%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16142.250.185.74United States
AS15169GOOGLE
0104.17.25.14United States
AS13335CLOUDFLARENET
0151.101.66.137San Francisco, California, United States
AS54113FASTLY
0142.250.185.195United States
AS15169GOOGLE
0185.94.230.178Netherlands
AS48635Your Hosting B.V.
0104.16.174.226United States
AS13335CLOUDFLARENET
02a00:1450:4001:827::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
02606:4700::6811:190eUnited States
AS13335CLOUDFLARENET
02a04:4e42:600::649United States
AS54113FASTLY
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
1622--

Detected Technologies4

PasswordField
100%
JQueryv3.7.1
100%
jsDelivr
20%
jQuery CDN
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F3915310B4F4647B118350B9BDA62A0EBE91D50BC40D890575BC5EDC2FC3EA7CDA3A1E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:5cGe9oNKWf6fjh18QmFVsMIEj6oZjhhtzEfw:SGe9oNKWuPmFOmj6oZjhhtzEfw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4420:AUAxAAUAABBQgIABAUGaCABAAgAAAkQBAAIAEAUxEhECCREHQAECAAJIEEBOMAACAJAgJgBGAEACYgACJIAQkAQAAwLGEAEA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffffe7e700ffff
Perceptual Hash:b3e2cc1de6e219c8
Difference Hash:9409284d4c380408
Wavelet Hash:74e4ece4e400f0f0
Color Hash:#bad22d

Other Hashes

Crop Resistant:8c102848304d4d30,0000000000000000,00100c32b2b20c30,04431a1a1a180800

Scan History

Scan history not available

Unable to load historical scan data