news media journalism

government public service

finance banking

phishing scam

documentation technical

English

The domain name 'vanatus.surge.sh' uses the .sh country-code top-level domain with subdomain 'vanatus'. The core label 'surge' covers 5 characters containing two vowels alongside three consonants. Segmentation suggests one word: surge. Median word length is 5 characters. 'surge' is most common in Portuguese usage. You may catch it in Portuguese (Brazil) and English as well.

micro

country

city

mini

html/77/07/77073996-a8b6-486e-9601-bc03ddf00fdf.html.gz

require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr

require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes

a668cba536134537cf98d3aea52d9e02f4692216b2684b5fc2c62a91bfc681b1

description

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

Abuse

Admin

Cloudflare-NOC

Cloudflare, Inc.

CLOUDFLARENET


    const bdy = document.querySelector(".t__ree");
    const emailInTheURL = window.location.href;
    const sliceEqualSign = emailInTheURL.indexOf("@");
    const extracetdEmail = emailInTheURL.subs

Script

PasswordField

Login Verify Bot

✅ Low Risk - https://vanatus.surge.sh/?admin=ckennedy@infomanagerinc.com

Requests	IP Address	Location	AS Autonomous System
10	104.21.39.75	United States	AS13335CLOUDFLARENET
0	138.68.112.220	Frankfurt am Main, Hesse, Germany	AS14061DIGITALOCEAN-ASN
0	142.250.185.99	United States	AS15169GOOGLE
0	104.20.44.30	United States	AS13335CLOUDFLARENET
0	65.9.175.126	United States	AS16509AMAZON-02
0	216.58.206.42	United States	AS15169GOOGLE
0	2a00:1450:4001:830::2003	Frankfurt am Main, Hesse, Germany	AS15169GOOGLE
0	2606:4700:3035::ac43:8fa9	United States	AS13335CLOUDFLARENET
0	65.9.175.49	United States	AS16509AMAZON-02
0	142.250.185.74	United States	AS15169GOOGLE
10	19	-	-

Security Scan Report: vanatus.surge.sh

Summary

AI Security Verdict

High Risk

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History