ScanMalware.com

Security Scan Report: dampf-und-dorftheater.de

Redirected to: https://www.ahestekaravan.com/ionos/ionos-login.php

Site favicon
Submitted: Oct 17, 2025, 7:10:36 AMCompleted: Oct 17, 2025, 7:12:15 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 18 HTTP transactions. The main domain is ahestekaravan.com.

Submitted URL: https://dampf-und-dorftheater.de/tester/red.php

Effective URL: https://www.ahestekaravan.com/ionos/ionos-login.phpRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing site impersonating IONOS, high confidence of scam

Risk Factors
Credential harvesting form on suspicious domain
Brand impersonation (IONOS) on non‑official domain
New/unranked domain with no reputation
Google Safe Browsing social engineering detection
Multiple redirects and domain change
Domain age information unavailable

Details

Page Title

Anmelden - IONOS

Scan Type

public

Language

🇩🇪

German

(50% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'dampf-und-dorftheater.de' on the German country-code top-level domain (.de) while skipping any subdomain. The core label 'dampf-und-dorftheater' covers 21 characters holding 6 vowels versus 13 consonants, along with 2 hyphens. Tokenizing the label suggests five words: damp, f, und, dorf, theater. Median word length comes out to 4 characters. 'dampf' is most common in German usage. Secondary signals appear in English and Chinese (Pinyin).

Screenshot

Security scan screenshot of https://dampf-und-dorftheater.de/tester/red.php

Page Load Overview

78.15s
Total Load Time
18
HTTP Requests
6
Domains
N/A
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:de
Text Length:414 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4213.165.66.58Germany
AS8560IONOS SE
2217.160.86.74Germany
AS8560IONOS SE
274.208.255.181United States
AS8560IONOS SE
2217.160.86.61Germany
AS8560IONOS SE
2188.114.96.3United States
AS13335CLOUDFLARENET
2188.114.97.3United States
AS13335CLOUDFLARENET
22a06:98c1:3121::3United States
AS13335CLOUDFLARENET
22a06:98c1:3120::3United States
AS13335CLOUDFLARENET
188--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15FE2E71111F40A3B174790B433A7AB157B60D007A909A88077FD42998FDECA6D5BB7BF

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:8aq35ieyKN7xY8jpsy3SlsNoCDqGLhQC9r3:FGjfauDqGLqEj

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:32028:iSFhPADpFiEAIYAxqKAZJ0IBBhNGB4AgqiJNoohhgh85kouAxQPkAAEMAwp0UcQCQEUVLAgWQJBA0vAA0C1CAEAAJ9AFMQSE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:cf87333b7b7b7b7b
Perceptual Hash:ad3632d1c1c1cfc6
Difference Hash:9a2d66d6d2d2d2d2
Wavelet Hash:068303333b7b7b3a
Color Hash:#c5a687

Other Hashes

Crop Resistant:9a2d66d6d2d2d2d2,71c0b2a28200a2a2,8e3361d4d4d4d4d4

Scan History

Scan history not available

Unable to load historical scan data