ScanMalware.com

Security Scan Report: citadelai.lat

Redirected to: https://citadelai.lat/auth

Submitted: Mar 21, 2026, 6:07:52 AMCompleted: Mar 21, 2026, 6:09:02 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 10 HTTP transactions. The main domain is citadelai.lat and was registered NaN years ago.

Submitted URL: http://citadelai.lat/auth.html

Effective URL: https://citadelai.lat/authRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing site impersonating Google login on a brand‑new domain; avoid and report.

Risk Factors
New domain (<7 days) with credential‑harvesting login form
Brand impersonation of Google on an unranked domain
Potential credential harvesting
Domain age information unavailable

Details

Page Title

CITADEL — Autenticación Táctica

Scan Type

public

Language

🇪🇸

Spanish

(80% confidence)

Category

finance banking

(36%)

Domain Information

Within the .lat top-level domain, 'citadelai.lat' is registered without a subdomain. The core label 'citadelai' covers 9 characters with 5 vowels and 4 consonants. Segmentation suggests three words: citadel, a, i. The median word length lands at 1 character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://citadelai.lat/auth.html

Page Load Overview

1.53s
Total Load Time
13
HTTP Requests
4
Domains
2.9 MB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:es
Text Length:761 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking36% confidence
Type: static
Method: ml+structural

All Detected Categories

finance banking
36%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4104.16.174.226United States
AS13335Cloudflare, Inc.
3142.251.140.170United States
AS15169Google LLC
3142.251.37.3United States
AS15169Google LLC
3204.93.224.215Chicago, Illinois, United States
AS23352DEFT.COM
134--

Detected Technologies1

jsDelivr
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A0C2A46621770026F913A1647FAA9B4F3265D407D10EC92C7EEC229CCF8EAD99D5338C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:cJuBAbGcwL+JNIaxrUN6n1ePtXEugX8o/R6smiAl9McOXf5s1x8APG7ByuQs9I2a:cEAEsRj8zsXxPUgAmPhbS2Qt3EpE

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:26867:BCKALkHFWIgcZ4CoFAykOSaRDGvIAoMBAAIAwDgAJcmGbEFfuAcSBSSB6QqgACuoomCBJg2ciQlgCBmCMpEQKE8o0WGIClEA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00009e9e1cd40000
Perceptual Hash:dc0727f80b85fc07
Difference Hash:2070283070242030
Wavelet Hash:009cbefe3efe1c00
Color Hash:#d28279

Other Hashes

Crop Resistant:2070283070242030

Scan History

Scan history not available

Unable to load historical scan data