ScanMalware.com

Security Scan Report: ev.indianexpress.com

Redirected to:
https://ev.indianexpress.com/console/login.html?redirect=https://ev.in...
Submitted: May 4, 2026, 9:06:51 AMCompleted: May 4, 2026, 9:08:48 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 44 HTTP transactions. The main domain is ev.indianexpress.com and was registered NaN years ago.

Submitted URL: https://ev.indianexpress.com

Effective URL: https://ev.indianexpress.com/console/login.html?redirect=https://ev.indianexpress.com/console/Redirected

The Cisco Umbrella rank of the primary domain is #71,503 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 82%

5
Risk Score

The page runs a credential‑harvesting login form with JavaScript exfiltrating data, indicating a high‑risk phishing attempt despite the reputable domain.

Risk Factors
Credential exfiltration to external server
Password‑only field indicating harvesting
High JavaScript obfuscation and dynamic code generation
Potential brand impersonation of Indian Express
Safety Factors
Domain age > 20 years (8749 days)
Cisco Umbrella ranking within top 100K (71,503)
Hosted on established main domain indianexpress.com
No malicious Indicators of Compromise or IDS alerts
Established domain (8749 days old) with no strong malicious indicators — risk clamped from 8 to 5
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(70% confidence)

Category

news media journalism

(43%)

Domain Information

The domain name 'ev.indianexpress.com' uses the commercial generic top-level domain (.com) and includes subdomain 'ev'. Count 13 characters in 'indianexpress' holding 5 vowels versus 8 consonants. Word splitting yields two words: indian, express. Median word length comes out to 6.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ev.indianexpress.com

Page Load Overview

4.44s
Total Load Time
52
HTTP Requests
2
Domains
1.9 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:70%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:70%
Script Type:Latin
Text Length:52 chars
Detector Agreement:100%

Website Classification

Primary Category

news media journalism43% confidence
Type: static
Method: ml+structural

All Detected Categories

news media journalism
43%
government public service
38%
healthcare medical
37%
adult content
34%
cryptocurrency blockchain
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2654.171.126.188Dublin, Leinster, Ireland
AS16509Amazon.com, Inc.
26192.178.183.94United States
AS15169Google LLC
522--

Detected Technologies3

Amazon Web Services
50%
Amazon ELB
40%
AngularJS
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DC91A72514F518772287A4988ED709047CFDCA635185DF083EBC87586FE1F9F862B1AA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:KPd7BBg+XACq0dwirrBolOS9z/WA9dWgOGA:KPd1++wTpirVolOS9z/WA9dWiA

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4354:AAIAAAEBRChGoRCEgBQAiJB2ESAIAQApAgFRIIg4AAAAAeQUCQoAQYAglBEIIwGFAAUIAAACAABAAYCIYIgQJAAhCAAJAAAB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:f0f0f0f0f2f0f0f0
Perceptual Hash:e6694a96b4494bb6
Difference Hash:4506464644440444
Wavelet Hash:f0f0f0f0f0f0f0f0
Color Hash:#ac537a

Other Hashes

Crop Resistant:000018161e180010,f9f8f0e0e0e0c0c9,f23aded8f8f2f0f0

Scan History

Scan history not available

Unable to load historical scan data