ScanMalware.com

Security Scan Report: xiidpdyyy22.on-forge.com

Submitted: May 8, 2026, 10:02:18 PMCompleted: May 8, 2026, 10:03:39 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 45 HTTP transactions. The main domain is xiidpdyyy22.on-forge.com and was registered NaN years ago.

Submitted URL: https://xiidpdyyy22.on-forge.com/Ma0cHelpSh0errc0de030/index.html?Anph=1-888-550-9330&_event=f034c7da2931587309f6e0d027bea4d5

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

The site impersonates Apple, harvests credentials via a hidden password field, and shows critical malware/C2 alerts – confirmed phishing scam.

Risk Factors
Unranked domain claiming major brand
Disguised password field (phishing technique)
Unicode/confusing characters in form fields
Critical IDS alerts indicating malware/C2 activity
Highly obfuscated JavaScript
Domain age information unavailable

Details

Page Title

1491_Security center

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(65%)

Domain Information

You're looking at domain 'xiidpdyyy22.on-forge.com' on the commercial generic top-level domain (.com) with subdomain 'xiidpdyyy22'. The registrable portion 'on-forge' spans 8 characters holding three vowels versus 4 consonants, notching 1 hyphen. Tokenizing the label suggests 2 words: on, forge. Expect 3.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://xiidpdyyy22.on-forge.com/Ma0cHelpSh0errc0de030/index.html?Anph=1-888-550-9330&_event=f034c7da2931587309f6e0d027bea4d5

Page Load Overview

7.67s
Total Load Time
45
HTTP Requests
4
Domains
1.9 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,539 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software65% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
65%
documentation technical
52%
social media network
52%
government public service
50%
phishing scam
45%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1077.235.50.163Netherlands
AS60781LeaseWeb Netherlands B.V.
7104.18.11.251United States
AS13335Cloudflare, Inc.
7195.177.94.253Marseille, Provence-Alpes-Côte d'Azur, France
AS214961Stellar Group SAS
7104.18.10.251United States
AS13335Cloudflare, Inc.
7172.66.175.107United States
AS13335Cloudflare, Inc.
777.235.50.164Netherlands
AS60781LeaseWeb Netherlands B.V.
456--

Detected Technologies4

Cloudflare Bot Management
55%
Cloudflare
40%
jQuery
20%
Publytics
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T146E26220AFFE5013816350C96BA7AB4E3E619103B506CA0477DC47A1BFDFD9F890B699

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:2QIixi9iYiuiFAFpZxpZuoGQNGffkhG4ghzGUKnA7Meigji3YOC0znx/3:Fl4s1/CFtNGQSfkhKhYgGVx/3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:32129:ISgUQkQEMVkKJEkjAgL6ABlTlSSKnZwBBkQaAiAAiACQx4gEmCScSfIiEBgSZAkaBvHEQoZJM2tQMoDokKIwQkiSRoQE1AES

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00c3ffffffffc3c1
Perceptual Hash:e124700f5c1fce1f
Difference Hash:960f06d5574b0f17
Wavelet Hash:00c3fbfbfba98180
Color Hash:#d22dba

Other Hashes

Crop Resistant:970f36d5574b0f17,b4f4cceeeae6e667,6896169696170f4e,0f5b4e8c245b93b3

Scan History

Scan history not available

Unable to load historical scan data