Security Scan Report: nlptu.top

Redirected to:
https://www.amazon.com/
Submitted: Apr 30, 2026, 9:48:18 PMCompleted: Apr 30, 2026, 9:49:51 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main domain is amazon.com and was registered NaN years ago.

Submitted URL: http://nlptu.top/

Effective URL: https://www.amazon.com/Redirected

AI Security Verdict

Moderate Risk

Confidence: 92%

5
Risk Score

The site impersonates Amazon using meta tags and redirects, with strong phishing indicators despite its age; avoid and report.

Risk Factors
Brand impersonation with domain mismatch
Unranked domain on a major brand name
Critical IDS alert for obfuscation
DevTools blocking
Redirects to legitimate site (potential lure)
Safety Factors
Domain age >30 years (well‑established)
No malicious Indicators of Compromise detected
No credential or payment forms present
No JavaScript malware YARA matches
Established domain (11502 days old) with no strong malicious indicators — risk clamped from 8 to 5
Domain age information unavailable

Details

Page Title

Amazon.com. Spend less. Smile more.

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

e-commerce shopping

(82%)

Domain Information

Within the .top top-level domain, 'nlptu.top' is registered while skipping any subdomain. Count 5 characters in 'nlptu' containing one vowel alongside four consonants. It segments into 2 words: nlp, tu. Median word length comes out to 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://nlptu.top/

Page Load Overview

1.29s
Total Load Time
445
HTTP Requests
51
Domains
4.4 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-us
Text Length:6,366 chars
Detector Agreement:80%

Website Classification

Primary Category

e-commerce shopping82% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

e-commerce shopping
82%
documentation technical
41%
technology software
33%
entertainment media
33%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
112192.166.225.80Netherlands
AS63023GTHost
11113.33.52.208New York, New York, United States
AS16509Amazon.com, Inc.
11118.172.112.16United States
AS16509Amazon.com, Inc.
111104.18.95.41United States
AS13335Cloudflare, Inc.
4454--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T16741828B6DF480411063AA678E63F21D1ED1D24F564AD9147E8EC1581F887578A877EC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:TmJ223o9LDrwuI3c83tWt6N2k+iwkfWzYdpoj:TmJG9TwuIM6tl2kIkfpvoj

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2006:ABICAgAEEAQAAAAAAAAABQAwgAAgAFQAAAAAEAAAAAAMAIAgAQACJAAEAJgCAAAAAggAIEAAAAAkBAQACCgAAAIAAAAAAAoA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:008dbdff9397fff7
Perceptual Hash:be51411e66d15e56
Difference Hash:8159716a67656065
Wavelet Hash:008999bf9381bfb3
Color Hash:#2d3686

Scan History

Scan history not available

Unable to load historical scan data