Security Scan Report: www.sancandido.eu

Redirected to:
https://www.sancandido.eu/de
Site favicon
Submitted: May 28, 2026, 1:22:23 AMCompleted: May 28, 2026, 1:23:21 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main domain is sancandido.eu.

Submitted URL: https://www.sancandido.eu

Effective URL: https://www.sancandido.eu/deRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

The site pretends to be the official Innichen municipality, harvests credentials via a hidden password field and cross‑origin form; classified as a confirmed phishing scam.

Risk Factors
Brand impersonation (brand name does not match domain)
Hidden password field
Cross‑origin credential submission
Unranked domain
Credential collection form
Domain age information unavailable

Details

Page Title

Marktgemeinde Innichen - Startseite

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

government public service

(98%)

Domain Information

The domain 'www.sancandido.eu' uses the .eu country-code top-level domain; it also runs on subdomain 'www'. The core label 'sancandido' covers 10 characters with 4 vowels and 6 consonants. Tokenizing the label suggests 2 words: san, candido. Median word length comes out to five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.sancandido.eu

Page Load Overview

3.43s
Total Load Time
112
HTTP Requests
4
Domains
2.0 MB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:6,785 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service98% confidence
Type: spa
Method: ml+structural

All Detected Categories

government public service
98%
travel tourism
31%
education learning
26%

Detected Features

Login Form
Search
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
38185.111.111.156Frankfurt am Main, Hesse, Germany
AS212238Datacamp Limited
3752.155.171.125Dublin, Leinster, Ireland
AS8075Microsoft Corporation
3720.107.132.93Dublin, Leinster, Ireland
AS8075Microsoft Corporation
1123--

Detected Technologies5

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T102D3F73095FA443B113392E8B424EF98B992E63BD3670501F6FD47815FD3E828E166AD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:Sjv/SV21Sp6n30/H5mbwJiOsSu2XS8crwdcHfNM120MdVqDcYHyw0sDSgHO1DzIn:SjvTnLYH0sDeY

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:135456:pQJBcOIGsAMUEAoUywpETADCJFOwY5JJJyAOgUCdRgAFQiUATYFBZSQDkZgE0IINBCDSsjFAIloFxmFEI0IXIACVKJYPgJoA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000003f0010fbf3
Perceptual Hash:ee11ec5c91ab3469
Difference Hash:ccc5c9f871252323
Wavelet Hash:000f007f10f1fff7
Color Hash:#ac9353

Scan History

Scan history not available

Unable to load historical scan data