ScanMalware.com

Security Scan Report: kriyatx.ziphq.com

Redirected to:
https://kriyatx.ziphq.com/login
Submitted: May 19, 2026, 1:11:26 AMCompleted: May 19, 2026, 1:13:31 AMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 35 HTTP transactions. The main domain is kriyatx.ziphq.com and was registered NaN years ago.

Submitted URL: https://kriyatx.ziphq.com

Effective URL: https://kriyatx.ziphq.com/loginRedirected

The Cisco Umbrella rank of the primary domain is #153,401 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

The site hosts a login form, shows critical malware alerts, and uses a low‑ranked domain to impersonate the Zip brand – avoid interaction and report.

Risk Factors
Credential collection on a low‑ranking domain
Critical IDS alerts for malware data exfiltration
Potential command‑and‑control beacon
High JavaScript obfuscation score
Brand name "Zip" used on a subdomain with poor reputation
Domain age information unavailable

Details

Page Title

Zip - Modern Spend Approvals

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(87%)

Domain Information

Domain 'kriyatx.ziphq.com' uses the commercial generic top-level domain (.com) with subdomain 'kriyatx'. The second-level label 'ziphq' is 5 characters long split between one vowel and four consonants. It segments into two words: zip, hq. Expect 2.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://kriyatx.ziphq.com

Page Load Overview

54.49s
Total Load Time
52
HTTP Requests
15
Domains
447 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software87% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
87%
documentation technical
52%
government public service
42%
finance banking
31%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1235.190.88.7United States
AS396982Google LLC
43.233.158.112Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
4146.75.121.55Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
434.206.34.220Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
4172.66.40.64United States
AS13335Cloudflare, Inc.
4172.66.43.192United States
AS13335Cloudflare, Inc.
4104.16.80.73United States
AS13335Cloudflare, Inc.
4142.251.127.84United States
AS15169Google LLC
43.174.47.131United States
AS16509Amazon.com, Inc.
452.92.155.113Boardman, Oregon, United States
AS16509Amazon.com, Inc.
5211--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14B33953A8432E82C429FB4E8D495BFD0D60393278A065BF0F28C51BCDBC4A9C66DB755

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:BVxZW+WzZbWGPZyW3PPoENM9n9rxwxfxjUkn+a+g16US2OZGeQ5fJumUnlSifV8t:BVbEiVuhJUra+3l2u1QtJultlH02aF

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:51250:wkYCAIigBRCN4FFCQqRAQQBTAAgIBooQCgAS1GAhWFgRGglIDh2lNARJDhooNAW8gCDhRmbH2oaMAggSQgEgGutiA4Aol4YA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:07031f1f1f1f1f1f
Perceptual Hash:8c59f3e2f1ccc2c8
Difference Hash:ff7ff3f3f3ebfbff
Wavelet Hash:07011b1f1f1f1f0f
Color Hash:#c58887

Other Hashes

Crop Resistant:ff7ff3f3f3ebfbff,7ffcf8f8fcfafeff

Scan History

Scan history not available

Unable to load historical scan data