ScanMalware.com

Security Scan Report: rbnhis.bmwwhealth.com

Redirected to:
blob:https://alliedvictoryng.com/4b3adf34-604f-4f5c-b8b2-b648fd493b78
Submitted: Nov 14, 2025, 2:16:57 PMCompleted: Nov 14, 2025, 2:17:55 PMpubliccompleted
Loading additional data...

Summary

This website contacted 23 IPs in 0 countries across 7 domains to perform 14 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://rbnhis.bmwwhealth.com/tmp/fid/vmo.html

Effective URL: blob:https://alliedvictoryng.com/4b3adf34-604f-4f5c-b8b2-b648fd493b78Redirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing site impersonating Fidelity using a blob URL and credential‑harvesting forms; avoid and report.

Risk Factors
Use of blob: URL scheme to hide content source
Brand impersonation of Fidelity on unrelated domain
Login form collecting passwords on suspicious site
Multiple redirects leading to blob URL
Unranked domain presenting a well‑known brand
Domain age information unavailable

Details

Page Title

Log in to Fidelity

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(68%)

Domain Information

Domain 'rbnhis.bmwwhealth.com' uses the commercial generic top-level domain (.com), featuring subdomain 'rbnhis'. The second-level label 'bmwwhealth' is 10 characters long containing 2 vowels alongside 8 consonants. Breaking it apart gives 3 words: bmw, w, health. Median word length is three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://rbnhis.bmwwhealth.com/tmp/fid/vmo.html

Page Load Overview

38.76s
Total Load Time
14
HTTP Requests
7
Domains
274 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,370 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking68% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
68%
documentation technical
56%
adult content
51%
government public service
48%
blog personal website
39%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
0104.17.25.14UnknownUnknown
0142.250.185.74UnknownUnknown
0151.101.194.137UnknownUnknown
027.254.173.114UnknownUnknown
0198.54.121.233UnknownUnknown
0151.101.2.137UnknownUnknown
0142.250.186.131UnknownUnknown
0142.250.181.234UnknownUnknown
02606:4700::6811:190eUnknownUnknown
0151.101.66.137UnknownUnknown
1423--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T16D93FA1242D550A564624BA65FEB27093D54E4F3FC4285A47EAC4FC08FCFA98B89B3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:9iOxAUk2tZhXNhwqe8tF9o62tF9o6ntF9o6N03lfSj4vHjQvKh0:dzDVNFJTOTtT5

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:93938:yAQORE+CYwAQShKwBJVpSWCE5EIIpRIwSQgCnwAIPHIEJWZAoJAHhAcVCAhxKAgBAgBkGtAQBBBBPZzegMVAIIQkbAEOWJJE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data