ScanMalware.com

Security Scan Report: info-usersecure.serveousercontent.com

Redirected to: https://info-usersecure.serveousercontent.com/DE/user.html

Submitted: Mar 16, 2026, 2:08:57 PMCompleted: Mar 16, 2026, 2:10:08 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main domain is info-usersecure.serveousercontent.com and was registered NaN years ago.

Submitted URL: http://info-usersecure.serveousercontent.com/DE/user.html

Effective URL: https://info-usersecure.serveousercontent.com/DE/user.htmlRedirected

AI Security Verdict

Confirmed Scam

Confidence: 93%

10
Risk Score

Phishing page impersonating PayPal with credential‑stealing form; avoid and report.

Risk Factors
Brand impersonation (PayPal) on a non‑official domain
Credential‑harvesting login form
Google Safe Browsing social‑engineering detection
New domain (<180 days) with no reputation
Unranked domain in Cisco Umbrella
Domain age information unavailable

Details

Page Title

Loggen Sie sich bei PayPaI ein

Scan Type

public

Language

🇮🇹

Italian

(80% confidence)

Category

finance banking

(50%)

Domain Information

Domain 'info-usersecure.serveousercontent.com' uses the commercial generic top-level domain (.com), featuring subdomain 'info-usersecure'. Count 17 characters in 'serveousercontent' holding seven vowels versus ten consonants. Tokenizing the label suggests 4 words: serve, o, user, content. Median word length is 4.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://info-usersecure.serveousercontent.com/DE/user.html

Page Load Overview

0.91s
Total Load Time
11
HTTP Requests
3
Domains
33 KB
Total Size

Language Analysis

Primary Language

🇮🇹Italian
Code: it
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:it
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:it
Text Length:314 chars
Detector Agreement:50%

Website Classification

Primary Category

finance banking50% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
50%
adult content
30%
technology software
25%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
55.255.123.12Dronten, Flevoland, Netherlands
AS60404The Infrastructure Group B.V.
3216.58.206.74United States
AS15169Google LLC
3104.18.34.93United States
AS13335Cloudflare, Inc.
113--

Detected Technologies5

PasswordField
100%
Modernizrv2.6.1
100%
JQueryv3.6.1
100%
PayPal
20%
Google Hosted Libraries
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14DC1952514F9A823A203D0A476E1B9067BA6D50BCD0DC90079FC8AED1FD3ED78D97059

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:QbrNxdVw/sYTJgC1rTqXLO+EWeraMHQsuXuemdI+toZVQqzqwsyx3h:QbrN7esOJgC13qXLO+qrbcu7I+aZP2o/

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:5987:ChkELAgAARBAmCQCwxQogoAECuKAFQEEAgKKgQg0IzQMQoARwSIxAEZQCAhGIWWhKEqQBCiAAkUyAFIYCAAhIjBJDEYMUAAB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fee6fee6e6fefeff
Perceptual Hash:f7738ccc22738c8c
Difference Hash:000c104c0c000800
Wavelet Hash:2626262606063e3e
Color Hash:#65931f

Other Hashes

Crop Resistant:000c104c0c000800

Scan History

Scan history not available

Unable to load historical scan data