ScanMalware.com

Security Scan Report: info-usersecure.serveousercontent.com

Redirected to: https://info-usersecure.serveousercontent.com/IT+Phone/user.html

Submitted: Mar 17, 2026, 8:48:04 AMCompleted: Mar 17, 2026, 8:49:22 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 1 HTTP transaction. The main domain is info-usersecure.serveousercontent.com and was registered NaN years ago.

Submitted URL: http://info-usersecure.serveousercontent.com/IT+Phone/user.html

Effective URL: https://info-usersecure.serveousercontent.com/IT+Phone/user.htmlRedirected

AI Security Verdict

High Risk

Confidence: 93%

7
Risk Score

Phishing page impersonating PayPal with credential‑stealing form; do not enter any data.

Risk Factors
Brand impersonation (PayPal) on a non‑PayPal domain
Credential harvesting form with password field
Google Safe Browsing phishing detection
Domain age <180 days (new domain)
Unranked domain (low reputation)
Domain age information unavailable

Details

Page Title

Accedi a PayPal

Scan Type

public

Language

🇮🇹

Italian

(80% confidence)

Category

finance banking

(28%)

Domain Information

The domain 'info-usersecure.serveousercontent.com' uses the commercial generic top-level domain (.com), featuring subdomain 'info-usersecure'. The registrable portion 'serveousercontent' spans 17 characters containing seven vowels alongside ten consonants. Segmentation suggests four words: serve, o, user, content. Expect 4.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://info-usersecure.serveousercontent.com/IT+Phone/user.html

Page Load Overview

10.94s
Total Load Time
11
HTTP Requests
3
Domains
109 KB
Total Size

Language Analysis

Primary Language

🇮🇹Italian
Code: it
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:it
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:it
Text Length:297 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking28% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
28%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5104.18.34.93Germany
AS15169
35.255.123.12Dronten, Flevoland, Netherlands
AS60404The Infrastructure Group B.V.
3142.251.141.106United States
AS60404
113--

Detected Technologies5

PasswordField
100%
Modernizrv2.6.1
100%
JQueryv3.6.1
100%
PayPal
20%
Google Hosted Libraries
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T102C1A52524F9A823A243D0A476E1B90A7AA6D50BCD0DC80079FC8AED1FD3ED78D9705D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:QArNxdVw/sYTJgC1rTqXLO+EWeraMHQsuXuemdI+tYZlQqhMJxah:QArN7esOJgC13qXLO+qrbcu7I++Z/h40

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:5970:cxAaGCRQDUFkAIAAkAoU0kZBKABAAEjAJwLhgBTJIAVKUmAAhEhJgQQIEAIkAJgCABJFIQAYoMcAkDBBoBsK6AABMSAUKKSN

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fee6fee6e6fefeff
Perceptual Hash:f7738ccc22338ccc
Difference Hash:000c104c0c000800
Wavelet Hash:0606262626263232
Color Hash:#25931f

Other Hashes

Crop Resistant:000c104c0c000800

Scan History

Scan history not available

Unable to load historical scan data