ScanMalware.com

Security Scan Report: sso--robinhood--com--cddn----autth.webflow.io

Site favicon
Submitted: Oct 26, 2025, 9:29:39 AMCompleted: Oct 26, 2025, 9:30:30 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 1 country across 3 domains to perform 8 HTTP transactions. The main domain is sso--robinhood--com--cddn----autth.webflow.io.

Submitted URL: https://sso--robinhood--com--cddn----autth.webflow.io/

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

Impersonates Robinhood login on untrusted, likely new domain – high risk phishing.

Risk Factors
Brand impersonation of Robinhood on non‑official domain
Untrusted, unranked domain with suspicious subdomain structure
Likely newly registered domain
Absence of visible login form despite login page appearance
Domain age information unavailable

Details

Page Title

Log In | Robinhood® - Sign In to Your Account

Scan Type

public

Language

🇺🇸

English

(71% confidence)

Category

corporate

(50%)

Domain Information

The domain 'sso--robinhood--com--cddn----autth.webflow.io' uses the British Indian Ocean Territory country-code top-level domain (.io) and includes subdomain 'sso--robinhood--com--cddn----autth'. The second-level label 'webflow' is 7 characters long with two vowels and 5 consonants. Splitting it apart reveals two words: web, flow. Median word length is 3.5 characters. 'web' is most common in Chinese (Pinyin) usage. Usage also turns up in English and Vietnamese contexts.

Screenshot

Security scan screenshot of https://sso--robinhood--com--cddn----autth.webflow.io/

Page Load Overview

8.36s
Total Load Time
8
HTTP Requests
3
Domains
830 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:71%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:71%
Script Type:Latin
Text Length:45 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate50% confidence
Type: static
Method: structural

All Detected Categories

corporate
50%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8172.64.151.8United States
AS13335CLOUDFLARENET
013.226.247.67United States
AS16509AMAZON-02
013.226.247.129United States
AS16509AMAZON-02
0104.18.160.117United States
AS13335CLOUDFLARENET
013.226.247.18United States
AS16509AMAZON-02
0104.18.36.248United States
AS13335CLOUDFLARENET
013.226.247.220United States
AS16509AMAZON-02
0104.18.161.117United States
AS13335CLOUDFLARENET
02606:4700::6812:a175United States
AS13335CLOUDFLARENET
02606:4700:440c::ac40:9708United States
AS13335CLOUDFLARENET
812--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14961542BE428841543814AECFA62B05C9647925EDDE0DC05ECF9D0DDB3B6DF548D226F

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:CxxlxO5xRcTP2qLTw/BillVRihtiXiTilzRwON1r:Cx3xMx2TP53wZQstE8ARwON1r

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3287:RAQkGIADAIAQEACCEAAIABAQpAUIgDDAAVgAEAABBIAALCJAQQAAAMAAEoEJAwABgAAAAggAAYgYSDAABQAAISQABCEAAACg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:d9003c3c3c191801
Perceptual Hash:8ae7282da2cca2f7
Difference Hash:3333f5e1e931b1cd
Wavelet Hash:d1197d3d3d191919
Color Hash:#403a78

Other Hashes

Crop Resistant:51850105050505a5,aa926c2b2b6482a2,3333f5e1e931b1cd

Scan History

Scan history not available

Unable to load historical scan data