ScanMalware.com

Security Scan Report: apoteket.imagevault.app

Redirected to: https://apoteket.imagevault.app/Account/Login?ReturnUrl=%2F

Submitted: Dec 6, 2025, 1:57:33 AMCompleted: Dec 6, 2025, 1:58:45 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main domain is apoteket.imagevault.app and was registered NaN years ago.

Submitted URL: https://apoteket.imagevault.app/

Effective URL: https://apoteket.imagevault.app/Account/Login?ReturnUrl=%2FRedirected

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Phishing login page impersonating Apoteket on an untrusted domain.

Risk Factors
Brand impersonation on an unranked domain
Login form collecting credentials on a suspicious subdomain
Hidden password field indicating possible obfuscation
Domain age information unavailable

Details

Page Title

Login

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

suspicious phishing

(32%)

Domain Information

Domain 'apoteket.imagevault.app' uses the application-focused generic top-level domain (.app) with subdomain 'apoteket'. The core label 'imagevault' covers 10 characters containing 5 vowels alongside 5 consonants. It segments into 2 words: image, vault. Average segment length settles at five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://apoteket.imagevault.app/

Page Load Overview

0.45s
Total Load Time
13
HTTP Requests
3
Domains
941 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:53 chars
Detector Agreement:100%

Website Classification

Primary Category

suspicious phishing32% confidence
Type: webapp
Method: ml+structural

All Detected Categories

suspicious phishing
32%
other
29%
legitimate website
26%
social_media
25%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1020.50.2.45Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
2142.250.186.138United States
AS15169GOOGLE
22a00:1450:4001:82b::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
22a00:1450:4001:81c::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
1172.217.18.3United States
AS15169GOOGLE
135--

Detected Technologies2

X-UA-Compatible
100%
PasswordField
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14451311184F04815195185A27CD198293DDAF70B830A4D08F1FC0EFA5FB3EC79B6B58A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24:naUYCfBWWWM/uEhALJe5pDV4NOHu0sQaj/Qp7isKm+0qMxvfnqDVm9OyuRk2jD/d:npWWWBTjNOHaQJHeip2jE0EGt

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2529:EAAAhAwAIACACAIAABBgQAAAAAAAAEAQAmAEABAEEQACAAAIBmIABAACBCgABAAAQBCFAAgQQCEBEAAYAAAAABEEAEAgwIkA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:2200189818990822
Perceptual Hash:dd30278dcd73a590
Difference Hash:c6a5b432b2735ad6
Wavelet Hash:6f191898dbb8087f
Color Hash:#483a78

Other Hashes

Crop Resistant:c6a5b432b2735ad6

Scan History

Scan history not available

Unable to load historical scan data