ScanMalware.com

Security Scan Report: btinternet-102492-update.square.site

Site favicon
Submitted: Nov 25, 2025, 11:41:27 PMCompleted: Nov 25, 2025, 11:45:03 PMpubliccompleted
Loading additional data...

Summary

This website contacted 13 IPs in 2 countries across 8 domains to perform 79 HTTP transactions. The main domain is btinternet-102492-update.square.site and was registered NaN years ago.

Submitted URL: https://btinternet-102492-update.square.site/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing site impersonating BT; contains hidden and disguised password fields.

Risk Factors
Disguised password field (type='text' with password placeholder)
Hidden password field
Unicode evasion technique in form fields
Brand impersonation/typosquatting of BT
Credential‑harvesting login form on suspicious domain
Domain age information unavailable

Details

Page Title

btinternet-102492-update.square.site

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

e-commerce shopping

(69%)

Domain Information

You're looking at domain 'btinternet-102492-update.square.site' on the .site top-level domain; it also runs on subdomain 'btinternet-102492-update'. The core label 'square' covers 6 characters containing three vowels alongside 3 consonants. Splitting it apart reveals 1 word: square. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://btinternet-102492-update.square.site/

Page Load Overview

0.99s
Total Load Time
79
HTTP Requests
8
Domains
1.8 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:443 chars
Detector Agreement:100%

Website Classification

Primary Category

e-commerce shopping69% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

e-commerce shopping
69%
technology software
33%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
54146.75.121.46Frankfurt am Main, Hesse, Germany
AS54113FASTLY
1574.115.51.5United States
AS27647WEEBLY
83.233.158.25Ashburn, Virginia, United States
AS14618AMAZON-AES
674.115.51.4United States
AS27647WEEBLY
63.233.158.26Ashburn, Virginia, United States
AS14618AMAZON-AES
63.233.158.24Ashburn, Virginia, United States
AS14618AMAZON-AES
62600:1f18:24e6:b901:fbdc:7182:a89c:6101Ashburn, Virginia, United States
AS14618AMAZON-AES
62600:1f18:24e6:b900:633c:1d50:cbd8:2a53Ashburn, Virginia, United States
AS14618AMAZON-AES
62a04:4e42:8e::302Frankfurt am Main, Hesse, Germany
AS54113FASTLY
62600:1f18:24e6:b902:b031:28ae:e5c:782bAshburn, Virginia, United States
AS14618AMAZON-AES
7913--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T165048F77329A063D86558498E057430D9F20B143B50AC9BC7ABCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:/fQho9PKBb9JsE9RHCbZgRjFtSBaw9QWgceIszc2bMy8Old6:AhoC9J395CbZgLtSL3gcrsQ2eA8

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:183804:AJQAWwC2EPSCjYIggYIFQJAQQFU9gQFBIapoUWAoQIfRAYZrhAgMYAVbYAYAM76JYkpEAYgKKREoIb4ELClIABUtCRIFCoAw

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff7f0703fffffefc
Perceptual Hash:9229d2a95e2d73d2
Difference Hash:c0c05a6660000004
Wavelet Hash:7f7f03010c0c0f0c
Color Hash:#2dd2a9

Other Hashes

Crop Resistant:c0c05a6660000004

Scan History

Scan history not available

Unable to load historical scan data