ScanMalware.com

Security Scan Report: mohaaeinfra.com

Redirected to:
https://phptc.org/de/sparkasse/auth/plz.php
Site favicon
Submitted: Oct 11, 2025, 1:09:59 PMCompleted: Oct 11, 2025, 1:11:03 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main domain is phptc.org.

Submitted URL: https://mohaaeinfra.com/de/click.php

Effective URL: https://phptc.org/de/sparkasse/auth/plz.phpRedirected

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Site mimics Sparkasse on an unranked domain with suspicious redirects – likely phishing.

Risk Factors
Brand impersonation (Sparkasse) on an unranked, unrelated domain
Suspicious redirect from a non‑trusted domain
Unranked domain lacking reputation
Potential collection of personal data on a phishing‑styled page
Domain age information unavailable

Details

Page Title

Ihre Sparkasse vor Ort

Scan Type

public

Language

🇩🇪

German

(50% confidence)

Category

finance banking

(72%)

Domain Information

Within the commercial generic top-level domain (.com), 'mohaaeinfra.com' is registered while skipping any subdomain. The registrable portion 'mohaaeinfra' spans 11 characters split between six vowels and 5 consonants. Splitting it apart reveals five words: moh, a, a, e, infra. Median word length comes out to 1 character. 'a' most often appears in Hungarian. You will also see it in Italian and Galician contexts. Taken together, it feels Hungarian.

Screenshot

Security scan screenshot of https://mohaaeinfra.com/de/click.php

Page Load Overview

31.34s
Total Load Time
10
HTTP Requests
3
Domains
44 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:de
Text Length:421 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking72% confidence
Type: static
Method: ml+structural

All Detected Categories

finance banking
72%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2184.168.106.27Singapore, Singapore
AS26496AS-26496-GO-DADDY-COM-LLC
2185.15.59.240United States
AS14907WIKIMEDIA
2107.180.115.196United States
AS398101GO-DADDY-COM-LLC
22a02:ec80:300:ed1a::2:bUnited States
AS14907WIKIMEDIA
104--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10441DD1180F790B7417281D1A9AA0F1B2DC1A77BE6DB054036FE47D81FDDD82E807524

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24:bCLSwrTdpuLGt2Kj3+wnikAugPhT7gyCvATCJLWFznVgF0Hj:oSAT/uLGtPj3Mk4P97TCvt5WtVV

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2014:IAAFCAgADAOIAAAEIAAAAFAQAAAAAAIAAAhBAAACACgAQAAEAkAAAQkAAARQAgIAAABABECAAEAACBAAARgGEAEACEAAAACg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data