Security Scan Report: alturasmovers.com

Redirected to:
blob:https://dufan69.com/ebbfbb72-a63a-4990-8eeb-930ded493a88
Site favicon
Submitted: Jul 8, 2026, 3:02:32 AMCompleted: Jul 8, 2026, 3:03:51 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 3 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://alturasmovers.com/wp-includes/rest-api/yftxcjz/pgtwcjd/mtcbzjo/link.html

Effective URL: blob:https://dufan69.com/ebbfbb72-a63a-4990-8eeb-930ded493a88Redirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

The site impersonates Capital One, harvests credentials via multiple login forms, and is hosted on a compromised WordPress site; treat as high‑risk phishing.

Risk Factors
Brand impersonation of Capital One
Credential harvesting forms
Compromised WordPress paths (wp-includes, wp-admin, wp-content)
Unranked domain with no reputation
Blob redirect to unrelated domain
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(55%)

Domain Information

Domain 'alturasmovers.com' uses the commercial generic top-level domain (.com) while skipping any subdomain. The core label 'alturasmovers' covers 13 characters split between five vowels and 8 consonants. Breaking it apart gives two words: alturas, movers. Median word length is 6.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://alturasmovers.com/wp-includes/rest-api/yftxcjz/pgtwcjd/mtcbzjo/link.html

Page Load Overview

1.43s
Total Load Time
6
HTTP Requests
5
Domains
56 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,461 chars
Detector Agreement:67%

Website Classification

Primary Category

finance banking55% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
55%
government public service
40%
documentation technical
37%
corporate business
33%
adult content
31%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
338.134.148.246Clifton, New Jersey, United States
AS174Cogent Communications, LLC
3104.247.109.94United States
AS399883CodeforHost Inc
62--

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FE436536619341BADCB3CAC857EB2A463E849887E0C9D12477AC9AD44F838D5D47D3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:s7FSF3FuWFzF+fs8utovnh8utovWX9KTH+rCt1WtjL/plyA7qvE6mw:GQl0WxMTvCvPGCt1WtjLRlyA7q86mw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:59229:CEzEEbsOhAigV3oTBrQgMkQgLiA4NLahygRAqADA0CCGXEEwI3kEIEgKBkkDGiOAzH0BCi1DBBCoiCNwWAwRAI/cBiBoCWSI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fa5bde7c3ffcfff
Perceptual Hash:b3cbcc27639c8931
Difference Hash:e968704c4d2a2c00
Wavelet Hash:7f373c2c0424df00
Color Hash:#ac6253

Other Hashes

Crop Resistant:e968704c4d2a2c00

Scan History

Scan history not available

Unable to load historical scan data