ScanMalware.com

Security Scan Report: snip.ly

Redirected to:
https://clientecorreoesp.sviluppo.host/paque/auth/?utm_source=sniply&u...
Submitted: Oct 25, 2025, 11:56:05 PMCompleted: Oct 25, 2025, 11:58:46 PMpubliccompleted
Loading additional data...

Summary

This website contacted 17 IPs in 3 countries across 5 domains to perform 37 HTTP transactions. The main domain is clientecorreoesp.sviluppo.host and was registered NaN years ago.

Submitted URL: https://snip.ly/oficina-correos

Effective URL: https://clientecorreoesp.sviluppo.host/paque/auth/?utm_source=sniply&utm_campaign=sniply&utm_medium=sniplyRedirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing page impersonating Correos; do not provide any personal information.

Risk Factors
Brand impersonation of Correos on unranked domains
Suspicious redirect chain from a URL shortener to an unrelated host
Mismatch between displayed brand (Correos) and final URL domain (sviluppo.host)
Use of urgent language to prompt user action without authentication
Domain age information unavailable

Details

Page Title

2M - الرئيسية

Scan Type

public

Language

🇪🇸

Spanish

(50% confidence)

Category

government public service

(59%)

Domain Information

Domain 'snip.ly' uses the Libyan country-code top-level domain (.ly) with no subdomain. The core label 'snip' covers 4 characters split between 1 vowel and three consonants. Segmentation suggests 1 word: snip. 'snip' most often appears in Afrikaans. Secondary signals appear in Sinhala and English.

Screenshot

Security scan screenshot of https://snip.ly/oficina-correos

Page Load Overview

1.05s
Total Load Time
37
HTTP Requests
5
Domains
429 KB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:50%
Script Type:Latin
Text Length:792 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service59% confidence
Type: static
Method: ml+structural

All Detected Categories

government public service
59%
corporate business
47%
e-commerce shopping
44%
technology software
40%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
31185.201.65.222Italy
AS47242Host SpA
2104.20.47.26United States
AS13335CLOUDFLARENET
2151.101.65.229San Francisco, California, United States
AS54113FASTLY
2172.66.148.43United States
AS13335CLOUDFLARENET
2142.250.185.138United States
AS15169GOOGLE
2104.16.174.226United States
AS13335CLOUDFLARENET
2104.18.11.207United States
AS13335CLOUDFLARENET
22606:4700::6812:bcfUnited States
AS13335CLOUDFLARENET
22606:4700:10::ac42:942bUnited States
AS13335CLOUDFLARENET
22606:4700:10::6814:2f1aUnited States
AS13335CLOUDFLARENET
3717--

Detected Technologies3

JQueryv3.5.1
100%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12C126F214CF9156F1182908ABE39AA2A7EC6800BC36B670531FD165E6F86D47CD73F6C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:sGpEztfIm74lU7eVdKvOejl7KvdL/zP5TllQO7:sAEzJg6Oejlmlt

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:9770:TKwxIYy9AAICmIgMBhJggGQgAaoADCqkdCgoHRhQCAPSsmkQEP8BxAFwIghEUgpYA6alJCSWABhYAwARu4BUACFzGYgiwMhI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:08e7e7efe7e7e7e7
Perceptual Hash:f35f0e338c0c9927
Difference Hash:490c0c0c0c0c0c0c
Wavelet Hash:00e6e6e6c2c2c3e7
Color Hash:#9479d2

Other Hashes

Crop Resistant:490c0c0c0c0c0c0c

Scan History

Scan history not available

Unable to load historical scan data