e-commerce

Italian

PHPSESSID

wserver

server

identifier

The domain 'candidat.hosted.phplist.com' uses the commercial generic top-level domain (.com), featuring subdomain 'candidat.hosted'. The core label 'phplist' covers 7 characters holding 1 vowel versus 6 consonants. It segments into 2 words: php, list. Average segment length settles at 3.5 characters. No strong language cues emerged from the frequency lists.

step

fullname

expm

expy

email

html/f1/e9/f1e95d5d-282b-45d3-a8ba-bc61890ebef7.html.gz

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

d1a3a0928d630691ce153538e10ea1d5be6c261ee2bf96476d943989854aec47

02622324f11199b51cbb59365bdcd8c1b06389644a7432d06c0b656f4c342e84

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

base-uri 'none';child-src https:;form-action https://ogs.google.com https://*.corp.google.com;object-src 'none';script-src 'self' 'unsafe-inline' https:;frame-ancestors chrome://new-tab-page/

Telegram Messenger Inc

Nikolai Durov

MNT-TELEGRAM

MNT-GLOBAL-NET

Telegram_Messenger_Network


	//var ip = '178.63.16.224';
    //var conn = new WebSocket('ws://:8085');







            let identifier = Math.floor((Math.random() * 1000000) + 1);
            document.cookie = "identifier="+identifier;
            document.cookie = "ip=178.63.16.224";
            document.cookie = "server=";
            document.cookie = "wserver=";
        

Debian

✅ Low Risk - https://candidat.hosted.phplist.com/

Requests	IP Address	Location	AS Autonomous System
10	149.154.167.220	London, England, United Kingdom	AS62041Telegram Messenger Inc
1	3.167.226.45	United States	AS16509AMAZON-02
1	200.58.110.220	Rosario, Santa Fe, Argentina	AS27823Dattatec.com
1	142.250.185.234	United States	AS15169GOOGLE
1	45.33.29.14	Richardson, Texas, United States	AS63949Akamai Connected Cloud
1	2800:6c0:2::8	Buenos Aires, Buenos Aires F.D., Argentina	AS27823Dattatec.com
1	3.167.226.172	United States	AS16509AMAZON-02
1	3.167.226.71	United States	AS16509AMAZON-02
1	2a00:1450:4001:82b::200a	Frankfurt am Main, Hesse, Germany	AS15169GOOGLE
1	2001:67c:4e8:f004::9	Amsterdam, North Holland, Netherlands	AS62041Telegram Messenger Inc
20	11	-	-

Security Scan Report: candidat.hosted.phplist.com

Summary

AI Security Verdict

Confirmed Scam

Risk Factors

Details

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History