ScanMalware.com

SCAN INCOMPLETE - LIMITED DATA COLLECTED

There were problems collecting data from this website

The website may be blocking automated browsers (bot protection)
The site may be using geo-blocking or rate limiting
Network connectivity issues may have prevented access

LIMITED DATA

Note: There were problems collecting data during this scan, and some information may be missing or incomplete. The security analysis below is based on limited information and may not be accurate. Consider trying the scan again.

Security Scan Report: sh-cp2-au.yyz2.servername.online

Submitted: Oct 17, 2025, 3:02:02 AMCompleted: Oct 17, 2025, 3:04:07 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 3 HTTP transactions. The main domain is sh-cp2-au.yyz2.servername.online.

Submitted URL: https://sh-cp2-au.yyz2.servername.online/~lalor851/itt/inges/login.php

AI Security Verdict

High Risk

Confidence: 95%

10
Risk Score

Site uses URL spoofing and is flagged by Google Safe Browsing – treat as high‑risk phishing.

Risk Factors
URL manipulation (spoofed URL)
Google Safe Browsing social engineering detection
Domain age information unavailable

Details

Page Title

sh-cp2-au.yyz2.servername.online

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

malicious

(61%)

Domain Information

The domain name 'sh-cp2-au.yyz2.servername.online' uses the modern generic top-level domain (.online); it also runs on subdomain 'sh-cp2-au.yyz2'. The core label 'servername' covers 10 characters containing 4 vowels alongside six consonants. Breaking it apart gives one word: servername. The median word length lands at ten characters. 'serverne' most often appears in Danish. Usage also turns up in Norwegian contexts.

Screenshot

Security scan screenshot of https://sh-cp2-au.yyz2.servername.online/~lalor851/itt/inges/login.php

Page Load Overview

30.22s
Total Load Time
3
HTTP Requests
1
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en
Text Length:796 chars
Detector Agreement:100%

Website Classification

Primary Category

malicious61% confidence
Type: static
Method: ml+structural

All Detected Categories

malicious
61%
other
60%
suspicious phishing
32%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
266.102.132.28Toronto, Ontario, Canada
AS40092ONIAAS
12605:6f00:1234:700:1::9cToronto, Ontario, Canada
AS40092ONIAAS
32--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T106048F77329A063986558499E057430D9F20B143B50AC9BC7ABCBAD8BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:CfQho9PKBb9JsE9RHCbZgRjFtSBaw9QWgceIszB2bMy8Old6:5hoC9J395CbZgLtSL3gcrsN2eAQ

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:186439:RZHgTWEmogPZ0MAQVOohCKBjgTJCAgLNIUFAMAiEgAJQUAACJQCQAtYQRZI6rUIAxICijVQAkAsgyZ/C7MIDEqGBIaDIQRBQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffc7c7c3d3ffffff
Perceptual Hash:b1339acccc93b364
Difference Hash:00180c1616000000
Wavelet Hash:f0d0c4c4c0f0f0f0
Color Hash:#2d8646

Other Hashes

Crop Resistant:00180c1616000000

Scan History

Scan history not available

Unable to load historical scan data