ScanMalware.com

Security Scan Report: ipinfo.io

Site favicon
Submitted: Nov 24, 2025, 11:19:26 PMCompleted: Nov 24, 2025, 11:22:17 PMpubliccompleted
Loading additional data...

Summary

This website contacted 176 IPs in 6 countries across 51 domains to perform 252 HTTP transactions. The main domain is ipinfo.io and was registered NaN years ago.

Submitted URL: https://ipinfo.io/

The Cisco Umbrella rank of the primary domain is #4,162 of the top 1 million websitesTop 10K Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed scam – multiple primary domain Indicators of Compromise flag ipinfo.io as malicious.

Risk Factors
Multiple primary domain Indicators of Compromise matches
Primary domain flagged as suspicious
Automatic high‑risk classification due to primary domain Indicators of Compromise
Domain age information unavailable

Details

Page Title

IP Data Intelligence for Developers & Enterprises | IPinfo

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(60%)

Domain Information

Domain 'ipinfo.io' uses the British Indian Ocean Territory country-code top-level domain (.io) and has no subdomain. Its registrable label 'ipinfo' stretches across 6 characters holding 3 vowels versus 3 consonants. Segmentation suggests 2 words: ip, info. Median word length comes out to 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ipinfo.io/

Page Load Overview

2.82s
Total Load Time
252
HTTP Requests
51
Domains
2.3 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:7,139 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical60% confidence
Type: spa
Method: ml+structural

All Detected Categories

documentation technical
60%
technology software
52%
corporate
35%
corporate business
34%

Detected Features

OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
126104.18.22.73United States
AS13335CLOUDFLARENET
2934.117.59.81Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
8104.18.14.11United States
AS13335CLOUDFLARENET
6142.250.185.232United States
AS15169GOOGLE
6142.250.184.195United States
AS15169GOOGLE
523.195.23.147United States
AS20940Akamai International B.V.
554.225.245.60Ashburn, Virginia, United States
AS14618AMAZON-AES
552.242.103.142Boydton, Virginia, United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
5157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
4216.239.34.36United States
AS15169GOOGLE
252176--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FCF3C5B186900026615747D7B572B79A609BB1DEEE8BC8C8E3BC43522FCFD41BD03A59

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:QIoxTaNDKLiQD9Zci++qVYriB9q2X2Np6InA/xp:QIcTaNOLiI9C+Np6IeP

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:168656:EmVhACxAhIAFC0gGwxQBHIaFMhMYIgBFAYnBHpFIEYQApIGhYzpRo0AQqtigFGGwDzKCAgGRhCDOwgTQoBiBiRKARBwpAhgM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fff3d1f1f1ffe1e1
Perceptual Hash:ed9cb3926c61906d
Difference Hash:2927272727104303
Wavelet Hash:fdf18191f0f8e0e0
Color Hash:#1f2993

Other Hashes

Crop Resistant:2927272727104303,2024484040404040,a080011111011911

Scan History

Scan history not available

Unable to load historical scan data