Security Scan Report: h625.lat

Redirected to: https://ld.hggj.live/hg/#/pages/index/index

Submitted: Oct 29, 2025, 9:25:32 AMCompleted: Oct 29, 2025, 9:26:46 AMpubliccompleted
Loading additional data...

Summary

This website contacted 31 IPs in 3 countries across 7 domains to perform 160 HTTP transactions. The main domain is ld.hggj.live.

Submitted URL: http://h625.lat/

Effective URL: https://ld.hggj.live/hg/#/pages/index/indexRedirected

AI Security Verdict

Low Risk

Confidence: 72%

2
Risk Score

Site shows several redirects but lacks malicious content or credential collection; low risk.

Risk Factors
Multiple redirects (5) may indicate suspicious redirection behavior
Domain appears to be newly registered with no reputation data
Safety Factors
No forms collecting passwords, payment details, or personal data
No malicious Indicators of Compromise detected
Page title does not impersonate a known brand
Domain age information unavailable

Details

Page Title

皇宫国际

Scan Type

public

Language

🇨🇳

Chinese

(60% confidence)

Category

suspicious phishing

(57%)

Domain Information

Domain 'h625.lat' uses the .lat top-level domain without a subdomain. The second-level label 'h625' is 4 characters long holding 0 vowels versus one consonant; bonus characters include 3 digits. Word splitting yields two words: h, 625. Expect 2 characters per word on average. Most frequently, 'h' shows up in Breton. Secondary signals appear in Chinese (Zhuyin) and Hungarian.

Screenshot

Security scan screenshot of http://h625.lat/

Page Load Overview

19.32s
Total Load Time
160
HTTP Requests
7
Domains
40 KB
Total Size

Language Analysis

Primary Language

🇨🇳Chinese
Code: zh
Confidence:60%
Script:Han
Direction:ltr

Detection Details

Language Code:zh
Detection Confidence:60%
Script Type:Han
HTML Lang Attribute:en
Text Length:138 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as zh

Website Classification

Primary Category

suspicious phishing57% confidence
Type: static
Method: ml+structural

All Detected Categories

suspicious phishing
57%
other
34%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1038.182.238.161United States
AS140224NEBULA
5154.23.151.49Hong Kong, Hong Kong
AS140224NEBULA
5118.25.42.241Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
538.182.238.163United States
AS140224NEBULA
545.202.215.202Hong Kong, Hong Kong
AS40065CNSERVERS
538.182.238.160United States
AS140224NEBULA
534.92.18.179Hong Kong, Hong Kong
AS396982GOOGLE-CLOUD-PLATFORM
538.182.238.162United States
AS140224NEBULA
545.202.215.199Hong Kong, Hong Kong
AS40065CNSERVERS
5154.23.151.46Hong Kong, Hong Kong
AS140224NEBULA
16031--

Detected Technologies1

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10B03E1246442345B6533C9C0F0A76F09B4A6AF3AC65C5B78A3791AE55FCBCE44C3B368

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:i84dOJ0nSDmrvDU+bw/vDU+b0ty5d+bUUUUCUUUUUUfUUU4UUlUUUUUWUUDEy6wE:iLOJ0nSDavDU1/vDU/y5wbUUUUCUUUUa

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:38285:CQkkQMgIEIGT4EABsOREDdSQ2wAUZhswvShIABQH8GRNSACkYFgYtDU5qqTwKEJEIFSgXDOKArsYyIEQDSkCJQEACyDJjXAo

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:01075fced8f9fefc
Perceptual Hash:b32227675a35c8dc
Difference Hash:4ecf96181173e2e0
Wavelet Hash:00070f8e98b9fefc
Color Hash:#5e40bf

Other Hashes

Crop Resistant:4ecf96181173e2e0

Scan History

Scan history not available

Unable to load historical scan data