MalwareTips
DANGEROUS

Critical risk detected

17 of 91 antivirus engines flag this page as malicious. Our security stack flagged multiple threat indicators on this website. Don't enter personal information, deposit money, or download files.

Security Review

Is 62.60.226.200 legit or a scam?

Our verdict:Dangerous· 1/100

Malware-hosting IP flagged by 17 antivirus engines for payloads like jpg-base64-loader and rev-base64-loader in public files.

Top reasons
17 antivirus engines flag it malicious, including BitDefender (phishing) and CyRadar (malware).Hosts active malware in /public_files/ like jpg-base64-loader and rev-base64-loader per threat reports.URLhaus lists the IP as online spreading malware for hours.
62.60.226.200Scanned 40d ago
Post Facebook
0
Trust score
DANGEROUS
Heuristics 0·MT 5
Category tags
malware#Malware100% MT confidence
Technical red flags (1)
20 of 91 engines flagged
Positive signals (1)
Not on major blacklists

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
0/91
Engines flagged this URL
Domain Age
Registration date unknown
MT Intelligence
Dangerous
Critical likelihood · 100% confidence

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust5/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The page at this IP shows minimal garbage text and lacks any legitimate content like contacts or title. Our antivirus network detected it with 17 malicious flags from engines including ADMINUSLabs, BitDefender, CyRadar, and others, plus reports confirm it's spreading malware via steganography in JPGs and base64 TXT files. Multiple threat intelligence sources like URLhaus list it as online and active for hours. Even though browser blocklists are clean and our sandbox scored zero, the AV detections and confirmed payloads override this. The hosting ASN belongs to a bulletproof provider known for malware.
Full dossier
Analysis complete

Page Content

  • Empty title and meta description with just garbled body text 'Ti dayn?'.
  • No emails, phones, addresses, or social links anywhere.
  • No login forms, countdowns, or scam family matches triggered.

Infrastructure

  • Direct IP access with no SSL certificate.
  • IP 62.60.226.200 geolocated to Frankfurt, Germany, under ASN AS214351 FEMO IT SOLUTIONS LIMITED (UK-registered).
  • No redirects, homoglyphs, or cross-domain hops; not indexed in global traffic ranks.

Domain History

  • WHOIS data unavailable for this IP.
  • Business registration exists for the ASN owner as active UK company FEMO IT SOLUTIONS LIMITED at 71-75 Shelton Street, London.
  • However, identified as bulletproof hosting for malware.

Web Reputation

  • 17/91 antivirus engines flag malicious, 3 suspicious; reputation score -1.
  • Browser blocklists clean, our sandbox clean (score 0).
  • 5 scam reports confirm malware hosting; zero positive reviews.
Risk Factors
7
  • 17 antivirus engines flag it malicious, including BitDefender (phishing) and CyRadar (malware).
  • Hosts active malware in /public_files/ like jpg-base64-loader and rev-base64-loader per threat reports.
  • URLhaus lists the IP as online spreading malware for hours.
  • ANY.RUN sandbox tags files from this IP as stego payload from TA558/APT stegocampaign.
  • Bulletproof hosting ASN linked to multiple malware samples.
  • No legitimate page content, contacts, or SSL.
  • IP reputation tied to malware families despite UK business registration.
Positive Signals
3
  • Browser blocklist feeds show clean.
  • Our sandbox analysis scored it zero with no flags.
  • UK business registration active for the ASN owner.
AI Recommendation
Avoid this IP entirely — it hosts confirmed malware. Block it in your firewall and report to your antivirus.
Scam network detected
Related infrastructure identified

IP tied to multiple malware samples across threat intel feeds.

Next-gen fraud intelligence
Evidence-backedCross-checked

Website Preview

Screenshot of 62.60.226.200
LIVE RENDER
62.60.226.200

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for 62.60.226.200, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
Active · UK
Site traces back to an actively registered business.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
5 scam reports
Key findings
7 headline facts from open-web research
  • IP 62.60.226.200 belongs to ASN AS214351 FEMO IT SOLUTIONS LIMITED.
  • Geolocation: Frankfurt am Main, Germany per ipinfo.io.
  • Hosts multiple malware payloads in /public_files/ paths (e.g., JPG with steganography, TXT base64 loaders).
  • Reported by URLhaus as online spreading malware (rev-base64-loader, jpg-base64-loader).
  • Analyzed in sandboxes: ANY.RUN, Hybrid-Analysis, Joe Sandbox.
  • Listed in malware filter lists like urlhaus-filter.
  • ASN identified as bulletproof hosting provider.
Scam reports (5)
Direct quotes from public scam databases, forums, and news.
  • SOCDefenders.aiopen

    "The IP address 62.60.226.200 has been identified as a malware hosting site associated with the jpg-base64-loader malware family."

  • URLhausopen

    "URL: http://62.60.226.200/public_files/wb9HW4Y.txt. URL Status: flame Online (spreading malware for 14 hours, 44 minutes). Host: 62.60.226.200."

  • ANY.RUNopen

    "Online sandbox report for http://62.60.226.200/public_files/160066.jpg?12711313, tagged as stego, payload, ta558, apt, stegocampaign."

  • Hybrid-Analysisopen

    "Associated URLs: hxxp://62.60.226.200/public_files/160066.jpg."

  • SOCDefenders.aiopen

    "Threat intelligence for url indicator: http://62.60.226.200/public_files/pEN7Qdm.txt. Source: URLhaus. Malware: rev-base64-loader. Confidence: high."

Business registration
Status: active · UK

WHOIS registrant: FEMO IT SOLUTIONS LIMITED, address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

Research summary
Narrative write-up from our AI analyst, grounded on the facts above
Our research found 5 scam reports on this IP from sources like SOCDefenders.ai, URLhaus, ANY.RUN, and Hybrid-Analysis, all confirming it hosts malware such as jpg-base64-loader, rev-base64-loader, and steganography payloads in /public_files/. URLhaus notes it's online spreading malware. No positive reviews or complaints, but a UK business registration exists for the ASN owner.

Antivirus Engines

Detection matrix · live
20 engines flagged this URL

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

17Malicious3Suspicious45Harmless91Engines
0
of 91
ADMINUSLabs
Malicious· malicious
alphaMountain.ai
Malicious· malicious
BitDefender
Malicious· phishing
Chong Lua Dao
Malicious· malicious
CRDF
Malicious· malicious
CyRadar
Malicious· malware
Dr.Web
Malicious· malicious
Emsisoft
Malicious· malware
ESET
Malicious· malware
Forcepoint ThreatSeeker
Malicious· malicious
Fortinet
Malicious· malware
G-Data
Malicious· malware
Kaspersky
Malicious· malware
Lionic
Malicious· malicious
Rising
Malicious· malicious
VIPRE
Malicious· malware
Webroot
Malicious· malicious
AlphaSOC
Suspicious· suspicious
SOCRadar
Suspicious· suspicious
URLQuery
Suspicious· suspicious

20 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render
Page rendered in a safe sandbox
Requests made0
Unique IPs0
Countries1
Detected brandsNone

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Server Reputation

Hosting
CountryGermany
NetworkFEMOIT FEMO IT SOLUTIONS LIMITED, GB
IP address62.60.226.200

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

0 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Malware
Malware
Low-level signals
0/100
  • AI analyst tagged this as malware / drive-by / cracked app.

Malware distribution detected

Signals suggest this page may deliver malicious files or exploit the browser.

  • Do not interact with 62.60.226.200

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you downloaded or ran a file from here

    Disconnect the device from the internet, run a full scan with a reputable antivirus (Malwarebytes, ESET, Bitdefender), and consider a second-opinion scanner. Change passwords on any account you used from the device afterwards — ideally from a different device.

  • Get free cleanup help

    MalwareTips has a dedicated malware-removal team who walk you through cleanup one-on-one.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered from the scan data on this page. These are auto-generated — not hand-written — so they always match the underlying report.

  • Our automated security review flags 62.60.226.200 as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Final Verdict

0
Trust / 100
Final Verdict·62.60.226.200
DANGEROUS

This IP address hosts active malware payloads disguised in files like JPG images and TXT loaders. Our antivirus network shows 17 engines flagging it as malicious, including BitDefender for phishing and CyRadar for malware. Do not visit or download anything from it.

Avoid this IP entirely — it hosts confirmed malware. Block it in your firewall and report to your antivirus.

AV engines
91
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust1
loureiru.lol
35m ago
Read the review
Dangeroustrust14
cinewhale.cc
54m ago
Read the review
Dangeroustrust39
kabjember.com
2h ago
Read the review
Dangeroustrust41
by42.arswdppo.top
2h ago
Read the review
Dangeroustrust21
astral-games.xyz
3h ago
Read the review
Dangeroustrust25
oneshippros.com
3h ago
Read the review
Dangeroustrust34
movies4u.as
3h ago
Read the review
Dangeroustrust40
cineby.gd
3h ago
Read the review
Dangeroustrust14
lipopeakdrops.com
3h ago
Read the review
Dangeroustrust15
yooutube.com
7h ago
Read the review
Dangeroustrust1
youareanidiot.com
7h ago
Read the review
Dangeroustrust12
flixhd.cc
8h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
Scanned by
harlan4096Staff
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.