MalwareTips
DANGEROUS

Critical risk detected

7 of 92 antivirus engines flag this page as malicious. Our security stack flagged multiple threat indicators on this website. Don't enter personal information, deposit money, or download files.

0
Trust score
DANGEROUS
Heuristics 0·MT 15
Category tags
phishing#Phishing#Data Harvester95% MT confidence
Technical red flags (1)
8 of 92 engines flagged

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
8/92
Engines flagged this URL
Domain Age
Registration date unknown
MT Intelligence
Dangerous
Critical likelihood · 95% confidence

MT Intelligence

Advanced threat intelligence
MT Security Analyst
Critical scam likelihoodengineMT · Guardiantrust15/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The domain aacesphobd.hstn.me is a subdomain of hstn.me, a free web-hosting service operated by AeonFree that allows threat actors to create short-lived phishing pages with minimal friction. Our antivirus network flagged the page as phishing across six major engines (BitDefender, Emsisoft, Fortinet, G-Data, Kaspersky, and Netcraft). The parent domain hstn.me has a well-documented abuse history: related subdomains like joginreactivation23.hstn.me, marketplace-item-*.hstn.me, and verificar-ahora.hstn.me appear in phishing-threat databases and malware-analysis reports with high-risk scores. The page itself is blank (no body text, no contact details, no legitimate business signals), which is typical of phishing landing pages that load content dynamically or serve different payloads based on visitor context. The SSL certificate is valid but newly issued (17 days to expiry), another common pattern in disposable phishing infrastructure. No business registration exists for this subdomain, and the parent domain's safety score is critically low across independent threat aggregators.
Full dossier
Analysis complete

Page Content

The page is blank with no visible text, contact information, business details, or functional elements. No login form, countdown timer, or push-notification spam detected. This emptiness is consistent with phishing infrastructure that either loads content dynamically or serves different payloads to different visitor profiles.

Infrastructure

Hosted on IP 185.27.134.217 (Wildcard UK Limited / AeonFree infrastructure). The IP has zero abuse reports and a clean abuse score, but this reflects the hosting provider's scale rather than the subdomain's legitimacy — free hosting services are inherently attractive to threat actors. SSL certificate is valid but recently issued (17 days to expiry), typical of disposable phishing pages. No redirects or homoglyph tricks detected.

Domain History

aacesphobd.hstn.me is a user-created subdomain on hstn.me, a free hosting platform registered in 2019. The parent domain has been repeatedly abused for phishing campaigns over several years. WHOIS data is unavailable, which is standard for free subdomains. The subdomain itself is not indexed in global traffic rankings.

Web Reputation

Our antivirus network detected phishing across six major engines. Independent threat databases (PhishStats, ANY.RUN, independent review aggregator, PhishDestroy, EmailVeritas) have flagged multiple related hstn.me subdomains with high-risk scores and documented phishing activity. The parent domain hstn.me has a safety score of 10/100 on independent aggregators. No positive reviews or legitimate business signals found.

Risk Factors
7
  • Six major antivirus engines (BitDefender, Emsisoft, Fortinet, G-Data, Kaspersky, Netcraft) flagged the page as phishing.
  • Parent domain hstn.me has a documented history of phishing abuse across multiple threat-intelligence databases and malware-analysis platforms.
  • Related subdomains on hstn.me (joginreactivation23.hstn.me, marketplace-item-*.hstn.me, verificar-ahora.hstn.me) are confirmed phishing pages with threat scores of 2.5–5.7/10 and 14/14 vendor detections.
  • Page is completely blank with no business information, contact details, or legitimate content — typical of disposable phishing infrastructure.
  • SSL certificate is valid but newly issued (17 days to expiry), consistent with short-lived phishing campaigns.
  • Hosted on a free web-hosting platform (AeonFree) commonly abused by threat actors for rapid deployment of credential-theft pages.
  • Five independent threat databases and scam-report sources flagged the parent domain or related subdomains as phishing or malicious.
AI Recommendation
Do not visit this page or enter any credentials. If you arrived here via email or message, report it as phishing to your email provider or the platform that sent the link. The page is part of a known phishing infrastructure and poses a direct risk of credential theft.
Scam network detected
5 linked domains correlated

aacesphobd.hstn.me is part of a broader phishing infrastructure on hstn.me, a free hosting platform. Multiple related subdomains on the same parent domain are confirmed phishing pages documented in threat-intelligence databases. The parent domain and its subdomains share the same IP range (185.27.134.x) and exhibit consistent phishing-campaign patterns (login reactivation, marketplace credential t

joginreactivation23.hstn.memarketplace-item-54659856563.hstn.memarketplace-items-823623855.hstn.meverificar-ahora.hstn.mehstn.me
Next-gen fraud intelligence
Evidence-backedCross-checked

Website Preview

Screenshot of aacesphobd.hstn.me
LIVE RENDER
aacesphobd.hstn.me

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for aacesphobd.hstn.me, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
5 scam reports
Key findings
7 headline facts from open-web research
  • aacesphobd.hstn.me is a subdomain of hstn.me, a free web hosting service (AeonFree) that allows user-created subdomains like *.hstn.me
  • hstn.me and its subdomains have been repeatedly used for phishing pages, including login reactivation scams, marketplace phishing, and password protection lures
  • Specific hstn.me subdomains (e.g. joginreactivation23.hstn.me, marketplace-item-*.hstn.me, verificar-ahora.hstn.me) appear in PhishStats, ANY.RUN malware reports, ScamAdviser (trust score 0), and blocklists
  • IP addresses associated with these phishing subdomains consistently resolve to 185.27.134.x range (Wildcard UK Limited / AeonFree infrastructure)
  • No direct mentions of the exact subdomain "aacesphobd.hstn.me" were found in public reports, but the parent domain hstn.me has a documented history of abuse for phishing and malicious activity
  • hstn.me itself shows low reputation on scanners like IPQualityScore and EmailVeritas (phishing flags, low safety score)
  • Domain registered in 2019; free hosting model commonly abused by threat actors for short-lived scam pages
Scam reports (5)
Direct quotes from public scam databases, forums, and news.
  • PhishStatsopen

    "Multiple subdomains on hstn.me flagged as phishing, including joginreactivation23.hstn.me with threat scores 2.5-5.7/10, IP 185.27.134.x"

  • ANY.RUNopen

    "Malware analysis of marketplace-item-54659856563.hstn.me tagged as phishing, malicious activity detected"

  • ScamAdviseropen

    "marketplace-items-823623855.hstn.me has a very low trust score (0). We think the website may be a scam."

  • PhishDestroyopen

    "verificar-ahora.hstn.me flagged as high-risk phishing domain, 14/14 VT vendors, 100 risk score, used for password protection lure"

  • EmailVeritasopen

    "hstn.me safety score 10/100, flagged for phishing"

Research summary
Narrative write-up from our AI analyst, grounded on the facts above

Our research identified five separate threat-intelligence and scam-report sources documenting phishing activity on hstn.me and its subdomains. PhishStats, ANY.RUN, independent review aggregator, PhishDestroy, and EmailVeritas all flagged related subdomains on the same parent domain as active phishing pages used for login reactivation scams, marketplace credential theft, and password-protection lures. The parent domain hstn.me is a free web-hosting service (AeonFree) with a documented abuse history spanning multiple years. No positive reviews or legitimate business registrations were found for aacesphobd.hstn.me or the parent domain.

Antivirus Engines

Detection matrix · live
8 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

7Malicious1Suspicious54Harmless92Engines
0
of 92
BitDefender
Malicious· phishing
Emsisoft
Malicious· phishing
Fortinet
Malicious· phishing
G-Data
Malicious· phishing
Kaspersky
Malicious· phishing
Netcraft
Malicious· malicious
Webroot
Malicious· malicious
URLQuery
Suspicious· suspicious

8 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerZeroSSL · ZeroSSL ECC Domain Secure Site CA
ExpiresJun 25, 2026 (17d)
Self-signedNo
Hosting & Technology
HostingI FastNet LTD
Server locationGB
Web serveropenresty

Server Reputation

Abuse Intelligence
Confidence score0%
Reports on file0
ISPI FastNet LTD
Usage typeContent Delivery Network

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing
Phishing
Low-level signals
10/100
  • AI analyst tagged this as phishing.

Phishing site — act fast

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

  • Do not interact with aacesphobd.hstn.me

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • If you already typed your password — change it now

    Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.

  • Report the phishing URL

    APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.

    Open
  • Get help on the forum

    MalwareTips members can help you assess damage and next steps.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags aacesphobd.hstn.me as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — aacesphobd.hstn.me scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. aacesphobd.hstn.me presents a valid TLSv1.3 certificate issued by ZeroSSL · ZeroSSL ECC Domain Secure Site CA, expiring in 17 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • 8 out of 92 antivirus engines in our malware network flagged aacesphobd.hstn.me as malicious or suspicious (7 outright malicious). Even one detection is a meaningful signal.
  • No. aacesphobd.hstn.me is not currently listed on the major browser blocklist feeds that modern browsers use.
  • aacesphobd.hstn.me resolves to an IP operated by I FastNet LTD in GB (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

Final Verdict

0
Trust / 100
Final Verdict·aacesphobd.hstn.me
DANGEROUS

This subdomain belongs to hstn.me, a free hosting service with a documented history of phishing abuse. Multiple related subdomains on the same parent domain have been flagged by security researchers and independent threat databases as active phishing pages.

Do not visit this page or enter any credentials. If you arrived here via email or message, report it as phishing to your email provider or the platform that sent the link. The page is part of a known phishing infrastructure and poses a direct risk of credential theft.

AV engines
92
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Dangerous reports

Browse all reports
Dangeroustrust33
jjj195.com
6m ago
Read the review
Dangeroustrust12
account.remote-otp.com
8m ago
Read the review
Dangeroustrust1
72264.xyz
11m ago
Read the review
Dangeroustrust24
uuuu.com
13m ago
Read the review
Dangeroustrust1
almarabeaunited.com
13m ago
Read the review
Dangeroustrust1
ghanapoest.eu.cc
15m ago
Read the review
Dangeroustrust1
nyjfv.xyz
16m ago
Read the review
Dangeroustrust1
mitaomaodou.com
17m ago
Read the review
Dangeroustrust1
coin-bse-app.zapier.app
18m ago
Read the review
Dangeroustrust1
web-git-05-20-featwebshowread-onlytokeninfoforex-4642a4-uniswap.vercel.app
18m ago
Read the review
Dangeroustrust45
cedarbureau.digital
20m ago
Read the review
Dangeroustrust1
scriptapi.dev
20m ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.