ScanMalware.com

Security Scan Report: www.wvzotgynbl.xyz

Redirected to: https://wvzotgynbl.xyz/

Submitted: Mar 25, 2026, 3:32:06 AMCompleted: Mar 25, 2026, 3:34:02 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 5 domains to perform 1 HTTP transaction. The main domain is wvzotgynbl.xyz and was registered NaN years ago.

Submitted URL: https://www.wvzotgynbl.xyz

Effective URL: https://wvzotgynbl.xyz/Redirected

The Cisco Umbrella rank of the primary domain is #167,611 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

7
Risk Score

Site shows a high‑severity Cobalt Strike C2 alert despite being a domain‑for‑sale page; treat as malicious.

Risk Factors
High severity network IDS alert indicating Cobalt Strike command‑and‑control activity
Low Cisco Umbrella ranking for a domain that appears to be a simple sale page
Domain age information unavailable

Details

Page Title

porkbun.com | domain for sale

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

real estate property

(57%)

Domain Information

You're looking at domain 'www.wvzotgynbl.xyz' on the open generic top-level domain (.xyz), featuring subdomain 'www'. The second-level label 'wvzotgynbl' is 10 characters long with one vowel and nine consonants. Tokenizing the label suggests five words: wv, zo, t, gy, nbl. The median word length lands at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.wvzotgynbl.xyz

Page Load Overview

2.53s
Total Load Time
12
HTTP Requests
7
Domains
370 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:195 chars
Detector Agreement:67%

Website Classification

Primary Category

real estate property57% confidence
Type: static
Method: ml+structural+ocr_tiebreaker

All Detected Categories

real estate property
57%
news media journalism
41%
documentation technical
38%
adult content
33%
cryptocurrency blockchain
29%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3104.18.11.207United States
AS13335Cloudflare, Inc.
344.227.65.245Boardman, Oregon, United States
AS16509Amazon.com, Inc.
3142.251.127.97United States
AS15169Google LLC
33.5.85.40United StatesUnknown
124--

Detected Technologies5

X-UA-Compatible
100%
Google-Tag-Manager
100%
Google-AnalyticsvUniversal
100%
Bootstrapv3.3.7
100%
Google Analytics
55%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T16E418552B5A054335283139C79E2F90DDDA69147DA5EA445B4DC97B7BFC0F83CCA3508

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:T65jcWRjihoYttIbZ6kcWF4oqkv/Vecmb1V7vv:TcdRjiMbZ6kcgqewPvv

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:2199:AoABCAAAAAAAQAAAAMJCKAoAAEAAAIAAAAAAAAAACAEAAAAEEQSAACAAAhEEAAAAAICBgWAQSAQAAhQAAEIAAIAAAAGEBUgE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffefefc3c3c38383
Perceptual Hash:b5c39f642c26c81f
Difference Hash:c81c8a1e96961636
Wavelet Hash:7fe7cac340c38383
Color Hash:#6c98e0

Other Hashes

Crop Resistant:c81c8a1e96961636,71cc82b21696869c,b371e8cc94b2aa5b,959b999115955934

Scan History

Scan history not available

Unable to load historical scan data