ScanMalware.com

Security Scan Report: enyugaba.cyou

Redirected to: http://srv244428.hoster-test.ru/pec/der/der/index.html

Site favicon
Submitted: Dec 4, 2025, 7:06:33 AMCompleted: Dec 4, 2025, 7:07:55 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 5 countries across 4 domains to perform 9 HTTP transactions. The main domain is srv244428.hoster-test.ru.

Submitted URL: https://enyugaba.cyou/

Effective URL: http://srv244428.hoster-test.ru/pec/der/der/index.htmlRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

High‑risk phishing page; avoid interaction and report immediately.

Risk Factors
Circular redirect indicating URL manipulation
Credential harvesting form on a newly registered, unranked domain
Domain age <7 days combined with login form (critical risk)
Domain change to an unrelated hoster-test.ru domain
Lack of any malicious Indicators of Compromise matches (absence does not mitigate other strong signals)
Domain age information unavailable

Details

Page Title

Customer Area

Scan Type

public

Language

🇺🇸

English

(55% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'enyugaba.cyou' on the .cyou top-level domain without a subdomain. The core label 'enyugaba' covers 8 characters split between 4 vowels and 4 consonants. Word splitting yields 3 words: en, yuga, ba. Median word length is two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://enyugaba.cyou/

Page Load Overview

4.11s
Total Load Time
9
HTTP Requests
4
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:55%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:55%
Script Type:Latin
Text Length:271 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
331.28.24.114Russia
AS12616Citytelecom LLC
2216.58.206.35United States
AS15169GOOGLE
1185.221.216.121London, England, United Kingdom
AS393960HOST4GEEKS-LLC
162.149.186.150Arezzo, Tuscany, Italy
AS31034Aruba S.p.A.
12a00:1450:4001:810::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
95--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T112D1B9A370256D2A159374E5F7295719E043C96ACE93588AF6F283F542F0EE38E13237

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:lINiEnii83b02deGpICY6+yGwjxkfqELqwLWsJ:l8nP2/MGpvY62w4Daq

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:6263:AEAEhKgSIU0BFCGAIyMYUHzBRIUAgBCQBQCBAUItCNJMUIaAAvgEGF0BBhCEYFBlYUBAC6QABAAACChNBUIaAgpCAANCIKDY

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffffff9ffff7f7
Perceptual Hash:951b62783a6a792e
Difference Hash:2140407034302424
Wavelet Hash:003e3e1e1ece06f7
Color Hash:#40bf59

Other Hashes

Crop Resistant:2140407034302424,0101012121214101

Scan History

Scan history not available

Unable to load historical scan data