ScanMalware.com

Security Scan Report: core-cv.info

Redirected to: https://www.irs.gov/refunds/get-your-refund-faster-tell-irs-to-direct-deposit-your-refund-to-one-two-or-three-accounts

Site favicon
Submitted: Dec 6, 2025, 4:49:51 AMCompleted: Dec 6, 2025, 4:51:18 AMpubliccompleted
Loading additional data...

Summary

This website contacted 29 IPs in 2 countries across 7 domains to perform 45 HTTP transactions. The main domain is irs.gov and was registered NaN years ago.

Submitted URL: http://core-cv.info/

Effective URL: https://www.irs.gov/refunds/get-your-refund-faster-tell-irs-to-direct-deposit-your-refund-to-one-two-or-three-accountsRedirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing site impersonating the IRS; do not provide any personal information.

Risk Factors
Brand impersonation on an unusual, non‑government domain
UNRANKED domain presenting official‑government branding
Multiple redirects from a suspicious domain
Lack of .gov TLD on the initial URL
Domain age information unavailable

Details

Page Title

Get your refund faster: Tell IRS to direct deposit your refund to one, two, or three accounts | Internal Revenue Service

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government

(48%)

Domain Information

Within the informational generic top-level domain (.info), 'core-cv.info' is registered. The registrable portion 'core-cv' spans 7 characters with 2 vowels and four consonants, notching 1 hyphen. It segments into two words: core, cv. Median word length is three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://core-cv.info/

Page Load Overview

2.09s
Total Load Time
45
HTTP Requests
7
Domains
1.3 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:12,140 chars
Detector Agreement:100%

Website Classification

Primary Category

government48% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

government
48%
legitimate website
27%
news/blog
20%

Detected Features

Search
Articles

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3023.49.250.160Edison, New Jersey, United States
AS20940Akamai International B.V.
4216.58.206.40United States
AS15169GOOGLE
3216.239.34.36United States
AS15169GOOGLE
223.197.140.249Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
2172.66.171.172United States
AS13335CLOUDFLARENET
1216.239.32.36United States
AS15169GOOGLE
1142.251.140.168United States
AS15169GOOGLE
1104.20.20.192United States
AS13335CLOUDFLARENET
13.174.46.89United States
AS16509AMAZON-02
1161.35.4.240North Bergen, New Jersey, United States
AS14061DIGITALOCEAN-ASN
4529--

Detected Technologies3

MetaGenerator
100%
Google-AnalyticsvUniversal
100%
Drupalv10
60%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T113D30793B2E41037413383D9BAD9FB18E652A15BD7091981B1FC0B699F9FE24AD1370E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:2XEKNH2vAutSRT4+NS8x2bROGpuoNCuik+MTvZEZFRSfk7eciwnztlvr7IAETO2U:20KNcva+ZYzfj2B6+8w6SZ71O/m5PK

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:135564:hnJQ1gKUyopHxACJyyKA5UgCCggRSEQUCUJDaQEOioN1tABJuOgCCQtBAIkCCAQoAImUnAaChgflACwFKMUVj4AABpNDQMuZ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000fffbfbffffff
Perceptual Hash:b11c1647497ab8f9
Difference Hash:dd0c360b030e0c1c
Wavelet Hash:000083e3e3e7e7ef
Color Hash:#2d5b86

Other Hashes

Crop Resistant:dd0c360b030e0c1c,25d3dddc234cc44c

Scan History

Scan history not available

Unable to load historical scan data