ScanMalware.com

Security Scan Report: siamlaw.com

Redirected to: blob:https://seasonal-workers.com/c2d59de6-fb77-422a-b88e-3b5d6b3de7d1

Submitted: Nov 27, 2025, 9:27:44 AMCompleted: Nov 27, 2025, 9:31:18 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main domain is .

Submitted URL: https://siamlaw.com/wp-includes/css/tmp/vmo.html

Effective URL: blob:https://seasonal-workers.com/c2d59de6-fb77-422a-b88e-3b5d6b3de7d1Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Credential‑harvesting phishing page using a compromised WordPress site and blob URL.

Risk Factors
Blob URL phishing technique
Compromised WordPress site hosting credential‑harvesting form
Disguised password field (type=text with password placeholder)
Hidden password fields in the HTML
Unicode evasion in form fields
Domain age information unavailable

Details

Page Title

Secure File Access

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(68%)

Domain Information

The domain name 'siamlaw.com' uses the commercial generic top-level domain (.com) and has no subdomain. The second-level label 'siamlaw' is 7 characters long holding 3 vowels versus 4 consonants. Splitting it apart reveals two words: siam, law. Average segment length settles at 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://siamlaw.com/wp-includes/css/tmp/vmo.html

Page Load Overview

0.82s
Total Load Time
11
HTTP Requests
4
Domains
76 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:309 chars
Detector Agreement:67%

Website Classification

Primary Category

technology software68% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
68%
download file sharing
49%
documentation technical
31%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5185.15.59.240United States
AS14907WIKIMEDIA
1151.101.194.137San Francisco, California, United States
AS54113FASTLY
1119.59.96.90Thailand
AS56067453 Ladplacout Jorakhaebua
1162.0.217.214Amsterdam, North Holland, Netherlands
AS22612NAMECHEAP-NET
1151.101.66.137San Francisco, California, United States
AS54113FASTLY
0151.101.2.137San Francisco, California, United States
AS54113FASTLY
02a04:4e42::649United States
AS54113FASTLY
02a04:4e42:400::649United States
AS54113FASTLY
02a04:4e42:200::649United States
AS54113FASTLY
02a02:ec80:300:ed1a::2:bUnited States
AS14907WIKIMEDIA
1112--

Detected Technologies1

PasswordField
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DD22605B26FB00B53503E1B837E797453961A1235A0AC8683F9CA74DDF4AD42A9B33CC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:Ek1OmlFAFt/bwRJEzORUocU3IpcU2uY6yvRAUzGbH+6Q00X:TFAFbz0UocU3QcUvm9zi+6U

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:10775:QHMYKqoABQyJIAS1ESGGMApIxTXCiMQIYMAESCgLLDA8yxqAYhB4eZQASZiggBYAgdIAcHESgQTuNNRQAQoYFnCAWiNCDBAU

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fffe7e7ffc3c3ff
Perceptual Hash:b28b8d319b65259b
Difference Hash:d4694c4c61969669
Wavelet Hash:247e66667e42427e
Color Hash:#798cd2

Other Hashes

Crop Resistant:d4694c4c61969669,2008303232100800

Scan History

Scan history not available

Unable to load historical scan data