ScanMalware.com

Security Scan Report: dometec.com.br

Redirected to: blob:https://web.payvib.com/22c941a8-0b65-4599-b7f3-9162eecf3020

Submitted: Mar 26, 2026, 11:07:16 PMCompleted: Mar 26, 2026, 11:08:28 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 18 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://dometec.com.br/wp/wp-content/plugins/junejune/wx.htm

Effective URL: blob:https://web.payvib.com/22c941a8-0b65-4599-b7f3-9162eecf3020Redirected

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

Phishing page impersonating Bank of America, uses compromised WordPress and blob URL to steal credentials – confirmed scam.

Risk Factors
Brand impersonation (Bank of America) on unranked domain
Compromised WordPress site used for phishing
Blob URL usage – strong phishing technique
Credential‑harvesting login form
Domain mismatch and redirect to unrelated domain
Domain age information unavailable

Details

Page Title

Bank of America | Online Banking | Log In | User ID

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(79%)

Domain Information

Within the Brazilian country-code top-level domain (.com.br), 'dometec.com.br' is registered without a subdomain. The second-level label 'dometec' is 7 characters long holding 3 vowels versus 4 consonants. Segmentation suggests 2 words: dome, tec. Median word length is 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://dometec.com.br/wp/wp-content/plugins/junejune/wx.htm

Page Load Overview

1.71s
Total Load Time
18
HTTP Requests
9
Domains
339 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,880 chars
Detector Agreement:75%

Website Classification

Primary Category

finance banking79% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
79%
adult content
38%
government public service
37%
healthcare medical
31%
documentation technical
30%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4104.17.24.14United States
AS13335Cloudflare, Inc.
2172.67.68.225United States
AS13335Cloudflare, Inc.
2142.250.201.163Brazil
AS27715
2188.114.97.3United States
AS13335Cloudflare, Inc.
2104.126.37.128Unknown
AS13335
2186.202.95.124Brazil
AS27715Locaweb Servicos de Internet SA
2151.101.66.137United States
AS54113Fastly, Inc.
2172.217.16.202UnknownUnknown
188--

Detected Technologies7

PasswordField
100%
JQueryv2.2.4
100%
WordPress
75%
Cloudflare
50%
jQuery CDN
20%
cdnjs
20%
Google Hosted Libraries
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19C23F926A2F3006A66A3C5902BE75B5F3E559843D44AC4603EAC9BD54F83EC0C9B77DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:o3h1RCtLzLZmGKwuBN9Tkyylt/Vt4TMKsXujWBS:o3gtLzNmGKwub9L

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:49992:kTsgVJAIYCkwHyoQHCFbCATHQCABoBqCOyRoR6UpMBFCgR91ASHIzkAQMkc4UIDIQIreioKwwSJ+UIggEUBSYD40YBBAsgAB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fee7e7e7ffff2500
Perceptual Hash:b3f408887333f8dc
Difference Hash:dccc0c4c080c4949
Wavelet Hash:4667e7e7e7e70000
Color Hash:#ace06c

Other Hashes

Crop Resistant:dccc0c4c080c4949

Scan History

Scan history not available

Unable to load historical scan data