Security Scan Report: nekto.me

Site favicon
Submitted: May 9, 2026, 10:28:30 PMCompleted: May 9, 2026, 10:29:42 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main domain is nekto.me and was registered NaN years ago.

Submitted URL: https://nekto.me

The Cisco Umbrella rank of the primary domain is #677,751 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

The site shows no phishing forms but has a known‑malicious IP and critical IDS alerts indicating malware C2 activity, warranting a high‑risk classification.

Risk Factors
Critical IDS alerts indicating C2 beacon activity
Critical IDS alerts indicating large POST data exfiltration
IP address associated with known attacker
Excessive redirect chain (10 redirects)
High JavaScript obfuscation score (though likely minified)
Domain age information unavailable

Details

Page Title

Nekto.me — знакомства в чатах

Scan Type

public

Language

🇷🇺

Russian

(80% confidence)

Category

blog personal website

(68%)

Domain Information

You're looking at domain 'nekto.me' on the Montenegrin country-code top-level domain (.me). Count 5 characters in 'nekto' with 2 vowels and 3 consonants. It segments into 2 words: nek, to. The median word length lands at 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://nekto.me

Page Load Overview

1.71s
Total Load Time
46
HTTP Requests
6
Domains
892 KB
Total Size

Language Analysis

Primary Language

🇷🇺Russian
Code: ru
Confidence:80%
Script:Cyrillic
Direction:ltr

Detection Details

Language Code:ru
Detection Confidence:80%
Script Type:Cyrillic
HTML Lang Attribute:ru
Text Length:1,230 chars
Detector Agreement:100%

Website Classification

Primary Category

blog personal website68% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

blog personal website
68%
adult content
63%
download file sharing
62%
technology software
52%
gambling betting
48%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
13104.16.79.73United States
AS13335Cloudflare, Inc.
115.252.32.147Slovakia
AS59796StormWall s.r.o.
1188.212.202.52Moscow, Moscow, Russia
AS39134Edinaya Set Limited Liability Company
1187.250.251.119Russia
AS13238YANDEX LLC
464--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1E742856278E4941B0153B0D9FA12671DF9E290BFEA155A1071FC0EAE2FD3E61CC2761E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:oKR19g2xu0z8ea8daNzYibC+rIIne+xBhUfoEKdsESBE6eacO9wNmAajA:oKfzWdNYYIIRBhUjKdsEtacXmW

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:12091:AgMB0gZ8IMG/AwhE8WTAAAoA5bEHAE5EEAm0EGgviAIKBapBFhSAS+EICmQMTwQIQYEBCVhMrAWGQKcFeACCPwEQiOLEAAE0

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:010303270f7b1b0b
Perceptual Hash:a956798556a942bd
Difference Hash:ffffffcffec3d2f3
Wavelet Hash:0303073f3f7b1b0b
Color Hash:#bf8640

Other Hashes

Scan History

Scan history not available

Unable to load historical scan data