ScanMalware.com

Security Scan Report: nextworksriffzapp.monster

Redirected to: https://api.nextworksriffzapp.monster/?qr=cp&zqs=86faab712fed8c0dfcd6f18732a3e084

Submitted: Oct 26, 2025, 5:41:18 AMCompleted: Oct 26, 2025, 5:42:27 AMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 1 country across 3 domains to perform 8 HTTP transactions. The main domain is api.nextworksriffzapp.monster and was registered NaN years ago.

Submitted URL: https://nextworksriffzapp.monster/indexactiverevenue.php

Effective URL: https://api.nextworksriffzapp.monster/?qr=cp&zqs=86faab712fed8c0dfcd6f18732a3e084Redirected

AI Security Verdict

Safe Website

Confidence: 85%

1
Risk Score

No suspicious activity detected; site appears legitimate.

Safety Factors
No malicious Indicators of Compromise
No forms collecting sensitive data
Domain age moderate (193 days)
Page content is a simple file download notice
Domain age information unavailable

Details

Page Title

Your File is Getting Ready...

Scan Type

public

Language

🇺🇸

English

(51% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'nextworksriffzapp.monster' on the .monster top-level domain. Count 17 characters in 'nextworksriffzapp' containing 4 vowels alongside 13 consonants. Splitting it apart reveals five words: next, works, riff, z, app. Median word length comes out to four characters. Most frequently, 'next' shows up in Polish. Secondary signals appear in Slovak and Dutch.

Screenshot

Security scan screenshot of https://nextworksriffzapp.monster/indexactiverevenue.php

Page Load Overview

5.85s
Total Load Time
8
HTTP Requests
3
Domains
24 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:51%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:51%
Script Type:Latin
HTML Lang Attribute:en
Text Length:293 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: dynamic
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
8151.101.130.137San Francisco, California, United States
AS54113FASTLY
0104.21.23.244United States
AS13335CLOUDFLARENET
0172.67.214.180United States
AS13335CLOUDFLARENET
0151.101.66.137San Francisco, California, United States
AS54113FASTLY
02a04:4e42:200::649United States
AS54113FASTLY
02606:4700:3036::ac43:d6b4United States
AS13335CLOUDFLARENET
02a04:4e42:600::649United States
AS54113FASTLY
0151.101.2.137San Francisco, California, United States
AS54113FASTLY
02a04:4e42::649United States
AS54113FASTLY
0151.101.194.137San Francisco, California, United States
AS54113FASTLY
812--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T130920922DCA32DDD8F3F4503A6CE5AEE808D87825C5209C9786FD2996F9B94386D50DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:TG1rC0LMpCboWKrmW7y8F2oKFXgyfjg5qDZKIUyF:8C0Nboj7y8F2bQyfjJDUyF

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:19458:QU7O4md5xSdgCACYhEXgBCUCCoE4LCEvkogoZTFwCCQQJ6uNoUoCgAESCgBBAjjQoFwfgCULDBKdnUbr8ogCghEEMAmOwYtK

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fff7f7cfefe7e7ff
Perceptual Hash:b389cc66999966cc
Difference Hash:10282858084c2810
Wavelet Hash:0f273f2f2f032703
Color Hash:#1f7293

Other Hashes

Crop Resistant:10282858084c2810

Scan History

Scan history not available

Unable to load historical scan data