ScanMalware.com

Security Scan Report: trsutonline.xyz

Redirected to:
https://trsutonline.xyz/account/login.php
Site favicon
Submitted: May 10, 2026, 1:19:06 AMCompleted: May 10, 2026, 1:20:23 AMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 55 HTTP transactions. The main domain is trsutonline.xyz and was registered NaN years ago.

Submitted URL: http://trsutonline.xyz/account/login.php

Effective URL: https://trsutonline.xyz/account/login.phpRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

The site is a newly registered, unranked domain impersonating a bank with credential‑stealing login forms and critical malware alerts – confirmed scam.

Risk Factors
Very new domain (<30 days) with credential collection
Unranked domain impersonating a bank
Critical IDS alerts indicating malware/C2 activity
Login form without any disclosed affiliation
Potential phishing page
Domain age information unavailable

Details

Page Title

Nation Bank - Login

Scan Type

public

Language

🇩🇪

German

(55% confidence)

Category

unknown

(0%)

Domain Information

The domain 'trsutonline.xyz' uses the open generic top-level domain (.xyz). The core label 'trsutonline' covers 11 characters holding four vowels versus seven consonants. It segments into three words: trs, ut, online. Expect 3 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://trsutonline.xyz/account/login.php

Page Load Overview

2.64s
Total Load Time
57
HTTP Requests
13
Domains
396 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:55%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:55%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,933 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as de

Website Classification

Primary Category

unknown0% confidence
Type: dynamic
Method: structural

All Detected Categories

No categories detected

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9172.67.72.165United States
AS13335Cloudflare, Inc.
6142.251.127.95United States
AS15169Google LLC
6142.251.154.119United States
AS15169Google LLC
6142.251.127.94United States
AS15169Google LLC
6142.250.154.95United States
AS15169Google LLC
6142.251.14.94United States
AS15169Google LLC
6198.251.88.29Luxembourg, Luxembourg, Luxembourg
AS53667FranTech Solutions
6104.26.2.38United States
AS13335Cloudflare, Inc.
6192.178.183.138United States
AS15169Google LLC
579--

Detected Technologies6

X-UA-Compatible
100%
PasswordField
100%
JQueryv3.1.1
100%
SweetAlert2
20%
SweetAlert
20%
Chatway
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DE333E125C40990BA19F4ED956F5E51811F98303EE33098CFA2CD3F14FABEAE9A77245

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:fTZv8KZe2TKk1n306f/FkFTagNPIPw6gPeUB+YOYJ/IPpIuyE7UR7Jij:p8/6n305TaC6gGUB+YZ/WvyEm7Jij

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:51605:4wMFTDiBGAksKpAkIEJvjAMYobABKQIC8pGBwxoLMMEq4RAGIhwtlkMhELAZaBSOCAgDBsFhBcYHAIh0AjEyTFQgWWOESpi2

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:007fffffe7ffe7e7
Perceptual Hash:b78c26070c379d37
Difference Hash:62c0000c0c144c0c
Wavelet Hash:007efec6c2c2c6e6
Color Hash:#6ce0e0

Other Hashes

Crop Resistant:62c0000c0c144c0c

Scan History

Scan history not available

Unable to load historical scan data