ScanMalware.com

Security Scan Report: xyd1.top

Submitted: Oct 18, 2025, 3:30:53 PMCompleted: Oct 18, 2025, 3:32:23 PMpubliccompleted
Loading additional data...

Summary

This website contacted 33 IPs in 4 countries across 4 domains to perform 73 HTTP transactions. The main domain is xyd1.top and was registered NaN years ago.

Submitted URL: https://xyd1.top/

AI Security Verdict

High Risk

Confidence: 95%

10
Risk Score

High-risk phishing site using URL manipulation on a newly registered, unranked domain.

Risk Factors
Spoofed URL via history.pushState/replaceState
Brand-new domain (<7 days)
Unranked domain with no reputation
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(70% confidence)

Category

cryptocurrency blockchain

(85%)

Domain Information

The domain 'xyd1.top' uses the .top top-level domain. The second-level label 'xyd1' is 4 characters long split between 0 vowels and three consonants, plus one digit. Word splitting yields three words: xy, d, 1. Median word length comes out to 1 character. 'd' most strongly signals Catalan. Usage also turns up in Breton and Vietnamese contexts.

Screenshot

Security scan screenshot of https://xyd1.top/

Page Load Overview

50.90s
Total Load Time
73
HTTP Requests
4
Domains
859 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:70%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:70%
Script Type:Latin
HTML Lang Attribute:en
Text Length:653 chars
Detector Agreement:100%

Website Classification

Primary Category

cryptocurrency blockchain85% confidence
Type: static
Method: ml+structural

All Detected Categories

cryptocurrency blockchain
85%
finance banking
77%
e-commerce shopping
71%
government public service
61%
real estate property
41%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
23.5.154.81Tokyo, Tokyo, Japan
AS16509AMAZON-02
2188.114.96.3United States
AS13335CLOUDFLARENET
23.5.157.68Tokyo, Tokyo, Japan
AS16509AMAZON-02
2188.114.97.3United States
AS13335CLOUDFLARENET
23.5.156.113Tokyo, Tokyo, Japan
AS16509AMAZON-02
2124.221.80.91Shanghai, Shanghai, China
AS45090Shenzhen Tencent Computer Systems Company Limited
23.5.154.17Tokyo, Tokyo, Japan
AS16509AMAZON-02
2142.250.181.234United States
AS15169GOOGLE
23.5.154.146Tokyo, Tokyo, Japan
AS16509AMAZON-02
23.5.157.2Tokyo, Tokyo, Japan
AS16509AMAZON-02
7333--

Detected Technologies5

HTTP/3
40%
HSTS
40%
Cloudflare Bot Management
40%
Cloudflare
40%
Vue.js
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C2433E3872433463057BA8D0B0D45F08B2A29B3AC2258654F7FD236A77DACE16F563E5

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:5aMfgExon4lnbHjachm8DSqmfV/8DSqmfuSJBQSJRmVH8bYxaVygjoN6RUxLf5Ys:5aMfgqon4lnbHjack8S80xAb

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:60199:CRxIlRAsCQRKxAYRCBDkcAB0RfEAokoAANH5gNCYpPAKDAaRG0SOhRcKBAAJMFhAjQII9W6VXBoykiIhWAIYEAhUIwIgwkQg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data