ScanMalware.com

Security Scan Report: 23wincom.agency

Redirected to:
https://harmoniie.it.com/
Site favicon
Submitted: May 27, 2026, 1:22:20 PMCompleted: May 27, 2026, 1:23:56 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 1 country across 4 domains to perform 22 HTTP transactions. The main domain is harmoniie.it.com and was registered NaN years ago.

Submitted URL: https://23wincom.agency/

Effective URL: https://harmoniie.it.com/Redirected

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

Site hosts critical phishing and keylogger code; confirmed scam despite lack of forms.

Risk Factors
Critical YARA phishing signature
High‑severity JavaScript keylogger signature
Heavy JS obfuscation (charcode manipulation, excessive concatenation)
Unranked domain claiming a brand
Presence of malicious scripts without user interaction
Safety Factors
No login or payment forms detected
Domain age >10 years (well‑established)
No network IDS alerts
Established domain (12269 days old) with no strong malicious indicators — risk clamped from 10 to 5
Domain age information unavailable

Details

Page Title

23Win: Điểm Đến Của Trải Nghiệm Giải Trí Trực Tuyến Hiện Đại

Scan Type

public

Language

🇻🇳

VI

(80% confidence)

Category

entertainment media

(99%)

Domain Information

Within the .agency top-level domain, '23wincom.agency' is registered with no subdomain. The second-level label '23wincom' is 8 characters long containing two vowels alongside 4 consonants, plus 2 digits. Tokenizing the label suggests 3 words: 23, win, com. Median word length comes out to 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://23wincom.agency/

Page Load Overview

28.43s
Total Load Time
22
HTTP Requests
4
Domains
337 KB
Total Size

Language Analysis

Primary Language

🇻🇳Vietnamese
Code: vi
Confidence:80%
Script:Unknown
Direction:ltr

Detection Details

Language Code:vi
Detection Confidence:80%
Script Type:Unknown
HTML Lang Attribute:vi
Text Length:12,139 chars
Detector Agreement:100%

Website Classification

Primary Category

entertainment media99% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

entertainment media
99%
cryptocurrency blockchain
93%
technology software
92%
gambling betting
91%
corporate
35%

Detected Features

OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6142.251.110.94United States
AS15169Google LLC
4188.114.96.3United States
AS13335Cloudflare, Inc.
4188.114.97.3United States
AS13335Cloudflare, Inc.
4104.21.80.201United States
AS13335Cloudflare, Inc.
4192.178.170.95United States
AS15169Google LLC
225--

Detected Technologies9

WordPressv6.8.2
100%
Open-Graph-Protocolvwebsite
100%
MetaGenerator
100%
JQueryv3.7.1
100%
PHP
50%
MySQL
50%
HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A0730A33968C6437021F47DAD055720EB7CAE876D782CEA176FE11AA4BC1DF2252364E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:bCFbEo9DJN4xR2a+vBPgxTlYvKNWSenQcpmE0+apPbs4:bCFbEODoxttlYvmWS4QQ0RFo4

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:77848:ACAYLmIINXDooAAuLAMwVwCJICcwDokQIJpIWCSRUSIMySw2izACAUKHDMQAnnQSEkKBCIQAxQBCOByAEcLhwEAhFFsAYL4A

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:007c7c7c7c7c7c7c
Perceptual Hash:826d3c3d3c3c3c3c
Difference Hash:d4d4d4d4d4d4d4d4
Wavelet Hash:007c7c3c3c7c7c3c
Color Hash:#ac9353

Other Hashes

Crop Resistant:564600020000200e,bb1b69713b5f7576,d4d4d4d4d4d4d4d4

Scan History

Scan history not available

Unable to load historical scan data