ScanMalware.com

Security Scan Report: upgrade-etherfi.com

Redirected to:
https://upgrade-etherfi.com/?fake_crap_for_dvmb_nalve_ldlots
Submitted: May 18, 2026, 11:33:36 AMCompleted: May 18, 2026, 11:35:13 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 1 domain to perform 5 HTTP transactions. The main domain is upgrade-etherfi.com and was registered NaN years ago.

Submitted URL: http://upgrade-etherfi.com/?fake_crap_for_dvmb_nalve_ldlots

Effective URL: https://upgrade-etherfi.com/?fake_crap_for_dvmb_nalve_ldlotsRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

The site is a brand‑new, unranked domain with a circular redirect loop, indicating high risk of malicious intent.

Risk Factors
Circular redirect loop
Brand‑new domain (<7 days)
Unranked / low‑reputation domain
Placeholder auto‑generated page
Domain age information unavailable

Details

Page Title

Site is created successfully!

Scan Type

public

Language

🇺🇸

English

(54% confidence)

Category

unknown

(0%)

Domain Information

Within the commercial generic top-level domain (.com), 'upgrade-etherfi.com' is registered without a subdomain. The registrable portion 'upgrade-etherfi' spans 15 characters holding six vowels versus 8 consonants; bonus characters include one hyphen. Tokenizing the label suggests 3 words: upgrade, ether, fi. Expect 5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://upgrade-etherfi.com/?fake_crap_for_dvmb_nalve_ldlots

Page Load Overview

6.54s
Total Load Time
5
HTTP Requests
1
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:54%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:54%
Script Type:Latin
Text Length:267 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3104.21.16.145United States
AS13335Cloudflare, Inc.
2172.67.213.52United States
AS13335Cloudflare, Inc.
52--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FB21662353FE6091500340F0DFF957949BB6C0C3D66B9E103D2C559CEF86A16086B38D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24:kRV6NB8jVoF/JYBozSl5s6s77ffdg39v157NaTPuP3fkz:PBABozWX8dMh7NdO

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:1349:IAAAAAEAACCAAIAIAAAAAgAEAQAEAAgACAgAAAAAAAAEgAAIQAAAAAAAAAAAAIAAAIAAAYAgAAAAAAACAABAAAEAAQAAAAQA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff818181ffffffff
Perceptual Hash:ba3ac7c5c53c3832
Difference Hash:002b3b3300000000
Wavelet Hash:ff818181f0f0f0f0
Color Hash:#91d279

Other Hashes

Crop Resistant:002b3b3300000000

Scan History

Scan history not available

Unable to load historical scan data