ScanMalware.com

Security Scan Report: services.gismeteo.ru

Redirected to:
https://www.gismeteo.ru/
Site favicon
Submitted: May 16, 2026, 5:31:17 PMCompleted: May 16, 2026, 5:33:11 PMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 6 countries across 17 domains to perform 57 HTTP transactions. The main domain is gismeteo.ru and was registered NaN years ago.

Submitted URL: https://services.gismeteo.ru

Effective URL: https://www.gismeteo.ru/Redirected

The Cisco Umbrella rank of the primary domain is #99,327 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 88%

7
Risk Score

The site shows strong malicious activity (data exfiltration and C2) despite being an old, legitimate‑looking domain; avoid interaction and report.

Risk Factors
Critical IDS alerts indicating data exfiltration
Potential command‑and‑control beacon activity
Association with known malicious IP address
Domain age information unavailable

Details

Page Title

GISMETEO: Погода в России, прогноз погоды на сегодня, завтра, 3 дня, выходные, неделю, 10 дней, 2 недели, месяц

Scan Type

public

Language

🇷🇺

Russian

(80% confidence)

Category

healthcare medical

(91%)

Domain Information

You're looking at domain 'services.gismeteo.ru' on the Russian country-code top-level domain (.ru) and includes subdomain 'services'. Count 8 characters in 'gismeteo' with 4 vowels and 4 consonants. Splitting it apart reveals four words: g, is, me, teo. Average segment length settles at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://services.gismeteo.ru

Page Load Overview

5.45s
Total Load Time
187
HTTP Requests
33
Domains
1.6 MB
Total Size

Language Analysis

Primary Language

🇷🇺Russian
Code: ru
Confidence:80%
Script:Cyrillic
Direction:ltr

Detection Details

Language Code:ru
Detection Confidence:80%
Script Type:Cyrillic
HTML Lang Attribute:ru
Text Length:59,735 chars
Detector Agreement:100%

Website Classification

Primary Category

healthcare medical91% confidence
Type: static
Method: ml+structural

All Detected Categories

healthcare medical
91%
corporate
25%
forum
20%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2237.157.2.14Denmark
AS198622Adform A/S
1193.158.134.158Russia
AS13238YANDEX LLC
11172.67.188.26United States
AS13335Cloudflare, Inc.
1189.149.193.97Netherlands
AS60781LeaseWeb Netherlands B.V.
11151.236.83.93Moscow, Moscow, Russia
AS57363CDNvideo LLC
1188.212.201.198Moscow, Moscow, Russia
AS39134Edinaya Set Limited Liability Company
1151.38.120.206Hessen, Saxony-Anhalt, Germany
AS16276OVH SAS
11188.42.34.65Luxembourg
AS7979Servers.com, Inc.
11199.68.197.234Moscow, Moscow, Russia
AS48018Fornex Hosting S.L.
11142.250.154.156United States
AS15169Google LLC
18716--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C7042851B0E5342B034391F1D41A7A0AF616F6B7ED4B4D14B1BC8AF4AFA1EA9CC2725C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:Mcaj9Rido5mHxFDoizTQj1zl2sE8B41EyTNHP168rzg+yeos7d:Mcaj9Rido5mHPDoizTQJ5a7gsoGd

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:179940:GFAgCghZpABBONeQZRx2QCCMoREfDNCA6WgqJAKokAOAEwIKWoBi3FwuEgR4kOcgdQssDeOOIhBgQJQQkGgigCCcIE84/Nha

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0008fff9f9f981a3
Perceptual Hash:c950365836b0c7ef
Difference Hash:9cbad29ad2d35a6a
Wavelet Hash:008af8f8f9f98393
Color Hash:#aed22d

Other Hashes

Crop Resistant:9cbad29ad2d35a6a

Scan History

Scan history not available

Unable to load historical scan data