ScanMalware.com

Security Scan Report: ko-fi.com

Site favicon
Submitted: Dec 14, 2025, 1:25:27 AMCompleted: Dec 14, 2025, 1:26:47 AMpubliccompleted
Loading additional data...

Summary

This website contacted 60 IPs in 5 countries across 22 domains to perform 107 HTTP transactions. The main domain is ko-fi.com and was registered NaN years ago.

Submitted URL: https://ko-fi.com/s/4baef29790

The Cisco Umbrella rank of the primary domain is #46,676 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 92%

2
Risk Score

Legitimate Ko‑fi page; minor hidden password field warrants caution but overall low risk.

Risk Factors
Hidden password field detected, which can be used for credential harvesting
Safety Factors
Domain age 5326 days (well‑established)
High Cisco Umbrella ranking (top 100 K)
No malicious Indicators of Compromise matches
Legitimate brand (Ko‑fi) with consistent branding
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by Cloudflare bot protection. Our scanner was challenged or blocked during access.

Page Title

Just a moment...

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

e-commerce

(80%)

Domain Information

Within the commercial generic top-level domain (.com), 'ko-fi.com' is registered and has no subdomain. The core label 'ko-fi' covers 5 characters holding 2 vowels versus two consonants, plus one hyphen. Word splitting yields 2 words: ko, fi. Median word length is two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ko-fi.com/s/4baef29790

Page Load Overview

17.58s
Total Load Time
107
HTTP Requests
22
Domains
4.4 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,922 chars
Detector Agreement:100%

Website Classification

Primary Category

e-commerce80% confidence
Type: spa
Method: structural

All Detected Categories

e-commerce
80%
corporate
70%
social_media
50%

Detected Features

Login Form
Search
Products
OG: product
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
48166.117.105.37United States
AS16509AMAZON-02
1216.239.34.36United States
AS15169GOOGLE
1199.232.172.176Stockholm, Stockholm County, Sweden
AS54113FASTLY
1104.20.38.66United States
AS13335CLOUDFLARENET
1216.58.209.200United States
AS15169GOOGLE
1216.239.32.36United States
AS15169GOOGLE
1172.66.144.201United States
AS13335CLOUDFLARENET
1216.58.209.195United States
AS15169GOOGLE
164.233.161.154United States
AS15169GOOGLE
13.164.68.20United States
AS16509AMAZON-02
10760--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11B824B378552101F623B0FE7A1A9F7285121F348E702A3EEF0A79E4497C995B56633AC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:Va+x9yIPl2boVmJkEq1BPlq0lHe5FWXnXQbeJ2BTV/aGiEaCyplBG0stqo:U+xcq4brJkxbto5FWXXC5WGiEaHzGDtl

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:18808:DhjVCSJEQiIOAIPIACHpCxwuwKKyBBkB1hCJQhSRgCAgqBksACBSUQMMeRANCwkLBQCyJJHoEDAwqSRGKoREHiCGEWFCU1O5

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:dfc3c7c3ffffffe7
Perceptual Hash:b038c2cfc6cdc3c3
Difference Hash:301414160000000c
Wavelet Hash:fcc0ccc0f0f0f8c0
Color Hash:#a8ac53

Other Hashes

Crop Resistant:301414160000000c

Scan History

Scan history not available

Unable to load historical scan data