ScanMalware.com

Security Scan Report: expathousingseminar.nl

Redirected to: https://gorod-biysk.info/?cid=NzI2NjMx

Submitted: Oct 13, 2025, 6:42:38 PMCompleted: Oct 13, 2025, 6:43:12 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 4 countries across 4 domains to perform 39 HTTP transactions. The main domain is gorod-biysk.info and was registered NaN years ago.

Submitted URL: http://expathousingseminar.nl/wp-content/plugins/wp-adaptive-processes/index.php?r=bD1odHRwczovL2dvcm9kLWJpeXNrLmluZm8vP2NpZD1OekkyTmpNeA=

Effective URL: https://gorod-biysk.info/?cid=NzI2NjMxRedirected

AI Security Verdict

High Risk

Confidence: 88%

10
Risk Score

Site shows strong signs of a compromised WordPress phishing redirect; treat as high‑risk.

Risk Factors
Compromised WordPress site indicates potential malicious content or redirects
Very new, unranked domain increases likelihood of phishing activity
Redirect to an unrelated, unknown domain suggests malicious intent
Domain age information unavailable

Details

Page Title

Excite & explore

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(96%)

Domain Information

Within the Dutch country-code top-level domain (.nl), 'expathousingseminar.nl' is registered with no subdomain. The second-level label 'expathousingseminar' is 19 characters long split between 8 vowels and eleven consonants. Word splitting yields 4 words: exp, at, housing, seminar. Median word length comes out to 5 characters. 'at' is most common in Danish usage. You will also see it in Chinese (Pinyin) and English contexts.

Screenshot

Security scan screenshot of http://expathousingseminar.nl/wp-content/plugins/wp-adaptive-processes/index.php?r=bD1odHRwczovL2dvcm9kLWJpeXNrLmluZm8vP2NpZD1OekkyTmpNeA=

Page Load Overview

14.74s
Total Load Time
39
HTTP Requests
4
Domains
3.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:4,303 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical96% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

documentation technical
96%
entertainment media
90%
adult content
71%
education learning
55%
government public service
48%

Detected Features

Search
Comments

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9142.250.185.99United States
AS15169GOOGLE
5193.233.175.104Russia
AS215590DpkgSoft International Limited
5136.144.186.187Zwolle, Overijssel, Netherlands
AS20857Signet B.V.
5142.250.186.138United States
AS15169GOOGLE
52a00:1450:4001:82f::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
52a00:1450:4001:828::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
5216.58.206.42United States
AS15169GOOGLE
397--

Detected Technologies7

WordPressv6.0
100%
MetaGenerator
100%
JQueryv3.6.0
100%
Bootstrapv6.0
100%
PHP
50%
MySQL
50%
WordPress Block Editor
30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T159638420C4F52CA3903E93D5A675673A2D93A207D6021A1876FCB3584BC7C9B987F9CD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:P6apn5TD4k4/qP+7lDDshc8aGzDhLlKYY1frL:Fx5TD4k47N1frL

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:69115:MACuQI0FIE6BMSmJIawRIAiBJAI2yAQ8IMwdoRKAAKhEsAFISmysJkbCDYsABCVpERIQ7YgAAkggWAAaCwEcgnFCGlrIo2AA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data