ScanMalware.com

Security Scan Report: biwork.ru

Site favicon
Submitted: Dec 25, 2025, 11:35:38 PMCompleted: Dec 25, 2025, 11:36:03 PMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 2 countries across 10 domains to perform 182 HTTP transactions. The main domain is biwork.ru.

Submitted URL: https://biwork.ru

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

High‑risk phishing site impersonating BT with malicious IP and many redirects.

Risk Factors
Association with a known malicious IP address
Typosquatting/brand impersonation on an unranked domain
Large number of redirects (37) indicating redirect abuse
Domain age unknown / likely newly created
Gibberish OCR content suggesting social‑engineering tactics
Domain age information unavailable

Details

Page Title

Главные новости Бийска, Барнаула и Алтайского края

Scan Type

public

Language

🇷🇺

Russian

(80% confidence)

Category

phishing scam

(43%)

Domain Information

Within the Russian country-code top-level domain (.ru), 'biwork.ru' is registered. Count 6 characters in 'biwork' split between two vowels and 4 consonants. Word splitting yields 2 words: bi, work. The median word length lands at three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://biwork.ru

Page Load Overview

8.52s
Total Load Time
238
HTTP Requests
30
Domains
3.9 MB
Total Size

Language Analysis

Primary Language

🇷🇺Russian
Code: ru
Confidence:80%
Script:Cyrillic
Direction:ltr

Detection Details

Language Code:ru
Detection Confidence:80%
Script Type:Cyrillic
HTML Lang Attribute:ru
Text Length:11,331 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam43% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
43%
entertainment media
38%
news media journalism
27%
forum
25%
corporate
25%

Detected Features

Search
Comments
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3087.250.251.119Russia
AS13238YANDEX LLC
26188.225.42.161St Petersburg, St.-Petersburg, Russia
AS9123Jsc timeweb
2637.9.64.225Russia
AS13238YANDEX LLC
2688.212.202.52Moscow, Moscow, Russia
AS39134Edinaya Set Limited Liability Company
26142.251.140.164United States
AS15169GOOGLE
2690.156.232.15Russia
AS47764LLC VK
2695.163.52.67Russia
AS47764LLC VK
26142.250.185.131Unknown
AS200197
26185.59.220.198Unknown
AS7979
2389--

Detected Technologies3

X-UA-Compatible
100%
Open-Graph-Protocolvwebsite
100%
Ubuntu
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DDD3353084E020A78196A1C3F5346F1FBEE2E67B99170A1473AC1BDAAFD7DA1CD07159

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:OqGh7RNRsdz9qd7RTVdzIN/Q8oiv0XMD87Q1hV02BR:4h7RNRsdz9qd7RTVdzIN/QlQ0XMDhxR

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:138195:hGjCQCBNCDBN0xHOPIzMIbJgiUIpoMQCEAIBEhB7SFoigEQJCQgyUSKgCLnYUIADMwqWIAlEg4rRhY5AGlJ0kqIHl1kYmVJI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe3e3e3e3e1ffff
Perceptual Hash:e1619e989e966d8c
Difference Hash:dacfcfcfd7c3c24f
Wavelet Hash:ffc141c1c1c1ff03
Color Hash:#bf7540

Other Hashes

Crop Resistant:dacfcfcfd7c3c24f,7397d9191b3fcf9f,896302948626f9f4,e27231ec6839d858

Scan History

Scan history not available

Unable to load historical scan data