ScanMalware.com

Security Scan Report: tesorowin.vip

Redirected to: https://tesorowin.vip/#/

Submitted: Nov 26, 2025, 11:11:28 PMCompleted: Nov 26, 2025, 11:13:59 PMpubliccompleted
Loading additional data...

Summary

This website contacted 80 IPs in 2 countries across 11 domains to perform 340 HTTP transactions. The main domain is tesorowin.vip and was registered NaN years ago.

Submitted URL: https://tesorowin.vip/

Effective URL: https://tesorowin.vip/#/Redirected

AI Security Verdict

Low Risk

Confidence: 85%

0
Risk Score

No suspicious activity detected; site appears benign.

Safety Factors
No malicious Indicators of Compromise matches found
No credential or payment forms detected on the site
No brand impersonation or phishing indicators observed
Domain age information unavailable

Details

Page Title

TesoroWin

Scan Type

public

Language

🇺🇸

English

(56% confidence)

Category

finance banking

(67%)

Domain Information

Domain 'tesorowin.vip' uses the .vip top-level domain while skipping any subdomain. Count 9 characters in 'tesorowin' containing 4 vowels alongside five consonants. Breaking it apart gives 4 words: te, so, row, in. The median word length lands at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://tesorowin.vip/

Page Load Overview

0.90s
Total Load Time
340
HTTP Requests
11
Domains
28.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:56%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:56%
Script Type:Latin
HTML Lang Attribute:zh-CN
Text Length:121 chars
Detector Agreement:100%
Language mismatch: Declared as zh but detected as en

Website Classification

Primary Category

finance banking67% confidence
Type: static
Method: ml+structural

All Detected Categories

finance banking
67%
gambling betting
58%
cryptocurrency blockchain
50%
adult content
44%
technology software
42%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
17965.8.102.37United States
AS16509AMAZON-02
8954.192.35.39United States
AS16509AMAZON-02
243.5.151.219Singapore, Singapore
AS16509AMAZON-02
1718.245.31.84United States
AS16509AMAZON-02
103.5.151.127Singapore, Singapore
AS16509AMAZON-02
6104.18.23.242United States
AS13335CLOUDFLARENET
465.8.102.177United States
AS16509AMAZON-02
4108.138.7.49United States
AS16509AMAZON-02
418.245.31.61United States
AS16509AMAZON-02
454.192.35.68United States
AS16509AMAZON-02
34080--

Detected Technologies1

X-UA-Compatible
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A0457D3670075C5B31AF9968B07657581C3BDA2BD1685F28F76D3BA16ECE9E028323D0

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:a50qLAQf31NJMEe5hDIKoMokoqowoMo5ouoRooo5o0oeoxoH8u1El:a9JME8I11W

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:1244524:yRUEEEVoQGFDVQoJTTBBCEBwkGA4jxC4CEEig0ZWXAVALGABjmw5JmgUA6ieLCBQBCMBEyEgCZAjCKSA0KDCF6oQkhogghCA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003c3c3c3c3c3c00
Perceptual Hash:c7c7643c303679c9
Difference Hash:c4e0c0f8f061e0d4
Wavelet Hash:027c7e3e3e3c3c60
Color Hash:#798cd2

Other Hashes

Crop Resistant:c988eed96970a0a4,c4e0c0f8f061e0d4

Scan History

Scan history not available

Unable to load historical scan data