Security Scan Report: xtrf.eu

Redirected to:
https://xtm.cloud/xtrf/
Site favicon
Submitted: May 28, 2026, 10:33:07 PMCompleted: May 28, 2026, 10:34:20 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 1 HTTP transaction. The main domain is xtm.cloud and was registered NaN years ago.

Submitted URL: https://xtrf.eu

Effective URL: https://xtm.cloud/xtrf/Redirected

The Cisco Umbrella rank of the primary domain is #785,228 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 95%

5
Risk Score

Critical malicious JavaScript signatures and low domain reputation indicate a confirmed malware distribution site.

Risk Factors
Critical YARA matches indicating credential theft and data exfiltration
Multiple high‑severity keylogger detections
High JavaScript obfuscation score
Low domain reputation rank
Presence of malicious JavaScript without user‑visible forms
Safety Factors
Domain age >10 years (well‑established)
Self‑branding matches the domain (no brand impersonation)
No credential or payment forms detected
No external Indicators of Compromise matched
No network IDS alerts
Established domain (3752 days old) with no strong malicious indicators — risk clamped from 10 to 5
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by datadome bot protection. Our scanner was challenged or blocked during access.

Page Title

XTRF | Translation Business Management

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

news/blog

(40%)

Domain Information

You're looking at domain 'xtrf.eu' on the .eu country-code top-level domain. Its registrable label 'xtrf' stretches across 4 characters with 0 vowels and four consonants. Splitting it apart reveals two words: xt, rf. The median word length lands at two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://xtrf.eu

Page Load Overview

2.77s
Total Load Time
60
HTTP Requests
11
Domains
442 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:35,234 chars
Detector Agreement:100%

Website Classification

Primary Category

news/blog40% confidence
Type: dynamic
Method: structural

All Detected Categories

news/blog
40%

Detected Features

OG: article

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1251.210.102.164France
AS16276OVH SAS
8142.251.127.95United States
AS15169Google LLC
8172.64.147.188United States
AS13335Cloudflare, Inc.
8148.251.5.0Falkenstein, Saxony, Germany
AS24940Hetzner Online GmbH
8146.75.120.217Frankfurt am Main, Hesse, Germany
AS54113Fastly, Inc.
83.174.46.76United States
AS16509Amazon.com, Inc.
823.36.162.220Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
607--

Detected Technologies8

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19984A97271A6627F0767C7E022A0A716E19300CEDDC640C4D3F9837C66DBE4A6D792A7

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:qQBxLQVr7EstNv0fvHvsVzvyTJURuWEHFtVuOQ2KnCnadGCPa9YigULkWnObDWUj:qQBhSr7RqTJURuWEHLsRgsKsysPs05ca

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:391118:GBVQWQCB2QQRYDEhIAgAAIRArpEG4IDvAkhpkeKwjDDVIgAkwgBAIAiSWaKIARGYUkEAZskAUnEigJsAFBMIAsB2RkgUAAEu

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff81818181ffffff
Perceptual Hash:ae6ec1c19394946f
Difference Hash:9c23652d6b3322a7
Wavelet Hash:ff8101018181ffff
Color Hash:#94e06c

Scan History

Scan history not available

Unable to load historical scan data