ScanMalware.com

Security Scan Report: xtool.ru

Site favicon
Submitted: Dec 26, 2025, 9:42:41 PMCompleted: Dec 26, 2025, 9:42:57 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 1 country across 5 domains to perform 54 HTTP transactions. The main domain is xtool.ru.

Submitted URL: https://xtool.ru

The Cisco Umbrella rank of the primary domain is #445,870 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 78%

8
Risk Score

Site likely phishing due to hidden password field and low‑reputation domain; do not trust.

Risk Factors
Hidden password field used for credential harvesting
Login form on a low‑reputation domain
Potentially newly registered domain with unknown age
Domain age information unavailable

Details

Page Title

Траст сайта (Проверка качества сайтов) - анализ ссылок онлайн

Scan Type

public

Language

🇷🇺

Russian

(80% confidence)

Category

government public service

(62%)

Domain Information

The domain 'xtool.ru' uses the Russian country-code top-level domain (.ru) without a subdomain. The core label 'xtool' covers 5 characters holding 2 vowels versus 3 consonants. Word splitting yields 2 words: x, tool. Median word length comes out to 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://xtool.ru

Page Load Overview

2.43s
Total Load Time
33
HTTP Requests
5
Domains
1.5 MB
Total Size

Language Analysis

Primary Language

🇷🇺Russian
Code: ru
Confidence:80%
Script:Cyrillic
Direction:ltr

Detection Details

Language Code:ru
Detection Confidence:80%
Script Type:Cyrillic
HTML Lang Attribute:ru
Text Length:5,526 chars
Detector Agreement:80%

Website Classification

Primary Category

government public service62% confidence
Type: webapp
Method: ml+structural

All Detected Categories

government public service
62%
technology software
49%
documentation technical
28%
news/blog
20%

Detected Features

Login Form
Articles

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
995.213.171.28St Petersburg, St.-Petersburg, Russia
AS49505JSC Selectel
677.88.44.55Russia
AS54113
6151.101.193.229Russia
AS13238
637.9.64.225Russia
AS13238YANDEX LLC
695.213.171.26St Petersburg, St.-Petersburg, Russia
AS49505JSC Selectel
335--

Detected Technologies1

PasswordField
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C1438570A4F514775043E0DAA9602B0BBDD391EBDAAB5704B2BC1FE95FE3DA1D903209

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:h32rHwHzsgW2uXTWzSFJcHYRHc6JyJ8UqAzVRVWdCopzAX:F2r2wgWFXTWzSFJc4ZpJyJ8UqLCopzU

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:56004:QIqIQlrKkrRKgAAKXDYgY8ZD2DRKNoWAgwGEsIGKI1iEAYaSCAhpIwSGpWyCA6rQICwFEkAEyeEUBAU0wCVJlAABEKB0yAKM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff000400000000ff
Perceptual Hash:b362cc19cc5ce18f
Difference Hash:8c0d4d88d898789c
Wavelet Hash:ffc7e7c6000004ff
Color Hash:#e0dc6c

Other Hashes

Crop Resistant:8c0d4d88d898789c,0c0c4c8c28d81af8

Scan History

Scan history not available

Unable to load historical scan data