ScanMalware.com

Security Scan Report: www.unrefugees.org

Submitted: Nov 1, 2025, 7:49:04 AMCompleted: Nov 1, 2025, 7:52:58 AMpubliccompleted
Loading additional data...

Summary

This website contacted 209 IPs in 6 countries across 49 domains to perform 202 HTTP transactions. The main domain is unrefugees.org.

Submitted URL: https://www.unrefugees.org/emergencies/venezuela/

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Site impersonates UNHCR and solicits donations on an untrusted, likely new domain – treat as phishing.

Risk Factors
Brand impersonation of UNHCR on an untrusted domain
Unranked/low‑reputation domain
Potentially newly registered domain
Email‑only form used in context of donation solicitation
Domain age information unavailable

Details

Page Title

Venezuela Crisis: Aid, Statistics and News | USA for UNHCR

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

adult content

(54%)

Domain Information

You're looking at domain 'www.unrefugees.org' on the non-profit oriented generic top-level domain (.org); it also runs on subdomain 'www'. The second-level label 'unrefugees' is 10 characters long containing five vowels alongside five consonants. Word splitting yields 2 words: un, refugees. The median word length lands at 5 characters. The linguistic tilt is Latvian for 'un'. Secondary signals appear in French and Italian.

Screenshot

Security scan screenshot of https://www.unrefugees.org/emergencies/venezuela/

Page Load Overview

6.18s
Total Load Time
202
HTTP Requests
49
Domains
6.6 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:6,626 chars
Detector Agreement:100%

Website Classification

Primary Category

adult content54% confidence
Type: spa
Method: ml+structural

All Detected Categories

adult content
54%
blog personal website
49%
government public service
44%
healthcare medical
41%
news media journalism
37%

Detected Features

Search
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
59104.18.7.4United States
AS13335CLOUDFLARENET
1234.107.218.251Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
9142.251.140.168United States
AS15169GOOGLE
9142.250.186.78United States
AS15169GOOGLE
7104.18.95.41United States
AS13335CLOUDFLARENET
752.242.103.142Boydton, Virginia, United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
634.145.201.140Washington, District of Columbia, United States
AS396982GOOGLE-CLOUD-PLATFORM
5157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
52.16.96.190Frankfurt am Main, Hesse, Germany
AS16625AKAMAI-AS
434.49.192.216Kansas City, Missouri, United States
AS396982GOOGLE-CLOUD-PLATFORM
202209--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T16DF3391196F04836855B10E2E1B1BF593AA6F307E780A5D072AC47B5AFC6CE29C176FC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:o6geAaHqUDf02T5fYYXy6JHVC95wS34kaLRqnx+sh:HrtqUz02T5fYYXy6y95/4l2n

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:164537:EOIMhSBBgIpUhMhgOAhznCDMsEBwzEsqOmwIoLFMLgBGAKKTTAIgIqZwsBAgAYKIKEcwEJKF0iLEGQpFgkQUKYqTyfAQpBBB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7f3c3c3c3c7cf3c1
Perceptual Hash:c692b9652fb3509a
Difference Hash:c6f8f8e9e5e0eb1b
Wavelet Hash:3e3c3c3c3c7cf101
Color Hash:#4084bf

Other Hashes

Crop Resistant:2d2d0e2e8ece2e2e,feffbd898be0c286,485b5ab6b4dccca4,c6f0fce8e4e0eb1b

Scan History

Scan history not available

Unable to load historical scan data