ScanMalware.com

Security Scan Report: babejudi09.icu

Submitted: Dec 20, 2025, 2:02:02 PMCompleted: Dec 20, 2025, 2:02:53 PMpubliccompleted
Loading additional data...

Summary

This website contacted 20 IPs in 3 countries across 17 domains to perform 696 HTTP transactions. The main domain is babejudi09.icu and was registered NaN years ago.

Submitted URL: https://babejudi09.icu/desktop/game/slot/spadegaming

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed phishing scam; credential harvesting on a brand‑new domain.

Risk Factors
Brand‑new domain (<7 days) with login form
Disguised password fields (type='text' with password placeholder)
Hidden password fields in the page source
Unicode evasion technique used in form fields
Multiple password fields increase credential harvesting potential
Domain age information unavailable

Details

Page Title

BABEJUDI | Slot Gampang Menang | WA 24 Jam : +6281265475069

Scan Type

public

Language

🇮🇩

ID

(80% confidence)

Category

technology software

(62%)

Domain Information

You're looking at domain 'babejudi09.icu' on the .icu top-level domain without a subdomain. Count 10 characters in 'babejudi09' holding 4 vowels versus four consonants; it also includes two digits. Word splitting yields 3 words: babe, judi, 09. Average segment length settles at four characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://babejudi09.icu/desktop/game/slot/spadegaming

Page Load Overview

7.45s
Total Load Time
696
HTTP Requests
17
Domains
4.9 MB
Total Size

Language Analysis

Primary Language

🇮🇩Indonesian
Code: id
Confidence:80%
Script:Unknown
Direction:ltr

Detection Details

Language Code:id
Detection Confidence:80%
Script Type:Unknown
HTML Lang Attribute:id
Text Length:8,575 chars
Detector Agreement:60%

Website Classification

Primary Category

technology software62% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
62%
gambling betting
59%
documentation technical
44%
entertainment media
30%
download file sharing
29%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5052.222.232.141United States
AS16509AMAZON-02
34104.18.18.157United States
AS13335CLOUDFLARENET
3452.222.232.184United States
AS16509AMAZON-02
3434.143.72.2United States
AS396982GOOGLE-CLOUD-PLATFORM
34172.67.154.65United States
AS13335CLOUDFLARENET
34172.66.161.212United States
AS13335CLOUDFLARENET
34142.250.185.104United States
AS15169GOOGLE
3452.222.232.119United States
AS16509AMAZON-02
34157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
3434.143.76.2United States
AS396982GOOGLE-CLOUD-PLATFORM
69620--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T155A4F83156D234373233B0D87CA52B855EB0924BC5678F48B2FC5BA23FD6D68AC13A59

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:aPWQVII8rBbJY53qq/IHLQTkQr5SscmZndABHd5A/quEVn:amJYoq3wQFSnQQVn

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:452488:wLJQIRpkHgkCAIRQcBtRjIhQCZmFDLklmgQJhCAUxAwI7B6EgikgigIICmQItQAgS/HRTiOMuEIloUIgwSyXAQACIcE2ghmg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data