ScanMalware.com

Security Scan Report: formulario-registro2025.cr-web.workers.dev

Site favicon
Submitted: Dec 10, 2025, 3:57:15 AMCompleted: Dec 10, 2025, 3:57:48 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 1 domain to perform 19 HTTP transactions. The main domain is formulario-registro2025.cr-web.workers.dev and was registered NaN years ago.

Submitted URL: https://formulario-registro2025.cr-web.workers.dev/usuario?id=QZCTBqfJnGSouazpzt5x&banco=banco-proamerica

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing site harvesting passwords without usernames.

Risk Factors
Hidden password field (credential harvesting)
Password field without username (credential harvesting)
Brand impersonation of a bank on a non‑official domain
Unranked domain presenting financial services
Domain age information unavailable

Details

Page Title

Registro | ACH Banca en línea

Scan Type

public

Language

🇪🇸

Spanish

(54% confidence)

Category

finance banking

(74%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'formulario-registro2025.cr-web.workers.dev' is registered with subdomain 'formulario-registro2025.cr-web'. The registrable portion 'workers' spans 7 characters holding 2 vowels versus 5 consonants. Breaking it apart gives 1 word: workers. The median word length lands at seven characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://formulario-registro2025.cr-web.workers.dev/usuario?id=QZCTBqfJnGSouazpzt5x&banco=banco-proamerica

Page Load Overview

13.24s
Total Load Time
19
HTTP Requests
1
Domains
21 KB
Total Size

Language Analysis

Primary Language

🇪🇸Spanish
Code: es
Confidence:54%
Script:Latin
Direction:ltr

Detection Details

Language Code:es
Detection Confidence:54%
Script Type:Latin
Text Length:166 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking74% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
74%
government public service
71%
adult content
28%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7104.21.33.193United States
AS13335CLOUDFLARENET
4172.67.191.247United States
AS13335CLOUDFLARENET
42606:4700:3035::6815:21c1United States
AS13335CLOUDFLARENET
42606:4700:3037::ac43:bff7United States
AS13335CLOUDFLARENET
194--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T173714463AD09DD664523CD8CB06AE70E604AD13FD9BA4498B3FCC68D03A1E9A4F19C91

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:XX4GCGoeq7OPQdjuMHT0eL02NpEoWRCn7YlpG9mk41cy90jmBzrRFSRBzSzGZlRn:XoNYq7utIIyYj9k49umbGZw1nG

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3709:CkAIECUzAEEAoCAgAJCBgAAAALghgEAEAAxCCCAQDgJAIQCAgAKAUBBABkAAAACCAiAQEMIbgZCIECRKYgCCQEABAAIgAwEA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data