ScanMalware.com

Security Scan Report: www.bimdorabaltea.it

Redirected to:
https://www.bimdorabaltea.it/en-us/home
Site favicon
Submitted: May 8, 2026, 7:47:16 PMCompleted: May 8, 2026, 7:48:37 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 64 HTTP transactions. The main domain is bimdorabaltea.it and was registered NaN years ago.

Submitted URL: https://www.bimdorabaltea.it/it-it/home

Effective URL: https://www.bimdorabaltea.it/en-us/homeRedirected

AI Security Verdict

Moderate Risk

Confidence: 78%

4
Risk Score

The site shows critical IDS alerts for data exfiltration and C2 activity despite being old and form‑free, indicating malware distribution; avoid and report.

Risk Factors
Critical IDS alerts indicating malware/C2 activity
Eval() usage with highly obfuscated JavaScript
Domain is unranked in Cisco Umbrella top 1M
Safety Factors
No password, email, or payment fields in any form
Well‑established domain (5230 days old)
No Indicators of Compromise matched in threat intel
No JavaScript YARA malware patterns detected
Meta tags do not claim major brand ownership
Domain age information unavailable

Details

Page Title

Bim

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

documentation technical

(86%)

Domain Information

Domain 'www.bimdorabaltea.it' uses the Italian country-code top-level domain (.it) and includes subdomain 'www'. Count 13 characters in 'bimdorabaltea' containing six vowels alongside seven consonants. Segmentation suggests four words: bim, dora, bal, tea. Median word length comes out to 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.bimdorabaltea.it/it-it/home

Page Load Overview

6.40s
Total Load Time
66
HTTP Requests
7
Domains
4.3 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:7,187 chars
Detector Agreement:75%

Website Classification

Primary Category

documentation technical86% confidence
Type: webapp
Method: ml+structural

All Detected Categories

documentation technical
86%
government public service
56%
government
40%

Detected Features

Search
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
14142.251.20.94United States
AS15169Google LLC
13142.251.154.119United States
AS15169Google LLC
13151.11.50.116Florence, Tuscany, Italy
AS24994genesys informatica srl
13142.251.13.95United States
AS15169Google LLC
13142.251.110.102United States
AS15169Google LLC
665--

Detected Technologies4

MetaGenerator
100%
JQueryv3.6.0
100%
HTTP/3
40%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17883A72075F0543B41DB85C469766A26AEE6D303C90E0589FABD4BD40FEFC5ADE2710E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:vp3rd04BDLEnvodjj3Mqbsz3g6f/Fa5zUR7hby:vp3rd04BEnlMsz3gz5e7hby

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:84267:oWAQuQDIAS1EKeEiERWOASxsJQxjpCAYDEhBBAgWCAWABAa9lJANjCjADh8CBIaBxGAOygMMg8r1oHoBAANSBBKCZ6ICnAFB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffff00071fffcf00
Perceptual Hash:bc8773db0e30270d
Difference Hash:3333d73c63101b21
Wavelet Hash:dfff000019ffcf00
Color Hash:#89e06c

Other Hashes

Crop Resistant:3333d73c63101b21,0404041414040404,e1f6d6373c3c6273,b7d5d8933b46e0e3,89070601870301aa,3e27393936b6242c

Scan History

Scan history not available

Unable to load historical scan data