ScanMalware.com

Security Scan Report: profbuh8.ru

Site favicon
Submitted: Dec 25, 2025, 12:34:24 PMCompleted: Dec 25, 2025, 12:35:51 PMpubliccompleted
Loading additional data...

Summary

This website contacted 12 IPs in 4 countries across 15 domains to perform 300 HTTP transactions. The main domain is profbuh8.ru.

Submitted URL: https://profbuh8.ru

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

High‑risk phishing site harvesting credentials

Risk Factors
Compromised WordPress site with login forms
Hidden password field (credential harvesting)
Large number of redirects (potential redirect loop/phishing chain)
Unranked, likely newly registered domain
Presence of password fields on a site without legitimate authentication purpose
Domain age information unavailable

Details

Page Title

Обучение 1С с нуля для начинающих: курсы, самоучители, уроки

Scan Type

public

Language

🇷🇺

Russian

(80% confidence)

Category

forum

(70%)

Domain Information

The domain 'profbuh8.ru' uses the Russian country-code top-level domain (.ru) with no subdomain. The core label 'profbuh8' covers 8 characters with 2 vowels and 5 consonants, notching one digit. Breaking it apart gives three words: prof, buh, 8. Median word length is 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://profbuh8.ru

Page Load Overview

63.31s
Total Load Time
432
HTTP Requests
17
Domains
1.9 MB
Total Size

Language Analysis

Primary Language

🇷🇺Russian
Code: ru
Confidence:80%
Script:Cyrillic
Direction:ltr

Detection Details

Language Code:ru
Detection Confidence:80%
Script Type:Cyrillic
HTML Lang Attribute:ru-RU
Text Length:42,388 chars
Detector Agreement:80%

Website Classification

Primary Category

forum70% confidence
Type: spa
Method: structural

All Detected Categories

forum
70%
social_media
50%

Detected Features

Comments
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
36142.251.140.174Armenia
AS15169
36142.250.185.99Finland
AS50340
36192.0.77.2San Francisco, California, United States
AS2635AUTOMATTIC
36142.250.186.136United States
AS201589
365.101.37.37Yerevan, Yerevan, Armenia
AS201589edgeam LLC
36216.58.206.42Unknown
AS13335
36192.0.77.48San Francisco, California, United States
AS2635AUTOMATTIC
36192.0.73.2San Francisco, California, United States
AS2635AUTOMATTIC
3677.88.21.119Russia
AS13238YANDEX LLC
3687.250.250.119Russia
AS13238YANDEX LLC
43212--

Detected Technologies9

WordPressv4.2.22
100%
PasswordField
100%
MetaGenerator
100%
JQueryv1.11.2
100%
Google-AnalyticsvClassic
100%
Bootstrapv1565543408
100%
PHP
50%
MySQL
50%
Ubuntu
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12754B5B2C4C6157B4113B1C6E868FB1978F3063EDFA6051AF3FE18697BC2D55A60221E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:EUZXWa3LKNehO61D9i+PjablfGQsU6QLA/YY/JzJxu1N6Zr3+Hu9PLrPQjQo2+DG:+GQgu1N6ZEEPQjt2Bb

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:281462:+gOpJgAgGSE2ghwhmgWQoizQGQBkUAqlKMV0QPCQYYhaYAQJMAjgFbBWj4YlABiIAEAlKQQsAPTTUgUQUBAWZgQ4YvALKEVJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00f1e19191f9ffff
Perceptual Hash:eb6b90051e126b3f
Difference Hash:8723032323830ccb
Wavelet Hash:00b1819181f1ffff
Color Hash:#d2c72d

Other Hashes

Crop Resistant:8723032323830ccb,0100cb2b2b2b8300,6671309e9332366c

Scan History

Scan history not available

Unable to load historical scan data