ScanMalware.com

Security Scan Report: refugioaurora.org

Redirected to:
https://www.vakinha.com.br/vaquinha/sem-clinica-sem-resgates
Site favicon
Submitted: Oct 18, 2025, 3:02:21 PMCompleted: Oct 18, 2025, 3:03:30 PMpubliccompleted
Loading additional data...

Summary

This website contacted 70 IPs in 4 countries across 24 domains to perform 112 HTTP transactions. The main domain is vakinha.com.br and was registered NaN years ago.

Submitted URL: https://refugioaurora.org/

Effective URL: https://www.vakinha.com.br/vaquinha/sem-clinica-sem-resgatesRedirected

AI Security Verdict

Safe Website

Confidence: 92%

1
Risk Score

Legitimate donation page with no apparent security threats.

Safety Factors
Established domain age
Absence of login or payment fields
Redirect leads to a reputable site
Content appears to be a legitimate donation campaign
Domain age information unavailable

Details

Page Title

Mais de R$30 mil em dívidas: o projeto corre risco! | Vaquinhas online

Scan Type

public

Language

🇵🇹

Portuguese

(80% confidence)

Category

healthcare medical

(70%)

Domain Information

Within the non-profit oriented generic top-level domain (.org), 'refugioaurora.org' is registered while skipping any subdomain. The second-level label 'refugioaurora' is 13 characters long holding 8 vowels versus five consonants. Breaking it apart gives 2 words: refugio, aurora. Median word length is 6.5 characters. 'refugio' most often appears in Spanish. Secondary signals appear in Portuguese and Portuguese (Brazil).

Screenshot

Security scan screenshot of https://refugioaurora.org/

Page Load Overview

22.87s
Total Load Time
112
HTTP Requests
24
Domains
5.4 MB
Total Size

Language Analysis

Primary Language

🇵🇹Portuguese
Code: pt
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:pt
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:pt-BR
Text Length:3,883 chars
Detector Agreement:100%

Website Classification

Primary Category

healthcare medical70% confidence
Type: spa
Method: ml+structural

All Detected Categories

healthcare medical
70%
finance banking
45%
government public service
39%
corporate
35%

Detected Features

OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
43179.191.182.65Offenbach, Hesse, Germany
AS52580Azion Technologies Ltda.
152.242.103.142Boydton, Virginia, United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1141.101.90.104United States
AS13335CLOUDFLARENET
1216.239.32.36United States
AS15169GOOGLE
1188.114.97.3United States
AS13335CLOUDFLARENET
113.107.213.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1150.171.28.10United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1216.239.34.36United States
AS15169GOOGLE
1157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
1104.18.37.40United States
AS13335CLOUDFLARENET
11270--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D0245B72460875BD183B3DEEC7A57D8C630DF057B9538AC4F1DD4AB4DB8BA69A807208

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:+CY7D4GMelBe0Zd8Bi/Bogt88VGB5v/t8EKuPxMPXW9Dhy9MCK:ok9elQ+yByTDGB5t8EKuB9FCK

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:223925:IRgAoDgUApIFFh4QiDVERUqIGdImUMIBPhYmARDMjCQlwIAIgmAQYogGIwWACBpAYSlCSUQKJkUwIERlKgghASx8AhgrJYKU

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffc7c7c3cfffffff
Perceptual Hash:b830cece6b63c686
Difference Hash:2b1e9e9b1e26382c
Wavelet Hash:99828281879bbfcf
Color Hash:#2d8646

Other Hashes

Crop Resistant:2b1e9e9b1e26382c,fca9cb435bcfde5f,ccc895093b77676f,26343636162747c9

Scan History

Scan history not available

Unable to load historical scan data