ScanMalware.com

Security Scan Report: qr-codes.io

Submitted: Oct 15, 2025, 8:43:05 PMCompleted: Oct 15, 2025, 8:43:54 PMpubliccompleted
Loading additional data...

Summary

This website contacted 28 IPs in 2 countries across 6 domains to perform 7 HTTP transactions. The main domain is qr-codes.io.

Submitted URL: https://qr-codes.io/TpvA21

AI Security Verdict

High Risk

Confidence: 92%

10
Risk Score

High‑risk phishing site using URL manipulation to spoof a legitimate address.

Risk Factors
URL manipulation (spoofed URL) – strong phishing technique
Mismatch between displayed URL and actual content source
Unranked domain with unknown/very recent registration
Page cannot be reached, suggesting a dead or malicious redirect
Domain age information unavailable

Details

Page Title

servsjsrjgrjagrangajrnagrnijkfalgarnpqiwgegjgerga.aasabuwfgjwydjsuau7.web.id

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

government public service

(72%)

Domain Information

Domain 'qr-codes.io' uses the British Indian Ocean Territory country-code top-level domain (.io). Its registrable label 'qr-codes' stretches across 8 characters with two vowels and 5 consonants; bonus characters include one hyphen. Splitting it apart reveals 2 words: qr, codes. Expect 3.5 characters per word on average. Most frequently, 'codes' shows up in German. It also appears in English and French contexts.

Screenshot

Security scan screenshot of https://qr-codes.io/TpvA21

Page Load Overview

5.90s
Total Load Time
7
HTTP Requests
6
Domains
202 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en
Text Length:504 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service72% confidence
Type: static
Method: ml+structural

All Detected Categories

government public service
72%
news media journalism
68%
cryptocurrency blockchain
64%
documentation technical
61%
technology software
57%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
0142.250.186.132United States
AS15169GOOGLE
018.173.205.127United States
AS16509AMAZON-02
018.245.46.25United States
AS16509AMAZON-02
0108.138.26.105United States
AS16509AMAZON-02
0142.250.185.200United States
AS15169GOOGLE
018.173.205.17United States
AS16509AMAZON-02
02600:9000:2724:a600:2:36e5:b900:93a1United States
AS16509AMAZON-02
02600:9000:2724:1a00:2:36e5:b900:93a1United States
AS16509AMAZON-02
018.245.46.54United States
AS16509AMAZON-02
728--

Detected Technologies3

Amazon Web Services
50%
HSTS
40%
Amazon CloudFront
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A5048F77329A063D86454499E057430D9F20B143B50AC9BC7ABCBAD9BFDED06107BB78

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:xfQho9PKBb9JsE9RHCbZgRjFtSBaw9QWgceIszQ2bMy8Oldo:WhoC9J395CbZgLtSL3gcrs82eAy

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:183886:AQWGtMQQaJAVDiEKoxMAADEwAFIAjT0DwwCAmE5UzZIqQBowEY3gMe6YICES5IiUCEFAlIIXGAYICE+IAdRgKRxyFUAnIEAi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc3c3ffffffff
Perceptual Hash:b131cccccc333367
Difference Hash:00101c1c00000000
Wavelet Hash:fcdcc0c0f0f0f0f0
Color Hash:#3a5b78

Other Hashes

Crop Resistant:00101c1c00000000

Scan History

Scan history not available

Unable to load historical scan data