ScanMalware.com

Security Scan Report: primorskaya233.ru

Redirected to:
blob:https://iiepl.in/ba30db14-6234-4b57-a432-aaf7f83dd62a
Submitted: Jun 4, 2026, 1:51:53 AMCompleted: Jun 4, 2026, 1:53:05 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main domain is and was registered NaN years ago.

Submitted URL: https://primorskaya233.ru/wx.htm

Effective URL: blob:https://iiepl.in/ba30db14-6234-4b57-a432-aaf7f83dd62aRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Confirmed credential phishing site impersonating Bank of America with multiple high‑risk indicators.

Risk Factors
Very new domain (<30 days)
Unranked in Cisco Umbrella (not in top 1M)
Brand impersonation without legitimate ownership
Disguised password fields (type='text' with password placeholders)
Compromised WordPress site indicators
Blob URL scheme
Domain age information unavailable

Details

Page Title

Bank of America | Online Banking | Log In | User ID

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(78%)

Domain Information

The domain 'primorskaya233.ru' uses the Russian country-code top-level domain (.ru) while skipping any subdomain. The registrable portion 'primorskaya233' spans 14 characters split between four vowels and seven consonants, notching three digits. Tokenizing the label suggests 3 words: primorska, ya, 233. Median word length comes out to three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://primorskaya233.ru/wx.htm

Page Load Overview

1.52s
Total Load Time
11
HTTP Requests
6
Domains
200 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,250 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking78% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
78%
corporate business
71%
government public service
56%
adult content
50%
documentation technical
30%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6195.161.41.36Russia
AS8342JSC RTComm.RU
5103.48.42.249India
AS132717NxtGen Datacenter & Cloud Technologies Pvt. Ltd.
112--

Detected Technologies7

PasswordField
100%
JQueryv2.2.4
100%
WordPress
75%
Cloudflare
50%
jQuery CDN
20%
cdnjs
20%
Google Hosted Libraries
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1ABD38D367DA31C9EA76388A467EF1BCD3DDC57439446C0A439EC9A850F469C089E63EC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:o7tniui5nZmMtqYAy5vjd4AGNSCRYlMnbFg:o7tn8nbqYD4AGAq3bS

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:142312:ISAJRhpRwkqfipKCAZAEIbKUQJFNs1ClN22gSoJACAOmAChYhQ0APAmsBBgCmiSJEAqBCVZrCAFAFqwwIIBVFlGEDUMAGUIg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:8181e7ffffbfffff
Perceptual Hash:bf3b683c2c8696d0
Difference Hash:230b4c4e33230020
Wavelet Hash:8181a3a38181ffff
Color Hash:#2d6186

Other Hashes

Crop Resistant:230b4c4e33230020,000040202000c000

Scan History

Scan history not available

Unable to load historical scan data