ScanMalware.com

Security Scan Report: 13syhxy.cfcncv.workers.dev

Redirected to:
https://13syhxy.cfcncv.workers.dev/
Site favicon
Submitted: Jun 11, 2026, 12:11:42 PMCompleted: Jun 11, 2026, 12:13:02 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 2 HTTP transactions. The main domain is 13syhxy.cfcncv.workers.dev and was registered NaN years ago.

Submitted URL: http://13syhxy.cfcncv.workers.dev/

Effective URL: https://13syhxy.cfcncv.workers.dev/Redirected

AI Security Verdict

Moderate Risk

Confidence: 62%

5
Risk Score

The site presents WTO‑related content on an unranked, age‑unknown subdomain; lacking malicious code but exhibiting moderate suspicion due to brand mismatch and unknown age.

Risk Factors
Brand mismatch with article content
Unknown subdomain age on a hosting platform
Unranked domain reputation
ML phishing label despite low confidence
Safety Factors
og:type is "article" – indicates news/reporting, not impersonation
No forms or credential collection
No JavaScript malware or credential exfiltration detected
No network IDS alerts
Domain age information unavailable

Details

Page Title

World Trade Organization - Home page - Global trade

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing/scam

(40%)

Domain Information

The domain name '13syhxy.cfcncv.workers.dev' uses the developer-focused generic top-level domain (.dev); it also runs on subdomain '13syhxy.cfcncv'. The core label 'workers' covers 7 characters holding two vowels versus five consonants. It segments into 1 word: workers. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://13syhxy.cfcncv.workers.dev/

Page Load Overview

2.74s
Total Load Time
55
HTTP Requests
5
Domains
1023 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,631 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing/scam40% confidence
Type: spa
Method: structural

All Detected Categories

phishing/scam
40%

Detected Features

OG: article

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16104.17.208.5United States
AS13335Cloudflare, Inc.
13142.251.14.97United States
AS15169Google LLC
13104.16.80.73United States
AS13335Cloudflare, Inc.
13172.67.182.69United States
AS13335Cloudflare, Inc.
554--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15EF2D615ACB1813B425260D4BB6ABB0DEBA1D097810DCD18B6EC4B851FC2F89CD67FD9

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:ElBdhh8f8saTmHBi5E9pLr62wn2P8ex/j3:IBdhh8Uln+Lr62wnVex/j3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:37497:7gVIBEoQdAEBQILRIHsdi6AqgEBx0FoGoAVBTYHQMAGDRgyAYHFQiYikAggwAEEICpvQB5YCKJQFFIiEIOhAU4AAo0HmOhRV

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fe3e3fffffff3f7f
Perceptual Hash:80ff00fcff00ff01
Difference Hash:02c2c0010181c1c1
Wavelet Hash:f2f2317103030303
Color Hash:#8e87c5

Other Hashes

Crop Resistant:02c2c0010181c1c1

Scan History

Scan history not available

Unable to load historical scan data