ScanMalware.com

Security Scan Report: cartsave.io

Site favicon
Submitted: May 6, 2026, 7:15:56 AMCompleted: May 6, 2026, 7:17:30 AMpubliccompleted
Loading additional data...

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 48 HTTP transactions. The main domain is cartsave.io and was registered NaN years ago.

Submitted URL: https://cartsave.io

The Cisco Umbrella rank of the primary domain is #621,720 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

The site shows strong malicious network activity (critical IDS alerts) despite lacking forms or brand impersonation, indicating a high‑risk malware distribution site.

Risk Factors
Critical IDS alerts (malware data exfiltration & C2 beacon)
Low Cisco Umbrella ranking for a site claiming its own brand
Multiple external CDN and analytics domains (potential data leakage)
Absence of legitimate user‑facing forms despite malicious traffic
Domain age information unavailable

Details

Page Title

CartSave.io

Scan Type

public

Language

🇺🇸

English

(49% confidence)

Category

technology software

(53%)

Domain Information

Domain 'cartsave.io' uses the British Indian Ocean Territory country-code top-level domain (.io) with no subdomain. The core label 'cartsave' covers 8 characters containing 3 vowels alongside five consonants. Tokenizing the label suggests two words: cart, save. Expect four characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://cartsave.io

Page Load Overview

5.85s
Total Load Time
164
HTTP Requests
30
Domains
10.6 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:49%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:49%
Script Type:Latin
Text Length:3,559 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software53% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
53%
e-commerce
15%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
14192.178.183.97United States
AS15169Google LLC
10104.17.207.5United States
AS13335Cloudflare, Inc.
10142.251.20.94United States
AS15169Google LLC
10142.251.13.136United States
AS15169Google LLC
10188.114.96.3United States
AS13335Cloudflare, Inc.
10104.16.79.73United States
AS13335Cloudflare, Inc.
10104.17.202.31United States
AS13335Cloudflare, Inc.
10151.101.66.137United States
AS54113Fastly, Inc.
102.21.20.132Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
10104.17.25.14United States
AS13335Cloudflare, Inc.
16416--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C2038421A4F1557301A370D675BAAB047EA0E30BCB5A895879FC4BCC2F91E96CE1357C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:Ngeo6sFl9rLr1gwdQW6dOIJk6p6cbbwN2JKst8ReqOW/SHMYifXm3:Ng56Ul9rH1gwdQWSOIJk6p6cbbwN2JKm

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:38942:GUgbCwEJFkwBgoDCEQMsAwhQNLRkgKAJAgQTJCsQQiBJCLGFmqAPqIUOGYlQKBFSMUC5EwgqxTNCdQYOMiwYAAwBJQcGWSAQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fff0f0f030f0ffff
Perceptual Hash:ce49b9a592b22d8b
Difference Hash:c0e261e5e5e73cca
Wavelet Hash:7f7030303070ceff
Color Hash:#53ac66

Other Hashes

Crop Resistant:c0e261e5e5e73cca,fc988c8ebeceb0f0,9d0d0ce4c4e4447e

Scan History

Scan history not available

Unable to load historical scan data