ScanMalware.com

Security Scan Report: www.motionberry999xerz.ru

Site favicon
Submitted: Dec 29, 2025, 5:35:03 PMCompleted: Dec 29, 2025, 5:37:00 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is motionberry999xerz.ru.

Submitted URL: https://www.motionberry999xerz.ru

The Cisco Umbrella rank of the primary domain is #540,311 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 95%

8
Risk Score

Domain is flagged for known smokeloader malware; treat as HIGH_RISK and do not visit.

Risk Factors
Malicious Indicators of Compromise match (smokeloader malware)
Low Cisco Umbrella ranking (540,311) suggests suspicious reputation
Domain age unknown / appears brand‑new, increasing risk
Domain age information unavailable

Details

Page Title

Operation Endgame

Scan Type

public

Language

🇺🇸

English

(69% confidence)

Category

entertainment media

(69%)

Domain Information

Domain 'www.motionberry999xerz.ru' uses the Russian country-code top-level domain (.ru); it also runs on subdomain 'www'. The second-level label 'motionberry999xerz' is 18 characters long containing five vowels alongside ten consonants; bonus characters include 3 digits. Word splitting yields five words: motion, berry, 999, xe, rz. Average segment length settles at three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.motionberry999xerz.ru

Page Load Overview

1.02s
Total Load Time
3
HTTP Requests
2
Domains
1 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:69%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:69%
Script Type:Latin
Text Length:62 chars
Detector Agreement:100%

Website Classification

Primary Category

entertainment media69% confidence
Type: static
Method: ml+structural

All Detected Categories

entertainment media
69%
adult content
49%
documentation technical
49%
news media journalism
46%
government public service
39%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3188.40.141.211Falkenstein, Saxony, Germany
AS24940Hetzner Online GmbH
31--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17FE07D6A80F2791444141EC24F803D901F99C7A70E944F057A8F662ABFD4565D84B59C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6:haxwh63AEdhaA8gPRmEHhSv0MLVuBCcIPyiZTYFr1dtalAWXz:haxiEdgoPSv0kVOC5PBZTomfj

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:1:0:29477ad0ef1e89010bac693c6c2817b3

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000000000
Perceptual Hash:8000000000000000
Difference Hash:0000000000000000
Wavelet Hash:0000000000000000
Color Hash:#78931f

Other Hashes

Crop Resistant:0000000000000000

Scan History

Scan history not available

Unable to load historical scan data