ScanMalware.com

Security Scan Report: mecheri.stream

Site favicon
Submitted: Dec 14, 2025, 4:20:04 AMCompleted: Dec 14, 2025, 4:20:39 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 1 domain to perform 27 HTTP transactions. The main domain is mecheri.stream and was registered NaN years ago.

Submitted URL: https://mecheri.stream/nextcloud/login

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

New unranked domain with a login form; highly likely credential harvesting.

Risk Factors
Critical domain age (<7 days) combined with credential‑harvesting form
Presence of password field on a newly registered, unranked domain
Unranked domain lacking any established reputation
Domain age information unavailable

Details

Page Title

Login – MecheriCloud

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(67%)

Domain Information

You're looking at domain 'mecheri.stream' on the .stream top-level domain. Its registrable label 'mecheri' stretches across 7 characters split between three vowels and 4 consonants. Word splitting yields two words: me, cheri. Median word length is 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://mecheri.stream/nextcloud/login

Page Load Overview

12.80s
Total Load Time
27
HTTP Requests
1
Domains
101 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:262 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software67% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
67%
corporate
25%

Detected Features

Login Form
Search
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9172.67.165.231United States
AS13335CLOUDFLARENET
6104.21.49.190United States
AS13335CLOUDFLARENET
62606:4700:3031::ac43:a5e7United States
AS13335CLOUDFLARENET
62606:4700:3031::6815:31beUnited States
AS13335CLOUDFLARENET
274--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1AEF49FB29C4535357A27D325318EAB7A331BB1035C22568DD48E30890FFABED62B257D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

12288:hEktZtB4b6chxpBOSabYKgPZtB4bSUDqNkg2EeFlqksOr+R:GkXt3ctkf+R

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:753300:y+QQiYCAGvH9AgUxGAS7GUxQVwS8UAgQCDMEBAcCZCAFWGZAWiSFULiAuhEkIAjMwCAQyrUFA9aRADMAATTi+wAKZzAMdCKa

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00181818387ee100
Perceptual Hash:c99c32e31eb0c93e
Difference Hash:d0f0b2b2e1c08f33
Wavelet Hash:007878f8fcfee118
Color Hash:#a8ac53

Other Hashes

Crop Resistant:e6a696e4f0718682,e0e0e0c2c1828303,82626c6c6a808282,d0f0b2b2e1c08f33

Scan History

Scan history not available

Unable to load historical scan data