ScanMalware.com

Security Scan Report: rb-otoplenie.ru

Redirected to: blob:https://rb-otoplenie.ru/8a0aee52-109d-4ed5-84bb-7ec975e7832d

Submitted: Oct 4, 2025, 12:15:44 PMCompleted: Oct 4, 2025, 12:16:07 PMpubliccompleted
Loading additional data...

Summary

This website contacted 13 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main domain is .

Submitted URL: https://rb-otoplenie.ru/wp-includes/customize/class-wp-customize-partial.html

Effective URL: blob:https://rb-otoplenie.ru/8a0aee52-109d-4ed5-84bb-7ec975e7832dRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

Phishing site impersonating CapitalOne, harvesting credentials and payment info; confirmed scam.

Risk Factors
Brand impersonation (CapitalOne) on a low‑reputation domain
Unranked domain (not in Cisco Umbrella top 1M)
Disguised password fields (type=text with password placeholder)
Unicode evasion in form fields
Credential and payment data collection across several forms
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(61%)

Domain Information

You're looking at domain 'rb-otoplenie.ru' on the Russian country-code top-level domain (.ru) with no subdomain. Its registrable label 'rb-otoplenie' stretches across 12 characters holding 5 vowels versus 6 consonants, notching one hyphen. Segmentation suggests 4 words: rb, ot, ople, nie. Expect 2.5 characters per word on average. 'ot' is most common in Polish usage. It also appears in Afrikaans and Dutch contexts.

Screenshot

Security scan screenshot of https://rb-otoplenie.ru/wp-includes/customize/class-wp-customize-partial.html

Page Load Overview

0.53s
Total Load Time
8
HTTP Requests
3
Domains
30 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:1,433 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking61% confidence
Type: webapp
Method: ml+structural

All Detected Categories

finance banking
61%
adult content
47%
social media network
44%
government public service
41%
documentation technical
37%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
891.201.52.229Russia
AS44128Internet-Pro LLC
0151.101.130.137San Francisco, California, United States
AS54113FASTLY
035.157.26.135Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
063.176.8.218Frankfurt am Main, Hesse, Germany
AS16509AMAZON-02
0151.101.194.137UnknownUnknown
02a04:4e42:600::649UnknownUnknown
0151.101.66.137UnknownUnknown
02a04:4e42:400::649UnknownUnknown
0151.101.2.137UnknownUnknown
02a05:d014:58f:6200::259UnknownUnknown
813--

Detected Technologies1

PasswordField
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12443543661A341BADDB3CAC847EB2A463E849887E0C9D12477AC9AD44F838D5D47D3DC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:e7FSF3FuWFzF+fs8utovi8utovWX9ssTHdrCt1WtcL/plyA7qvE6mw:0Ql0WxMTv9vHeNCt1WtcLRlyA7q86mw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:57008:gIgBAwEEhgpAIQCtFBBkEkoOCLCBFgjQqQjHAMzwpChCBBtDHMiiSMgYI6AhAMICQEKEK8AoygCRBxYEDQwVgEISQg0kyDQE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7fa5bde7c3ffcfff
Perceptual Hash:b38f8c27239d89b1
Difference Hash:e869704c4d2a2c00
Wavelet Hash:7f343c2c0424df0d
Color Hash:#63ac53

Other Hashes

Crop Resistant:e869704c4d2a2c00

Scan History

Scan history not available

Unable to load historical scan data