Security Scan Report: update-nkqgabkpdjqipyadnviqdwud.pages.dev

Redirected to:
https://update-nkqgabkpdjqipyadnviqdwud.pages.dev/
Submitted: Apr 20, 2026, 3:28:04 AMCompleted: Apr 20, 2026, 3:29:11 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 1 HTTP transaction. The main domain is update-nkqgabkpdjqipyadnviqdwud.pages.dev and was registered NaN years ago.

Submitted URL: http://update-nkqgabkpdjqipyadnviqdwud.pages.dev/

Effective URL: https://update-nkqgabkpdjqipyadnviqdwud.pages.dev/Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

The site is confirmed as a phishing scam; multiple trusted warnings and unknown subdomain age indicate high confidence of malicious intent.

Risk Factors
Unranked domain (not in Cisco Umbrella top 1 M)
Subdomain on a hosting platform with unknown age
Presence of phishing warnings from multiple trusted sources
No legitimate content or functional forms detected
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(94%)

Domain Information

The domain name 'update-nkqgabkpdjqipyadnviqdwud.pages.dev' uses the developer-focused generic top-level domain (.dev) and includes subdomain 'update-nkqgabkpdjqipyadnviqdwud'. Its registrable label 'pages' stretches across 5 characters holding 2 vowels versus 3 consonants. Breaking it apart gives 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://update-nkqgabkpdjqipyadnviqdwud.pages.dev/

Page Load Overview

0.41s
Total Load Time
7
HTTP Requests
2
Domains
0 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:378 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam94% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
94%
technology software
27%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4104.18.95.41United States
AS13335Cloudflare, Inc.
3172.66.44.127United States
AS13335Cloudflare, Inc.
72--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T152915267BABD107F109392B266BD77093AA1C003DBA649903ABCC2755F4EF95A9132C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:PjnjtjuiADa/D+DMFBzLeiO/tjA2ux4nRN3vaQxvb0:PjnjtjuiEa/SoFnOV3ux4nv3Cej0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4427:ggJgAJABAAQDAJAogARADEBUYoQiAAAAAFjIQgAnFOAgQSgAAJAIIIAEBQE8gJBAAKFCADAEkwANgAiASwAIBAAgUAALoACg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff8787ffc7ffffff
Perceptual Hash:b83898c3c3c7ce3c
Difference Hash:203c3c0404000000
Wavelet Hash:0f079fc3030f0f0f
Color Hash:#3a786a

Other Hashes

Crop Resistant:203c3c0404000000

Scan History

Scan history not available

Unable to load historical scan data