ScanMalware.com

Security Scan Report: riyefjsbmnk2i13642r87iuwhfk125367-43.webflow.io

Submitted: Mar 27, 2026, 8:39:24 PMCompleted: Mar 27, 2026, 8:40:35 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 3 domains to perform 9 HTTP transactions. The main domain is riyefjsbmnk2i13642r87iuwhfk125367-43.webflow.io and was registered NaN years ago.

Submitted URL: https://riyefjsbmnk2i13642r87iuwhfk125367-43.webflow.io/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page impersonating AT&T Mail login; avoid and report.

Risk Factors
Brand impersonation (AT&T Mail) on an unrelated webflow.io subdomain
Credential‑harvesting login form
Google Safe Browsing phishing detection
Unranked domain with brand claim
Potential credential harvesting without legitimate purpose
Domain age information unavailable

Details

Page Title

riyefjsbmnk2i13642r87iuwhfk125367^&43$@

Scan Type

public

Language

🇺🇸

English

(47% confidence)

Category

adult content

(26%)

Domain Information

Domain 'riyefjsbmnk2i13642r87iuwhfk125367-43.webflow.io' uses the British Indian Ocean Territory country-code top-level domain (.io) and includes subdomain 'riyefjsbmnk2i13642r87iuwhfk125367-43'. The registrable portion 'webflow' spans 7 characters holding two vowels versus five consonants. Segmentation suggests two words: web, flow. Median word length comes out to 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://riyefjsbmnk2i13642r87iuwhfk125367-43.webflow.io/

Page Load Overview

0.33s
Total Load Time
18
HTTP Requests
4
Domains
19 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:47%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:47%
Script Type:Latin
Text Length:171 chars
Detector Agreement:50%

Website Classification

Primary Category

adult content26% confidence
Type: static
Method: ml+structural

All Detected Categories

adult content
26%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6104.18.36.248United States
AS16509
6104.18.161.117United States
AS13335Cloudflare, Inc.
613.226.247.18United States
AS16509Amazon.com, Inc.
183--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B68187B3F4359417020369F9FE96738CE4869B4ECA638680D1B0CB2E5FEED854D6506D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:8uy5PNPSqVVLTw/doOg3jmJtvOiIRCjKCFtCRut0vq0O:rwPNPSYV3ww6JtvMDEt8iuFO

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3970:AAARAIACMeCAFAhCQBQARAiSKAAICSIQAIBIkBA2QiAQAIICDoIAAAA+AFAQAMigAMAKEAEBQAAAAAAABGBAASAQloApAIoQ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:e7e7e7ffffffffff
Perceptual Hash:b33333998ccc6666
Difference Hash:080c4d0008000000
Wavelet Hash:e4c0e4fcf0f0f0f0
Color Hash:#abac53

Other Hashes

Crop Resistant:080c4d0008000000

Scan History

Scan history not available

Unable to load historical scan data