ScanMalware.com

Security Scan Report: iori-nav-6zb.pages.dev

Submitted: Dec 30, 2025, 1:32:12 PMCompleted: Dec 30, 2025, 1:33:34 PMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 1 country across 5 domains to perform 37 HTTP transactions. The main domain is iori-nav-6zb.pages.dev and was registered NaN years ago.

Submitted URL: https://iori-nav-6zb.pages.dev/?catalog=VPS

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site flagged as high‑risk phishing due to malicious Indicators of Compromise and unranked status.

Risk Factors
Presence of a malicious Indicators of Compromise match on the primary domain
Unranked domain status in Cisco Umbrella
Inability to retrieve page content (potential hidden/phishing content)
Use of a Cloudflare Workers subdomain (pages.dev) commonly abused for phishing
Domain age information unavailable

Details

Page Title

Cloudflare Workers导航🧭 - 网址导航

Scan Type

public

Language

🇨🇳

Chinese

(60% confidence)

Category

adult content

(67%)

Domain Information

Domain 'iori-nav-6zb.pages.dev' uses the developer-focused generic top-level domain (.dev), featuring subdomain 'iori-nav-6zb'. The second-level label 'pages' is 5 characters long split between two vowels and 3 consonants. It segments into 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://iori-nav-6zb.pages.dev/?catalog=VPS

Page Load Overview

13.05s
Total Load Time
37
HTTP Requests
5
Domains
1.5 MB
Total Size

Language Analysis

Primary Language

🇨🇳Chinese
Code: zh
Confidence:60%
Script:Han
Direction:ltr

Detection Details

Language Code:zh
Detection Confidence:60%
Script Type:Han
HTML Lang Attribute:zh-CN
Text Length:450 chars
Detector Agreement:67%

Website Classification

Primary Category

adult content67% confidence
Type: static
Method: ml+structural

All Detected Categories

adult content
67%
social media network
52%
technology software
48%
government public service
45%
education learning
30%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9104.21.63.38United States
AS13335CLOUDFLARENET
4172.67.69.40United States
AS13335CLOUDFLARENET
4172.66.44.186United States
AS13335CLOUDFLARENET
4172.67.169.115United States
AS13335CLOUDFLARENET
4104.26.1.190United States
AS13335CLOUDFLARENET
4172.66.47.70United States
AS13335CLOUDFLARENET
4104.26.0.190United States
AS13335CLOUDFLARENET
4104.26.2.143United States
AS13335CLOUDFLARENET
378--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15033F85C73F0083E6C5381E4EB74B739AA1DA2C3EF2E06A9F59E4022AFC2D559C53164

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:cEinhSDLxZiK4duV9oNgevcPgjWARv3/4:MheKRv3/4

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:53917:FXCdivACXswFABIQAaGIBJIgaZDIBSwOnRKepABIMtgEQiSJIAMQECAVwQiRBjkYaEBorwpEgCrlCBWhBS6KLigkAqBACQgi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:000000ffffffffff
Perceptual Hash:8e0c48a8bbbb3b4b
Difference Hash:33b061618c0c0000
Wavelet Hash:0000003ce7ffc0c0
Color Hash:#40a6bf

Other Hashes

Crop Resistant:6b708a0c10000000,7133b23430326960

Scan History

Scan history not available

Unable to load historical scan data