Security Scan Report: pub-fdb56b6d24aa44fb8c3543dda1edab15.r2.dev

Submitted: May 14, 2026, 3:23:40 PMCompleted: May 14, 2026, 3:24:51 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 6 HTTP transactions. The main domain is pub-fdb56b6d24aa44fb8c3543dda1edab15.r2.dev and was registered NaN years ago.

Submitted URL: https://pub-fdb56b6d24aa44fb8c3543dda1edab15.r2.dev/index%286%29.html

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Multiple strong signals (Cloudflare, Google Safe Browsing, OCR, ML) confirm this site is a phishing scam; avoid and report.

Risk Factors
Unranked / low‑reputation domain
Random hash sub‑domain (pub‑fdb56b6d24aa44fb8c3543dda1edab15.r2.dev)
No legitimate content; page only shows phishing warning
Absence of legitimate forms but presence of phishing warnings indicates malicious intent
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(95%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'pub-fdb56b6d24aa44fb8c3543dda1edab15.r2.dev' is registered, featuring subdomain 'pub-fdb56b6d24aa44fb8c3543dda1edab15'. The core label 'r2' covers 2 characters split between 0 vowels and one consonant, along with one digit. Breaking it apart gives 2 words: r, 2. The median word length lands at one character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://pub-fdb56b6d24aa44fb8c3543dda1edab15.r2.dev/index%286%29.html

Page Load Overview

0.48s
Total Load Time
6
HTTP Requests
2
Domains
50 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:378 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam95% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
95%
technology software
28%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3104.18.54.45United States
AS13335Cloudflare, Inc.
3104.18.94.41United States
AS13335Cloudflare, Inc.
62--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T145916327BABD107F109392B266BDB7093AA1C007CB9749903ABCC2755F4AF95AD132C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:PjnjtjuiADa/D+DMFBzLeiO/tjA2uTnRA3vaQxvb0:PjnjtjuiEa/SoFnOV3uTnq3Cej0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4427:ggJgAJABAAQDAJAogARADEJUQoQiAAAAAFjIQgAnFMAgQSgAAJAIAIAEBQE8gJBACKFCADAElwANgAiASwAIBAAgUAALoACg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff8787ffc7ffffff
Perceptual Hash:b83898c3c3c7ce3c
Difference Hash:203c3c0414000000
Wavelet Hash:9c849cc0c0fcfcfc
Color Hash:#40bfaa

Other Hashes

Crop Resistant:203c3c0414000000

Scan History

Scan history not available

Unable to load historical scan data