Security Scan Report: 17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev

Redirected to:
https://17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev/t...
Submitted: Jul 3, 2026, 1:45:31 AMCompleted: Jul 3, 2026, 1:48:45 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is 17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev and was registered NaN years ago.

Submitted URL: http://17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev/tg5lwnq0/govsoja/

Effective URL: https://17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev/tg5lwnq0/govsoja/Redirected

AI Security Verdict

High Risk

Confidence: 85%

7
Risk Score

The page impersonates Microsoft sign‑in on an unknown workers.dev subdomain, showing strong brand impersonation signals and a phishing‑style prompt, warranting a HIGH_RISK classification.

Risk Factors
Brand impersonation of a major service (Microsoft)
Unranked / low‑reputation domain
Subdomain on a hosting platform with unknown age
Use of eval() in JavaScript
Phishing‑style sign‑in prompt without a legitimate Microsoft URL
Domain age information unavailable

Details

Page Title

Shared Document

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(97%)

Domain Information

Within the developer-focused generic top-level domain (.dev), '17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev' is registered and includes subdomain '17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5'. Count 7 characters in 'workers' split between two vowels and five consonants. Word splitting yields 1 word: workers. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://17ae5ea3-1706-511d-a183-docviewer3.reynoldsjace5.workers.dev/tg5lwnq0/govsoja/

Page Load Overview

0.97s
Total Load Time
12
HTTP Requests
5
Domains
155 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,263 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software97% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
97%
documentation technical
70%
corporate business
30%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6142.251.20.95Google · CDNUnited States
AS15169Google LLC
6188.114.96.3Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
122--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T149232A3162B1102AF85395547F9BAF0BB724E103C50A86687AED0294CFCFDE6D9A375C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:8nFXwSnm3ehw+pT1UNKWc9gwVbFJWwBqltbD4ecCTlP:09wSnm3d+pUKWcKwVba1YZCTd

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:46767:0dwRcAAAJBwKQYZbLgEIxIAeQMCEpBAFQQ1IloAGqeBZkrqPYYiAiASyGLFMpwCAOoMRiAGIQGKoAcQBIMmoBYJIt1wCFIQV

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff18181818181800
Perceptual Hash:88d173e0f2d9c599
Difference Hash:8c33b3b3b3b3b34d
Wavelet Hash:ff181d1d1d191939
Color Hash:#7bbf40

Other Hashes

Scan History

Scan history not available

Unable to load historical scan data