ScanMalware.com

Security Scan Report: rtproyal389-2.pages.dev

Redirected to: https://rtproyal389-2.pages.dev/habanero

Site favicon
Submitted: Jan 2, 2026, 2:28:47 PMCompleted: Jan 2, 2026, 2:30:01 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 3 domains to perform 58 HTTP transactions. The main domain is rtproyal389-2.pages.dev and was registered NaN years ago.

Submitted URL: https://rtproyal389-2.pages.dev/habanero.html

Effective URL: https://rtproyal389-2.pages.dev/habaneroRedirected

AI Security Verdict

High Risk

Confidence: 95%

8
Risk Score

Site contains malicious Indicators of Compromise and brand impersonation; treat as high‑risk phishing.

Risk Factors
Malicious Indicators of Compromise match on primary domain (pages.dev)
Brand impersonation (Royal) on an unranked, non‑official domain
Phishing‑style login prompt without a real authentication form
Domain age information unavailable

Details

Page Title

RTP ROYAL389 LIVE NON STOP

Scan Type

public

Language

🇺🇸

English

(58% confidence)

Category

adult content

(52%)

Domain Information

Domain 'rtproyal389-2.pages.dev' uses the developer-focused generic top-level domain (.dev) with subdomain 'rtproyal389-2'. Count 5 characters in 'pages' holding two vowels versus 3 consonants. Segmentation suggests one word: pages. Median word length comes out to 5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://rtproyal389-2.pages.dev/habanero.html

Page Load Overview

2.41s
Total Load Time
41
HTTP Requests
2
Domains
864 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:58%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:58%
Script Type:Latin
HTML Lang Attribute:id
Text Length:1,819 chars
Detector Agreement:100%
Language mismatch: Declared as id but detected as en

Website Classification

Primary Category

adult content52% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

adult content
52%
gambling betting
30%
entertainment media
27%
corporate
25%

Detected Features

Search
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
11195.177.94.253United States
AS13335
10104.17.24.14United States
AS13335CLOUDFLARENET
10188.114.96.3United States
AS13335CLOUDFLARENET
10104.17.25.14United States
AS13335
414--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14DD38716A7F1153B449790A02EEF9F0A7779C10BC506990C3AED52CC8F9AD54892FFAC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:1BeeJzUqf0IUKGUlMpK85zPeys05A8a+f:1BeeJzUhKGOQ51

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:139580:CEHxJg+ArmSAoiSYipAPIFEMAAICXUhLEpCgEQMlpdBwRCEmIMyEhATNneZxGmiwVCElFJACQBGC0UBMIAzJAEUJMRQBFMDi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data