Security Scan Report: xelmora-gld-lenquva-a2x7dc91.pages.dev

Redirected to:
https://www.facebook.com/
Site favicon
Submitted: Jul 11, 2026, 11:50:34 PMCompleted: Jul 11, 2026, 11:53:43 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 44 HTTP transactions. The main domain is facebook.com and was registered NaN years ago.

Submitted URL: https://xelmora-gld-lenquva-a2x7dc91.pages.dev/

Effective URL: https://www.facebook.com/Redirected

AI Security Verdict

High Risk

Confidence: 84%

8
Risk Score

The site impersonates Facebook/Instagram, hosts a login form on an unknown‑age pages.dev subdomain, and uses heavily obfuscated JavaScript, indicating a high‑risk phishing page.

Risk Factors
Credential harvesting on a non‑official domain
Brand impersonation of a major social media platform
Unknown subdomain creation date on a hosting platform
Critical JavaScript obfuscation
Unranked domain in Cisco Umbrella
Domain age information unavailable

Details

Page Title

Facebook

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

social media network

(48%)

Domain Information

The domain name 'xelmora-gld-lenquva-a2x7dc91.pages.dev' uses the developer-focused generic top-level domain (.dev) and includes subdomain 'xelmora-gld-lenquva-a2x7dc91'. The registrable portion 'pages' spans 5 characters containing two vowels alongside 3 consonants. It segments into 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://xelmora-gld-lenquva-a2x7dc91.pages.dev/

Page Load Overview

0.90s
Total Load Time
44
HTTP Requests
5
Domains
1.4 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,019 chars
Detector Agreement:100%

Website Classification

Primary Category

social media network48% confidence
Type: spa
Method: ml+structural

All Detected Categories

social media network
48%
technology software
25%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9104.26.0.100Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
7172.66.45.26Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
7172.66.46.230Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
7157.240.0.174Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
7157.240.0.6Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
7157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934Facebook, Inc.
446--

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1FFA45B05FA08C4771B3B0FE1D4A67907A75D080BDA885DE4D5AEBB7834C7BB8221B716

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:nBlgZjHCIJQkAqZjispgNmzU9E+GnIWnIjiD99jifr0aiWFRYkRhznaHDB9nuqRR:s2IJQoFAg

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:485292:yDFICDpAICF9/wE1TlDCCnE3MgACCSEE0kpLfDRxAwEfIQQDFjCQkyQIhRIdTEc2JBBrAodlBJEikBJ0gEJAaHYAasyggBXi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:003c3c3c3c3c3800
Perceptual Hash:8a9b35267164bc9d
Difference Hash:8d69717979e1e11f
Wavelet Hash:013d3d3c3d3d3d01
Color Hash:#c587a5

Scan History

Scan history not available

Unable to load historical scan data