ScanMalware.com

Security Scan Report: dhl-express-fhdmivtrztretianjyyviyqm.pages.dev

Redirected to: https://sso.secureserver.net/?realm=pass&app=ox

Submitted: Apr 8, 2026, 1:33:43 PMCompleted: Apr 8, 2026, 1:34:53 PMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 154 HTTP transactions. The main domain is sso.secureserver.net and was registered NaN years ago.

Submitted URL: http://dhl-express-fhdmivtrztretianjyyviyqm.pages.dev/

Effective URL: https://sso.secureserver.net/?realm=pass&app=oxRedirected

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

Phishing login page impersonating GoDaddy; do not enter credentials and report the site.

Risk Factors
Brand impersonation on an unusual free‑hosting subdomain
Credential‑only password field (suspicious harvesting pattern)
New subdomain (age <7 days) with login form
Cross‑origin credential submission
High‑severity IDS alerts for script obfuscation
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(42%)

Domain Information

Domain 'dhl-express-fhdmivtrztretianjyyviyqm.pages.dev' uses the developer-focused generic top-level domain (.dev) and includes subdomain 'dhl-express-fhdmivtrztretianjyyviyqm'. Count 5 characters in 'pages' containing 2 vowels alongside 3 consonants. Breaking it apart gives one word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://dhl-express-fhdmivtrztretianjyyviyqm.pages.dev/

Page Load Overview

2.03s
Total Load Time
21
HTTP Requests
4
Domains
16 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:162 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software42% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
42%
documentation technical
37%
news media journalism
36%
finance banking
29%
government public service
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
599.84.152.39Germany
AS60664
2188.114.97.3United States
AS13335Cloudflare, Inc.
2104.16.150.240Germany
AS41961
223.53.42.160Germany
AS13335
2194.153.114.214Germany
AS41961Siemens Digital Logistics GmbH
223.67.132.85GermanyUnknown
213.32.99.44GermanyUnknown
2157.180.198.140Germany
AS60664x-ion GmbH
223.67.136.227Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
219--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D4C4D815751CED7F6B9241C7F0EEB906E695212AC2C46C4498E8CF0C97DE9EC322266F

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:uNass2ZacqyrG4cqyr2tXGcqyr2tXFTjSWfK6orW7lW8:oahY4lb

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:550966:OEKElhcm3AEIIpURJKIIFALRNDjIBMRgR9FEINIAJARNkb8AIAhhxMKEI5RwcYuejAJAgwgMZVBkCSwvDLgzMGQmAkAEMCkC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:f1911f834f9fffff
Perceptual Hash:ac6ce6e3616c1c93
Difference Hash:a7273436d83230c0
Wavelet Hash:f10103030f9f9f3f
Color Hash:#e0c96c

Other Hashes

Crop Resistant:a7273436d83230c0,71e0cc8c8e96c071,204cb0b2320c2000,c894326969323248

Scan History

Scan history not available

Unable to load historical scan data