ScanMalware.com

Security Scan Report: dhl-jodnophzhzapazdwuwyewqhc.pages.dev

Redirected to: https://sso.secureserver.net/?realm=pass&app=ox

Submitted: Apr 19, 2026, 8:23:31 PMCompleted: Apr 19, 2026, 8:24:42 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main domain is sso.secureserver.net and was registered NaN years ago.

Submitted URL: https://dhl-jodnophzhzapazdwuwyewqhc.pages.dev/

Effective URL: https://sso.secureserver.net/?realm=pass&app=oxRedirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

10
Risk Score

The site impersonates DHL with a credential‑only login form on a brand‑new unranked subdomain, flagged by multiple high‑severity phishing IDS alerts.

Risk Factors
Unranked domain (not in Cisco Umbrella top 1M)
Brand impersonation of DHL
Unknown subdomain age (potentially <7 days)
Credential‑only password field
High‑severity phishing IDS alerts
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(42%)

Domain Information

The domain name 'dhl-jodnophzhzapazdwuwyewqhc.pages.dev' uses the developer-focused generic top-level domain (.dev), featuring subdomain 'dhl-jodnophzhzapazdwuwyewqhc'. The registrable portion 'pages' spans 5 characters split between 2 vowels and 3 consonants. Tokenizing the label suggests 1 word: pages. Median word length comes out to five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://dhl-jodnophzhzapazdwuwyewqhc.pages.dev/

Page Load Overview

2.31s
Total Load Time
20
HTTP Requests
4
Domains
16 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:162 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software42% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
42%
documentation technical
37%
news media journalism
36%
finance banking
29%
government public service
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5188.114.97.3United States
AS13335Cloudflare, Inc.
523.67.136.227Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
5194.153.114.214Germany
AS41961Siemens Digital Logistics GmbH
5157.180.198.140Germany
AS60664x-ion GmbH
204--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DF82742480F90936510384D47AF1AA0A2F51DA0FCA4B691577FC4BE49FDBEC6CC5736A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:18GQe0uvbY0bERdbuDBmNVZm08OVBUXZsKsfs/q0ZuvRWUY4VolurK:SYElYUYgo1

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:18270:CgHglxARIAANAYIIGRBZAjhAkSAisSFECShJndcsqIoI7ABTQtBMzBirAwAspkICZHGEgEWACRAIqmghYsZBGAKAATIg0hRk

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000000000
Perceptual Hash:a288882222888822
Difference Hash:0000000000000000
Wavelet Hash:03033f27273f0f0f
Color Hash:#2dd2b7

Other Hashes

Crop Resistant:0000000000000000

Scan History

Scan history not available

Unable to load historical scan data