Security Scan Report: levir-hold.pages.dev

Site favicon
Submitted: Dec 3, 2025, 11:47:39 AMCompleted: Dec 3, 2025, 11:48:52 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 1 country across 2 domains to perform 6 HTTP transactions. The main domain is levir-hold.pages.dev.

Submitted URL: https://levir-hold.pages.dev/

AI Security Verdict

High Risk

Confidence: 95%

8
Risk Score

Site is flagged by Cloudflare as a suspected phishing page; treat as high‑risk and do not engage.

Risk Factors
Cloudflare phishing warning indicates strong malicious activity
Unranked, likely newly registered domain increases suspicion
Absence of legitimate content; only a phishing warning page is displayed
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(95%)

Domain Information

Domain 'levir-hold.pages.dev' uses the developer-focused generic top-level domain (.dev) with subdomain 'levir-hold'. Count 5 characters in 'pages' containing 2 vowels alongside three consonants. It segments into 1 word: pages. Median word length comes out to 5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://levir-hold.pages.dev/

Page Load Overview

0.19s
Total Load Time
6
HTTP Requests
2
Domains
0 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:379 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam95% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
95%
technology software
30%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4172.66.44.252United States
AS13335CLOUDFLARENET
1104.18.95.41United States
AS13335CLOUDFLARENET
0172.66.47.4United States
AS13335CLOUDFLARENET
0104.18.94.41United States
AS13335CLOUDFLARENET
02606:4700:310c::ac42:2f04United States
AS13335CLOUDFLARENET
02606:4700::6812:5e29United States
AS13335CLOUDFLARENET
02606:4700:310c::ac42:2cfcUnited States
AS13335CLOUDFLARENET
02606:4700::6812:5f29United States
AS13335CLOUDFLARENET
68--

Detected Technologies2

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T193916273BABD107F109391B261BDB7093AA1C003CB9709903ABCC2751F5AF95AD132C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:PjnjtjuiADa/D+DMFozLeiO/t8A2u+nRR3vaQxvb0:PjnjtjuiEa/SoYnOVsu+nX3Cej0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4345:RAIAAqEAAAACAMEgkhgDAQBVAAGoggLgxAAAACAFEAMAMCaAAKWQAIAHABAOlAAEAKECkBJGGIkEAABASQQABACAQCBxBgIA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff7e1e003efeffff
Perceptual Hash:9715f0c70778f807
Difference Hash:00c0705a42004000
Wavelet Hash:ce0e0e000ececece
Color Hash:#b96ce0

Other Hashes

Crop Resistant:00c0705a42004000

Scan History

Scan history not available

Unable to load historical scan data