Suspected phishing site | Cloudflare

suspicious phishing

malicious

English

The domain 'pub-ffa7df5dbe9e40f2a4b8e26e39892e0b.r2.dev' uses the developer-focused generic top-level domain (.dev) and includes subdomain 'pub-ffa7df5dbe9e40f2a4b8e26e39892e0b'. The registrable portion 'r2' spans 2 characters with 0 vowels and one consonant, notching 1 digit. Segmentation suggests 2 words: r, 2. Average segment length settles at 1 character. 'r' most strongly signals Chinese (Zhuyin). Secondary signals appear in Sinhala and Chinese (Simplified). Overall, 'pub-ffa7df5dbe9e40f2a4b8e26e39892e0b.r2.dev' reads as Chinese (Zhuyin) with character flair.

html/51/25/5125dcfa-e98b-4daf-b1fc-9f0cc9063644_fallback.html.gz

html/51/25/5125dcfa-e98b-4daf-b1fc-9f0cc9063644.html.gz

f5afb8525cd9888cb435f9653c9639e0a8926c21b5a4c20e8ef88e4b91958832

52fdd1bc104f88b62b0503d62bcc1d63b9ea0db599949358519f1a47d3a0b78b

3dd83a652b2e60d8dfc699cd2006f70007b826a92b49e61e9194bf422481ac05

robots

viewport

HSTS header missing - vulnerable to protocol downgrade attacks

CSP header missing - vulnerable to XSS attacks

child-src https:  chrome-untrusted://new-tab-page/ chrome-untrusted://ntp-microsoft-auth/;connect-src chrome://resources chrome://theme 'self';default-src 'self';font-src chrome://resources 'self';img-src chrome://resources chrome://theme chrome://image chrome://favicon2 chrome://app-icon chrome://extension-icon chrome://fileicon blob: data: 'self';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources chrome://webui-test 'self';style-src chrome://resources chrome://theme 'self' 'unsafe-inline';trusted-types parse-html-subset sanitize-inner-html static-types webui-test-script webui-test-html polymer-html-literal polymer-template-event-attribute-policy lit-html-desktop;frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;worker-src blob: 'self';frame-ancestors 'none';

child-src 'none';object-src 'none';require-trusted-types-for 'script';script-src chrome://resources 'self';trusted-types;frame-ancestors 'none';

Abuse Team

CloudFlare, Inc.

r2.dev


  if (!navigator.cookieEnabled) {
    window.addEventListener('DOMContentLoaded', function () {
      var cookieEl = document.getElementById('cookie-alert');
      cookieEl.style.display = 'block';
 

(function(){function d(){var b=a.getElementById("cf-footer-item-ip"),c=a.getElementById("cf-footer-ip-reveal");b&&"classList"in b&&(b.classList.remove("hidden"),c.addEventListener("click",function(){c

X-UA-Compatible

Cloudflare Bot Management

Cloudflare

☠️ Malicious - https://pub-ffa7df5dbe9e40f2a4b8e26e39892e0b.r2.dev/index.html

Requests	IP Address	Location	AS Autonomous System
1	104.18.50.34	United States	AS13335CLOUDFLARENET
1	104.18.54.45	United States	AS13335CLOUDFLARENET
1	2606:4700:3113::6812:362d	United States	AS13335CLOUDFLARENET
1	2606:4700:3117::6812:3222	United States	AS13335CLOUDFLARENET
4	4	-	-

Security Scan Report: pub-ffa7df5dbe9e40f2a4b8e26e39892e0b.r2.dev

Summary

AI Security Verdict

Safe Website

Safety Factors

Details

Bot Protection Detected

Screenshot

Page Load Overview

Language Analysis

Primary Language

Detection Details

Website Classification

Primary Category

All Detected Categories

Detected Features

Domain & IP Information

Detected Technologies3

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

ssdeep (Context Triggered Piecewise Hashing)

sdhash (Similarity Digest Hashing)

Image Hashes

Perceptual Hashes

Other Hashes

Scan History