ScanMalware.com

Security Scan Report: ap.ndevor.net

Site favicon
Submitted: May 16, 2026, 9:10:43 AMCompleted: May 16, 2026, 9:12:15 AMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main domain is ap.ndevor.net and was registered NaN years ago.

Submitted URL: https://ap.ndevor.net

The Cisco Umbrella rank of the primary domain is #243,890 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 85%

5
Risk Score

The site shows strong signs of phishing with a credential form, circular redirects, high IDS alerts, and heavy JS obfuscation, warranting a high‑risk classification.

Risk Factors
Circular redirect (URL manipulation)
High IDS alert indicating potentially bad traffic
Credential form (username/password) on a low‑rank, non‑brand domain
Critical JS obfuscation (high entropy, excessive concatenation)
Low domain reputation rank
Safety Factors
Domain age > 6 years (well‑established)
No malicious Indicators of Compromise matched
No JavaScript malware YARA patterns detected
No cross‑origin credential exfiltration observed
Standard hosting (no cloud storage or IPFS usage)
Established domain (2397 days old) with no strong malicious indicators — risk clamped from 8 to 5
Domain age information unavailable

Details

Page Title

Newland Ndevor

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

documentation technical

(53%)

Domain Information

The domain 'ap.ndevor.net' uses the network infrastructure generic top-level domain (.net); it also runs on subdomain 'ap'. The core label 'ndevor' covers 6 characters holding 2 vowels versus 4 consonants. Tokenizing the label suggests 2 words: nde, vor. Median word length is 3 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ap.ndevor.net

Page Load Overview

4.07s
Total Load Time
23
HTTP Requests
5
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
Text Length:3,486 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical53% confidence
Type: webapp
Method: ml+structural

All Detected Categories

documentation technical
53%
technology software
53%
government public service
41%
blog personal website
41%
cryptocurrency blockchain
37%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7142.251.127.84United States
AS15169Google LLC
445.145.229.10Hong Kong
AS139659LUCIDACLOUD LIMITED
4142.251.14.94United States
AS15169Google LLC
43.123.156.68Frankfurt am Main, Hesse, Germany
AS16509Amazon.com, Inc.
4142.251.110.94United States
AS15169Google LLC
235--

Detected Technologies6

X-UA-Compatible
100%
PasswordField
100%
JQueryv1.11.2
100%
reCAPTCHA
45%
HubSpot CMS
20%
Google Sign-in
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A8031C15F38C3A3F842241B0B41976D9E05F89339E218CF9FDF769387AC0EA91917266

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:jMQ2T4P0lpN9c7i0LTxz30t47cvl4B/uQo:jMQ2T4P0lFc7i0Txz30ASlguD

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:41099:BEtqAwi1EBQiAg2sgKRAQR6FgAAQDEChjLQwAhgMgisRVmAlESUWZIQgI7oJYinowJCJCOgcUGGMQjYAYyFoxCQCeQlIgZIV

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010001818003c3c
Perceptual Hash:88649335cd373799
Difference Hash:0b313171b3b36979
Wavelet Hash:0399393d19193dbd
Color Hash:#a46ce0

Other Hashes

Crop Resistant:cbcbcbcbcbcbcbcb,8283c26953828c8e,e4620b6667a68282,0a313333b2b36979

Scan History

Scan history not available

Unable to load historical scan data