ScanMalware.com

Security Scan Report: pub-f071f129da9b4921a7cbba2a72d16819.r2.dev

Redirected to: blob:https://pub-f071f129da9b4921a7cbba2a72d16819.r2.dev/750e2518-e8c0-4a6d-a72b-95f62fcc9285

Submitted: Nov 11, 2025, 10:02:37 AMCompleted: Nov 11, 2025, 10:03:14 AMpubliccompleted
Loading additional data...

Summary

This website contacted 39 IPs in 0 countries across 11 domains to perform 15 HTTP transactions. The main domain is .

Submitted URL: https://pub-f071f129da9b4921a7cbba2a72d16819.r2.dev/index.html

Effective URL: blob:https://pub-f071f129da9b4921a7cbba2a72d16819.r2.dev/750e2518-e8c0-4a6d-a72b-95f62fcc9285Redirected

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Confirmed phishing scam collecting credentials on a cloud storage domain.

Risk Factors
Credential harvesting form on cloud storage domain
Unranked, likely newly registered domain
Use of blob URL to hide actual content source
No legitimate brand or organization indicated
Password field without accompanying secure authentication context
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(53% confidence)

Category

adult content

(28%)

Domain Information

Domain 'pub-f071f129da9b4921a7cbba2a72d16819.r2.dev' uses the developer-focused generic top-level domain (.dev), featuring subdomain 'pub-f071f129da9b4921a7cbba2a72d16819'. Its registrable label 'r2' stretches across 2 characters containing zero vowels alongside 1 consonant, plus 1 digit. Splitting it apart reveals two words: r, 2. Median word length is one character. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://pub-f071f129da9b4921a7cbba2a72d16819.r2.dev/index.html

Page Load Overview

1.91s
Total Load Time
15
HTTP Requests
11
Domains
735 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:53%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:53%
Script Type:Latin
HTML Lang Attribute:%2%B%6
Text Length:219 chars
Detector Agreement:100%
Language mismatch: Declared as %2%b%6 but detected as en

Website Classification

Primary Category

adult content28% confidence
Type: webapp
Method: ml+structural

All Detected Categories

adult content
28%
finance banking
28%
news media journalism
28%
government public service
27%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
15216.58.206.42UnknownUnknown
0104.17.25.14UnknownUnknown
0142.250.186.74UnknownUnknown
0172.67.139.119UnknownUnknown
0151.101.66.137UnknownUnknown
0142.251.140.170UnknownUnknown
0104.18.50.34UnknownUnknown
035.170.17.107UnknownUnknown
0151.101.2.137UnknownUnknown
0104.18.10.207UnknownUnknown
1539--

Content Similarity HashesFor malware variant detection

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data