ScanMalware.com

Security Scan Report: aoe12.pages.dev

Redirected to:
https://kai.nl.tab.digital/login
Site favicon
Submitted: Nov 23, 2025, 11:54:38 AMCompleted: Nov 23, 2025, 11:55:27 AMpubliccompleted
Loading additional data...

Summary

This website contacted 8 IPs in 1 country across 2 domains to perform 28 HTTP transactions. The main domain is kai.nl.tab.digital and was registered NaN years ago.

Submitted URL: http://aoe12.pages.dev/

Effective URL: https://kai.nl.tab.digital/loginRedirected

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

High risk phishing site impersonating Nextcloud login.

Risk Factors
Brand impersonation: Nextcloud login page on unrelated domain
Credential harvesting form on suspicious domain
Unranked domain presenting a well‑known brand
Domain age information unavailable

Details

Page Title

Login – Nextcloud

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(65%)

Domain Information

Domain 'aoe12.pages.dev' uses the developer-focused generic top-level domain (.dev); it also runs on subdomain 'aoe12'. The core label 'pages' covers 5 characters with 2 vowels and three consonants. Tokenizing the label suggests one word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://aoe12.pages.dev/

Page Load Overview

1.14s
Total Load Time
28
HTTP Requests
2
Domains
142 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:400 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software65% confidence
Type: webapp
Method: ml+structural

All Detected Categories

technology software
65%
documentation technical
28%
corporate
25%

Detected Features

Login Form
Search
OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
26172.67.130.170United States
AS13335CLOUDFLARENET
7188.114.97.3United States
AS13335CLOUDFLARENET
3104.21.3.117United States
AS13335CLOUDFLARENET
32606:4700:3037::ac43:82aaUnited States
AS13335CLOUDFLARENET
32a06:98c1:3121::3United States
AS13335CLOUDFLARENET
32606:4700:3034::6815:375United States
AS13335CLOUDFLARENET
32a06:98c1:3120::3United States
AS13335CLOUDFLARENET
1188.114.96.3United States
AS13335CLOUDFLARENET
288--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T142D2081360460EBED103895935E9F93D830DFBD26A909088D7E90DCB59D3DABF12619F

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:GdGAH5f97+vvT3aZfglpl6kA+3eumTGtCBGTruTwDoFE/wQpVedKE54bfi:GdGAl97+vvT3aZfglpl6kVeuZruTwDoV

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:29225:oRtlAC8KkxEoRthFV6BDEAGgCABACIYJiOQCE+AUwAKgI4YJkJV4NwQPCILBARAR+EQMkDAjBEIlaCBMNCagQIGxC65ChyBC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00181818387ec000
Perceptual Hash:c91c36e31e70c93e
Difference Hash:d0f0b2b2f1d08f33
Wavelet Hash:007878f8fcfee310
Color Hash:#c6d279

Other Hashes

Crop Resistant:d9d9d9d9f8f8c987,a2d24c4d4a828282,d0f0b2b2f1d08f33

Scan History

Scan history not available

Unable to load historical scan data