ScanMalware.com

Security Scan Report: pub-6d50a1c900bb412fb441945fa770d752.r2.dev

Submitted: Oct 31, 2025, 1:26:55 AMCompleted: Oct 31, 2025, 1:27:49 AMpubliccompleted
Loading additional data...

Summary

This website contacted 27 IPs in 2 countries across 8 domains to perform 14 HTTP transactions. The main domain is pub-6d50a1c900bb412fb441945fa770d752.r2.dev.

Submitted URL: https://pub-6d50a1c900bb412fb441945fa770d752.r2.dev/[email protected]

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Site hosts a hidden password field on a cloud storage domain; classified as confirmed phishing scam.

Risk Factors
Hidden password field indicates attempt to harvest credentials
Password field on cloud storage domain is a strong phishing indicator
Unranked, likely newly registered domain increases suspicion
Domain age information unavailable

Details

Page Title

Anus - continue

Scan Type

public

Language

🇺🇸

English

(66% confidence)

Category

adult content

(53%)

Domain Information

The domain 'pub-6d50a1c900bb412fb441945fa770d752.r2.dev' uses the developer-focused generic top-level domain (.dev), featuring subdomain 'pub-6d50a1c900bb412fb441945fa770d752'. Its registrable label 'r2' stretches across 2 characters split between 0 vowels and 1 consonant; it also includes one digit. It segments into 2 words: r, 2. Median word length comes out to one character. The linguistic tilt is Chinese (Zhuyin) for 'r'. You will also see it in Sinhala and Chinese (Simplified) contexts. Taken together, it feels Chinese (Zhuyin) with character flair.

Screenshot

Security scan screenshot of https://pub-6d50a1c900bb412fb441945fa770d752.r2.dev/encofficial.html?44=martin@anus.se

Page Load Overview

35.06s
Total Load Time
14
HTTP Requests
8
Domains
332 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:66%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:66%
Script Type:Latin
Text Length:131 chars
Detector Agreement:100%

Website Classification

Primary Category

adult content53% confidence
Type: webapp
Method: ml+structural

All Detected Categories

adult content
53%
healthcare medical
27%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
14151.101.193.229San Francisco, California, United States
AS54113FASTLY
0104.17.25.14United States
AS13335CLOUDFLARENET
0104.18.54.45United States
AS13335CLOUDFLARENET
0104.17.24.14United States
AS13335CLOUDFLARENET
054.157.123.137Ashburn, Virginia, United States
AS14618AMAZON-AES
0104.26.13.205United States
AS13335CLOUDFLARENET
0142.250.185.100United States
AS15169GOOGLE
0142.250.186.170United States
AS15169GOOGLE
0142.250.185.195United States
AS15169GOOGLE
0104.18.50.34United States
AS13335CLOUDFLARENET
1427--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1565295345FF010057213C7E2B6D2B988E624D917E5870519F0BD399C9B83A6BB6AB3B4

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:V362Um/SZjQ2BsjIjGvw0iAewxjpDdxT4Pi7Hj6H+e9VLKzPYC:V6Ea9JGIXwtps6zOBVLKjF

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:14364:lVTImZAhAoXKiOM9NmDFIQ4qKiyKywjCgkA7REwiBgAXG4AIgooCC2AwwFCTw8gFNAACMiA04YMpsSMhQwBAkFNGc0RAikEM

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data