ScanMalware.com

Security Scan Report: www.flow.page

Site favicon
Submitted: Oct 30, 2025, 5:42:13 PMCompleted: Oct 30, 2025, 5:43:57 PMpubliccompleted
Loading additional data...

Summary

This website contacted 20 IPs in 1 country across 6 domains to perform 66 HTTP transactions. The main domain is flow.page.

Submitted URL: https://www.flow.page/mlh21880

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Page impersonates AT&T on an unranked domain, likely a phishing attempt.

Risk Factors
Brand impersonation on an unranked, suspicious domain
Unranked domain (not in Cisco Umbrella top 1M) used for a well‑known brand
Potential malicious link (CLICK HERE TO UPDATE) with no visible credential collection
Domain age information unavailable

Details

Page Title

We're updating our terms' Flowpage

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate

(50%)

Domain Information

The domain 'www.flow.page' uses the .page top-level domain; it also runs on subdomain 'www'. The second-level label 'flow' is 4 characters long with 1 vowel and three consonants. It segments into 1 word: flow. 'flow' most strongly signals Chinese (Pinyin). Secondary signals appear in English and Danish. Net impression: Chinese (Pinyin) phrase with single-word simplicity.

Screenshot

Security scan screenshot of https://www.flow.page/mlh21880

Page Load Overview

66.46s
Total Load Time
66
HTTP Requests
6
Domains
392 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:212 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate50% confidence
Type: static
Method: structural

All Detected Categories

corporate
50%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9172.64.155.119United States
AS13335CLOUDFLARENET
3104.18.35.227United States
AS13335CLOUDFLARENET
3172.64.152.29United States
AS13335CLOUDFLARENET
3104.18.86.42United States
AS13335CLOUDFLARENET
3104.18.41.197United States
AS13335CLOUDFLARENET
3172.64.146.59United States
AS13335CLOUDFLARENET
3104.16.80.73United States
AS13335CLOUDFLARENET
3104.18.32.137United States
AS13335CLOUDFLARENET
3104.18.87.42United States
AS13335CLOUDFLARENET
32606:4700::6810:4f49United States
AS13335CLOUDFLARENET
6620--

Detected Technologies3

HSTS
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T122A2A6F1A3406C3BE23396EDF160E6DE500B7509E7895398E7E9476217CFCA75C221A8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:MQNtKsaNbzIBzBE3beQo1pOSY/8BrIHB5WBBMv:MQrKsaZIxfQo1pOSrBrIHB5WBBC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:23357:PGQtRoQkzwySCQAEacYAOKAsQqmKAFjBSMgYJwkCjiCUxQSBuQXUo6BQMs4CwQBBhMMecH8IAnjIDIwAaZwbZAkCAJCMCfDA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fffffff7ffffff00
Perceptual Hash:cfb20cd926cd18cd
Difference Hash:284d220c28303272
Wavelet Hash:ffe7ffe418181800
Color Hash:#40bfae

Other Hashes

Crop Resistant:280c202c28303332,4b00323000303000

Scan History

Scan history not available

Unable to load historical scan data