ScanMalware.com

Security Scan Report: nucleusrogue.shop

Submitted: Mar 17, 2026, 4:26:46 AMCompleted: Mar 17, 2026, 4:27:56 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 1 country across 6 domains to perform 78 HTTP transactions. The main domain is nucleusrogue.shop and was registered NaN years ago.

Submitted URL: https://nucleusrogue.shop/

AI Security Verdict

Confirmed Scam

Confidence: 85%

9
Risk Score

High‑risk site impersonating Poppy Playtime; brand‑new unranked domain offering dubious download – avoid.

Risk Factors
Critical new domain (<7 days old)
Unranked domain presenting a well‑known game title (brand impersonation)
Suspicious free‑download offer for copyrighted game – potential malware distribution
Domain age information unavailable

Details

Page Title

Poppy Playtime Chapter 2

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(67%)

Domain Information

The domain 'nucleusrogue.shop' uses the commerce-oriented generic top-level domain (.shop) while skipping any subdomain. The second-level label 'nucleusrogue' is 12 characters long split between 6 vowels and six consonants. Tokenizing the label suggests two words: nucleus, rogue. Average segment length settles at 6 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://nucleusrogue.shop/

Page Load Overview

1.47s
Total Load Time
76
HTTP Requests
6
Domains
8.7 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:4,746 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software67% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
67%
entertainment media
55%
documentation technical
50%
adult content
46%
education learning
39%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16185.199.109.153United States
AS15169
12104.17.24.14United States
AS13335Cloudflare, Inc.
12142.250.201.182United States
AS15169Google LLC
12142.251.141.99United States
AS15169Google LLC
12104.21.61.180United States
AS13335Cloudflare, Inc.
12142.250.201.74United States
AS15169Google LLC
766--

Detected Technologies4

HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%
cdnjs
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1B3E3AF359200613FAA07B6DCF994E3B2739E213DFA024589BFAC13426356DDD5E2FA05

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:L01xKkE4aYfCr++mbm+i2JM7hr6Runt/oARJhO4ypmkqVqWA7FWeFAuxyi19v6e7:gVarGtilhmm/nRDyX+q9Ee3x7vmy

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:146536:ywBOTiCYsIDgGSIhAHCwAvCE5hEzpAlQnJ28wJKAQJUkKCIYUQxjpQAgsKlAiAUBJQMAJwFDkDYB3AwQEEEDwzNEAyDkcIXH

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fff1f1c18181f1ff
Perceptual Hash:edc5963992c63196
Difference Hash:1623232333332360
Wavelet Hash:f3f1e1818181a1ff
Color Hash:#81d279

Other Hashes

Crop Resistant:1623232333332360,1717556161515553,6169e3c171898969

Scan History

Scan history not available

Unable to load historical scan data