ScanMalware.com

Security Scan Report: paypal-a4duue0gsyitbg1.pages.dev

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Submitted: Apr 12, 2026, 6:44:34 AMCompleted: Apr 12, 2026, 6:46:10 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 3 domains to perform 3 HTTP transactions. The main domain is paypal-a4duue0gsyitbg1.pages.dev and was registered NaN years ago.

Submitted URL: https://paypal-a4duue0gsyitbg1.pages.dev/

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site impersonates Google on an unranked .pages.dev subdomain with unknown age; high brand spoofing risk – likely phishing.

Risk Factors
Unranked domain
Brand impersonation / typosquatting
Subdomain on hosting platform with unknown age
JavaScript obfuscator usage detected by IDS
Potential phishing page without credential collection
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

New Tab

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'paypal-a4duue0gsyitbg1.pages.dev' uses the developer-focused generic top-level domain (.dev) and includes subdomain 'paypal-a4duue0gsyitbg1'. Count 5 characters in 'pages' split between 2 vowels and 3 consonants. Splitting it apart reveals one word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://paypal-a4duue0gsyitbg1.pages.dev/

Page Load Overview

0.45s
Total Load Time
13
HTTP Requests
3
Domains
160 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:7 chars
Detector Agreement:0%

Website Classification

Primary Category

unknown0% confidence
Type: static
Method: structural

All Detected Categories

No categories detected

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
7104.16.174.226United States
AS13335Cloudflare, Inc.
6172.66.44.155United States
AS13335Cloudflare, Inc.
132--

Detected Technologies3

HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T192736AF5D6F96394158FC3D5EB661895AF3E10FB264981A4722C9BF0AF11898CF87C80

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:HIkPaMxf/N6cw15UxDTti0xhfK6DV/JPsEnOJwNtPDsTSq:Ek2AZzxLDV/JJw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:76905:BWIhDnGIlCwItBQQBcEUaAgCC0oiI03kRiiCUJVhIAQFHbeCeQwQQiCIyEAwwFAJghAmoVAjUwIEYgDqEOlBMCoFAE6CLcUR

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:eee7c3e7fffffffe
Perceptual Hash:f7225588dd88dd89
Difference Hash:080c1e0c00000000
Wavelet Hash:fee7c3e703030302
Color Hash:#6a3a78

Other Hashes

Crop Resistant:080c1e0c00000000

Scan History

Scan history not available

Unable to load historical scan data