Security Scan Report: winroke-e0da.pcetamol884.workers.dev

Site favicon
Submitted: Jul 1, 2026, 5:21:50 PMCompleted: Jul 1, 2026, 5:24:25 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is winroke-e0da.pcetamol884.workers.dev and was registered NaN years ago.

Submitted URL: https://winroke-e0da.pcetamol884.workers.dev/[email protected]

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Page hosts a credential phishing login impersonating secure-u.com on an unknown workers.dev subdomain.

Risk Factors
Unknown subdomain age
Brand impersonation (different email domain)
Credential form on an unranked, unknown-age domain
Domain age information unavailable

Details

Page Title

genpgblaq

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

government public service

(57%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'winroke-e0da.pcetamol884.workers.dev' is registered, featuring subdomain 'winroke-e0da.pcetamol884'. The registrable portion 'workers' spans 7 characters split between two vowels and 5 consonants. Tokenizing the label suggests 1 word: workers. Average segment length settles at seven characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://winroke-e0da.pcetamol884.workers.dev/?IUzI1R5=rlfranklin@secure-u.com

Page Load Overview

2.86s
Total Load Time
6
HTTP Requests
3
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:80 chars
Detector Agreement:100%

Website Classification

Primary Category

government public service57% confidence
Type: static
Method: ml+structural

All Detected Categories

government public service
57%
gambling betting
47%
news media journalism
44%
finance banking
37%
phishing scam
32%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
3188.114.96.3Cloudflare · WAFUnited States
AS13335Cloudflare, Inc.
3172.217.208.95Google · CDNUnited States
AS15169Google LLC
62--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1BA71D76256710C7F62175AD0F5AAFB2620DB814FE64801A831FD41F47BE8E84DC3B5E8

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:nGN3JAfnQzp+jHHQjOkQpUWol7jBute2ui86s:GGQzWwykQel5yi6s

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3509:gcAEAMAAECBACyAhAAQAArEhQKIAAAQGAEggEAMgQBCQQMYgEQLAAAhAAoACBAAARAACAGBAAAAhSQCAASBAgCWAAgAIgARi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffe7e7e7e7ffff
Perceptual Hash:b394cd639ccd2332
Difference Hash:220e4c0c0d4f0b20
Wavelet Hash:f2e2c6c2c0e0e0f0
Color Hash:#2d8630

Scan History

Scan history not available

Unable to load historical scan data