ScanMalware.com

Security Scan Report: zzz-bbn.pages.dev

Submitted: Jan 22, 2026, 4:21:07 PMCompleted: Jan 22, 2026, 4:22:39 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 1 HTTP transaction. The main domain is zzz-bbn.pages.dev and was registered NaN years ago.

Submitted URL: https://zzz-bbn.pages.dev/english/tratop_e/rulesneg_e/rulesneg_e.htm

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Impersonates WTO on a new pages.dev subdomain; likely phishing – do not trust.

Risk Factors
Brand impersonation of WTO on a non‑official domain
Subdomain on a generic hosting platform (.pages.dev) with unknown creation date
Unranked domain with low reputation
Garbled content and suspicious contact email suggesting social engineering
Domain age information unavailable

Details

Page Title

WTO | Negotiating Group on Rules

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

news media journalism

(63%)

Domain Information

The domain 'zzz-bbn.pages.dev' uses the developer-focused generic top-level domain (.dev) and includes subdomain 'zzz-bbn'. The second-level label 'pages' is 5 characters long holding 2 vowels versus 3 consonants. Tokenizing the label suggests 1 word: pages. Average segment length settles at five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://zzz-bbn.pages.dev/english/tratop_e/rulesneg_e/rulesneg_e.htm

Page Load Overview

4.46s
Total Load Time
84
HTTP Requests
5
Domains
1.3 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:12,115 chars
Detector Agreement:100%

Website Classification

Primary Category

news media journalism63% confidence
Type: spa
Method: ml+structural

All Detected Categories

news media journalism
63%
healthcare medical
46%
government public service
33%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
21142.250.185.168United States
AS15169GOOGLE
21104.16.79.73United States
AS13335CLOUDFLARENET
21188.114.97.3United States
AS13335CLOUDFLARENET
21185.111.111.155Frankfurt am Main, Hesse, Germany
AS212238Datacamp Limited
844--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F7433001EADC902F563305C43460BB19AB9394EAC31E9D1971BCCA2D7FC6F955D03EAA

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:BSd25kXZwunTwPSAdC86Gna7Ovr+Y5+x/j8R:BSd25kXZwunTwPSAY8P2OegR

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:58927:Iw+VRCItkgeQIFWBAMDyhA3AgMiCr6ELQlSgggMAhoSIShJCFiIBqQwjgkIlACYAA4AkgpHTYBIegokGegQGIEciAhbCpQEb

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ff7cf9fa78fff7
Perceptual Hash:cf1b3e2b2e0b2a32
Difference Hash:3320d0c2c2c2f22e
Wavelet Hash:00ff3878786078f7
Color Hash:#9540bf

Other Hashes

Crop Resistant:3320d0c2c2c2f22e,0101810343038101

Scan History

Scan history not available

Unable to load historical scan data