ScanMalware.com

Security Scan Report: pub-c9d7058e82c641f9b33c36f159db9583.r2.dev

Submitted: Feb 26, 2026, 9:49:37 AMCompleted: Feb 26, 2026, 9:50:47 AMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 1 HTTP transaction. The main domain is pub-c9d7058e82c641f9b33c36f159db9583.r2.dev and was registered NaN years ago.

Submitted URL: https://pub-c9d7058e82c641f9b33c36f159db9583.r2.dev/SSA_Viewer.cmd

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site is flagged as phishing and serves a suspicious executable; treat as high risk.

Risk Factors
Phishing warning from Cloudflare
Critical IDS alert for malware download
Unranked domain in Cisco Umbrella
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(94%)

Domain Information

The domain 'pub-c9d7058e82c641f9b33c36f159db9583.r2.dev' uses the developer-focused generic top-level domain (.dev); it also runs on subdomain 'pub-c9d7058e82c641f9b33c36f159db9583'. The registrable portion 'r2' spans 2 characters containing zero vowels alongside 1 consonant; it also includes 1 digit. Breaking it apart gives 2 words: r, 2. Expect one character per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://pub-c9d7058e82c641f9b33c36f159db9583.r2.dev/SSA_Viewer.cmd

Page Load Overview

0.63s
Total Load Time
4
HTTP Requests
1
Domains
27 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:372 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam94% confidence
Type: static
Method: ml+structural

All Detected Categories

phishing scam
94%
technology software
30%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4104.18.50.34United States
AS13335Cloudflare, Inc.
41--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T140815F32FABD107F109391A265BD77097AA5C553CBA7069036BCC1751F4EF92AE232C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:ljHjCIjulDa/D+DMF+BOiUA+mfnRcvPaQxJb0:ljHjDjuFa/So+tUmfn2vieJ0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4065:hwEAgHAAQQAIIAQGkAmmAEABQBzIIAIAAIAAAIAALEgEQSAAEGBbIgoBBaAGEaEkAAgAABUCQI4LAAChAIIAEkAIDAABTAgA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff8787ffc7ffffff
Perceptual Hash:b83898c3c3c7c73c
Difference Hash:203c38040c000000
Wavelet Hash:9c849cc0033f3f3f
Color Hash:#ac5381

Other Hashes

Crop Resistant:203c38040c000000

Scan History

Scan history not available

Unable to load historical scan data