ScanMalware.com

Security Scan Report: ghjuyi5.pages.dev

Redirected to:
https://www.merchantsfleet.com/resources/
Site favicon
Submitted: May 6, 2026, 6:44:25 PMCompleted: May 6, 2026, 6:45:41 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 3 domains to perform 90 HTTP transactions. The main domain is merchantsfleet.com and was registered NaN years ago.

Submitted URL: https://ghjuyi5.pages.dev/resources

Effective URL: https://www.merchantsfleet.com/resources/Redirected

AI Security Verdict

High Risk

Confidence: 82%

7
Risk Score

The site shows a critical IDS C2 beacon alert and heavily obfuscated JavaScript, indicating malware distribution despite no phishing forms.

Risk Factors
Critical IDS alert indicating possible command‑and‑control activity
Highly obfuscated JavaScript with anti‑analysis features
Unranked, untrusted subdomain (ghjuyi5.pages.dev)
Unknown subdomain age – could be newly created for malicious use
Brand mismatch between subdomain and claimed brand
Domain age information unavailable

Details

Page Title

Resources Archive | Merchants Fleet

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

corporate

(35%)

Domain Information

The domain 'ghjuyi5.pages.dev' uses the developer-focused generic top-level domain (.dev) with subdomain 'ghjuyi5'. Its registrable label 'pages' stretches across 5 characters containing two vowels alongside three consonants. Splitting it apart reveals 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ghjuyi5.pages.dev/resources

Page Load Overview

4.73s
Total Load Time
72
HTTP Requests
3
Domains
1.2 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:2,998 chars
Detector Agreement:100%

Website Classification

Primary Category

corporate35% confidence
Type: spa
Method: ml+structural

All Detected Categories

corporate
35%
documentation technical
28%
news/blog
20%

Detected Features

Search
Articles
OG: website
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
24172.66.45.17United States
AS13335Cloudflare, Inc.
24141.193.213.21United States
AS209242Cloudflare London, LLC
24104.18.0.22United States
AS13335Cloudflare, Inc.
723--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15A0409B2E51C54BB15AB8788A45AFF58F19BD151CE00C2D1F2FDD16C95CAFA024B3A0E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

3072:LjmEEdhyzltx8Nz2rkvf4p9rhjWlj4/jOSCkYurWQM7UtbdQGswuezzjduv23m2A:L/HxeHvf4p9YzZez5Qd

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:179432:OjAUVDpSAQApB4BQFGeQDQ7wRDEG8BITbArAAqgHgcx8BJCAI0TAkwQ2QKAZUAEE5zoAIjCFFiQwKAhwoAYAWw4BoSBucEM8

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data