Security Scan Report: platform.ghost.io

Redirected to:
https://c96389b7.bvfhgvuddfh.pages.dev/
Submitted: Jan 1, 2026, 1:50:50 PMCompleted: Jan 1, 2026, 1:51:56 PMpubliccompleted
Loading additional data...

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main domain is c96389b7.bvfhgvuddfh.pages.dev and was registered NaN years ago.

Submitted URL: https://platform.ghost.io/live-en/

Effective URL: https://c96389b7.bvfhgvuddfh.pages.dev/Redirected

The Cisco Umbrella rank of the primary domain is #42,708 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 95%

9
Risk Score

Site is a confirmed phishing page with multiple malicious indicators; do not trust.

Risk Factors
Malicious Indicators of Compromise match (pages.dev)
Cloudflare phishing warning
Google Safe Browsing phishing detection
Redirect to a known malicious domain
Phishing page content
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

Suspected phishing site | Cloudflare

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing scam

(95%)

Domain Information

The domain name 'platform.ghost.io' uses the British Indian Ocean Territory country-code top-level domain (.io), featuring subdomain 'platform'. The registrable portion 'ghost' spans 5 characters containing one vowel alongside four consonants. Segmentation suggests one word: ghost. Average segment length settles at five characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://platform.ghost.io/live-en/

Page Load Overview

0.99s
Total Load Time
16
HTTP Requests
4
Domains
60 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:378 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam95% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

phishing scam
95%
technology software
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4146.75.123.7Frankfurt am Main, Hesse, Germany
AS54113FASTLY
3104.18.94.41United States
AS13335CLOUDFLARENET
3172.66.44.242United States
AS13335CLOUDFLARENET
3104.16.175.226United States
AS13335CLOUDFLARENET
3172.66.47.14United States
AS13335CLOUDFLARENET
165--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17D916373BABD107F10A391B262BD770939A1C003CB9709907ABCC2751F4AF95AD132C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:PjnjtjuiADa/D+DMFozLeiO/t8A2uxnRC3vaQxvb0:PjnjtjuiEa/SoYnOVsuxnM3Cej0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4344:RAIAAJEAAAAIAMEgsjhBAABUAAFgggDARACAACAFFAOAdCaAAKFQAIAPAAAOJAAEAKECkDIEEIkACAAASQQABACAQGAxAgAA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff8787ffc7ffffff
Perceptual Hash:b83898c3c3c7ce3c
Difference Hash:203c3c0414000000
Wavelet Hash:9f879fc3003c0c0c
Color Hash:#906ce0

Other Hashes

Crop Resistant:203c3c0414000000

Scan History

Scan history not available

Unable to load historical scan data