ScanMalware.com

Security Scan Report: pub-efa5d2ad644d4311a15d02da7f19d152.r2.dev

Submitted: Oct 13, 2025, 2:01:55 AMCompleted: Oct 13, 2025, 2:04:09 AMpubliccompleted
Loading additional data...

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 31 HTTP transactions. The main domain is pub-efa5d2ad644d4311a15d02da7f19d152.r2.dev and was registered NaN years ago.

Submitted URL: https://pub-efa5d2ad644d4311a15d02da7f19d152.r2.dev/index.html

AI Security Verdict

High Risk

Confidence: 88%

8
Risk Score

Site impersonates The Courier Guy and attempts to collect payment; treat as high‑risk phishing.

Risk Factors
Brand impersonation on a non‑official, unranked domain
Payment solicitation for a shipping fee on a suspicious site
Urgent threat language to coerce payment
Absence of legitimate branding or official domain verification
Domain age information unavailable

Details

Page Title

pub-efa5d2ad644d4311a15d02da7f19d152.r2.dev

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

finance banking

(56%)

Domain Information

The domain name 'pub-efa5d2ad644d4311a15d02da7f19d152.r2.dev' uses the developer-focused generic top-level domain (.dev); it also runs on subdomain 'pub-efa5d2ad644d4311a15d02da7f19d152'. The second-level label 'r2' is 2 characters long with zero vowels and one consonant, notching 1 digit. Word splitting yields two words: r, 2. Expect 1 character per word on average. 'r' most strongly signals Chinese (Zhuyin). Secondary signals appear in Sinhala and Chinese (Simplified).

Screenshot

Security scan screenshot of https://pub-efa5d2ad644d4311a15d02da7f19d152.r2.dev/index.html

Page Load Overview

127.32s
Total Load Time
31
HTTP Requests
9
Domains
1000 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en
Text Length:644 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking56% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
56%
government public service
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
11142.250.74.200United States
AS15169GOOGLE
2142.250.186.163United States
AS15169GOOGLE
2104.18.54.45United States
AS13335CLOUDFLARENET
2104.18.50.34United States
AS13335CLOUDFLARENET
223.36.162.7Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2157.240.0.35Frankfurt am Main, Hesse, Germany
AS32934FACEBOOK
218.66.102.53United States
AS16509AMAZON-02
223.36.162.25Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2142.250.184.234United States
AS15169GOOGLE
23.171.214.3United States
AS16509AMAZON-02
3111--

Content Similarity HashesFor malware variant detection

Image Hashes

Perceptual Hashes

Average Hash:N/A
Perceptual Hash:N/A
Difference Hash:N/A
Wavelet Hash:N/A
Color Hash:N/A

Other Hashes

Crop Resistant:N/A

Scan History

Scan history not available

Unable to load historical scan data