ScanMalware.com

Security Scan Report: pub-f9c175f3c6a9412cbc18bf2731a073a4.r2.dev

Submitted: Oct 13, 2025, 8:23:07 AMCompleted: Oct 13, 2025, 8:23:57 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 1 domain to perform 4 HTTP transactions. The main domain is pub-f9c175f3c6a9412cbc18bf2731a073a4.r2.dev.

Submitted URL: https://pub-f9c175f3c6a9412cbc18bf2731a073a4.r2.dev/indexJ1.html?ref=webmail&lang=en_US&sessionid=trer65safety77896009update&client=mail_auth_service&tracking=login_validation&id=95731xyz&email=[[-Email-]]

AI Security Verdict

Safe Website

Confidence: 92%

0
Risk Score

The page is a Cloudflare phishing warning, not a malicious site.

Safety Factors
Cloudflare warning page provides protective notice
Absence of credential or payment collection fields
Domain age information unavailable

Details

Primary Scan Blocked — Fallback Capture Shown

The primary scanner could not load this page (possible bot protection). The screenshot and page details shown were captured by a fallback browser that loaded the page successfully.

Page Title

pub-f9c175f3c6a9412cbc18bf2731a073a4.r2.dev

Scan Type

public

Language

🇺🇸

English

(50% confidence)

Category

phishing scam

(95%)

Domain Information

You're looking at domain 'pub-f9c175f3c6a9412cbc18bf2731a073a4.r2.dev' on the developer-focused generic top-level domain (.dev) with subdomain 'pub-f9c175f3c6a9412cbc18bf2731a073a4'. Count 2 characters in 'r2' with zero vowels and 1 consonant, plus one digit. Splitting it apart reveals two words: r, 2. Average segment length settles at one character. 'r' most strongly signals Chinese (Zhuyin). Usage also turns up in Sinhala and Chinese (Simplified) contexts.

Screenshot

Security scan screenshot of https://pub-f9c175f3c6a9412cbc18bf2731a073a4.r2.dev/indexJ1.html?ref=webmail&lang=en_US&sessionid=trer65safety77896009update&client=mail_auth_service&tracking=login_validation&id=95731xyz&email=[[-Email-]]

Page Load Overview

28.08s
Total Load Time
4
HTTP Requests
1
Domains
27 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:50%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:50%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:372 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing scam95% confidence
Type: static
Method: ml+structural

All Detected Categories

phishing scam
95%
technology software
28%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1104.18.50.34United States
AS13335CLOUDFLARENET
12606:4700:3117::6812:3222United States
AS13335CLOUDFLARENET
1104.18.54.45United States
AS13335CLOUDFLARENET
12606:4700:3113::6812:362dUnited States
AS13335CLOUDFLARENET
44--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14C714232FABD107F10A3916265BDB70975A5C447CBA60A9036BCC1751F5FF92AD232C1

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:Pd28DaLnjD+DMMs0j/4bnKbxVsXo5Oi2y0WR+7i9tnRav1cmXaQuIxZtJUULdPD0:llDa/D+DMF+BOiUA+mtnRavPaQxJb0

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3805:AwIAEAmJDwQgCAAIgAGCgAMFEqIBAqAUAEEAASIEAUAARU2SANKCABCAAAAgGEBAQALAAQFQBAAEAgAQMhkYAhEAEAAjBAAH

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ff8787ffc7ffffff
Perceptual Hash:b83898c3c3c7c73c
Difference Hash:203c38040c000000
Wavelet Hash:9c849cc003373333
Color Hash:#32d22d

Other Hashes

Crop Resistant:203c38040c000000

Scan History

Scan history not available

Unable to load historical scan data