ScanMalware.com

Security Scan Report: dhl-express-fhdmivtrztretianjyyviyqm.pages.dev

Redirected to: https://sso.secureserver.net/?realm=pass&app=ox

Submitted: Apr 7, 2026, 12:45:33 AMCompleted: Apr 7, 2026, 12:46:47 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 1 HTTP transaction. The main domain is sso.secureserver.net and was registered NaN years ago.

Submitted URL: https://dhl-express-fhdmivtrztretianjyyviyqm.pages.dev/

Effective URL: https://sso.secureserver.net/?realm=pass&app=oxRedirected

AI Security Verdict

Confirmed Scam

Confidence: 92%

9
Risk Score

Phishing login page impersonating GoDaddy; do not enter credentials and report the site.

Risk Factors
Brand impersonation on an unusual free‑hosting subdomain
Credential‑only password field (suspicious harvesting pattern)
New subdomain (age <7 days) with login form
Cross‑origin credential submission
High‑severity IDS alerts for script obfuscation
Domain age information unavailable

Details

Page Title

Sign In

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(42%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'dhl-express-fhdmivtrztretianjyyviyqm.pages.dev' is registered, featuring subdomain 'dhl-express-fhdmivtrztretianjyyviyqm'. The registrable portion 'pages' spans 5 characters containing 2 vowels alongside 3 consonants. Breaking it apart gives one word: pages. Average segment length settles at 5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://dhl-express-fhdmivtrztretianjyyviyqm.pages.dev/

Page Load Overview

2.02s
Total Load Time
20
HTTP Requests
4
Domains
16 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:162 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software42% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
42%
documentation technical
37%
news media journalism
36%
finance banking
29%
government public service
29%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
5157.180.198.140Germany
AS60664x-ion GmbH
5184.30.131.131Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
5188.114.96.3United States
AS13335Cloudflare, Inc.
5194.153.114.214Germany
AS41961Siemens Digital Logistics GmbH
204--

Detected Technologies3

HTTP/3
40%
Cloudflare Bot Management
40%
Cloudflare
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1DF82742480F90936510384D47AF1AA0A2F51DA0FCA4B691577FC4BE49FDBEC6CC5736A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:18GQe0uvbY0bERdbuDBmNVZm08OVBUXZsKsfs/q0ZuvRWUY4VolurK:SYElYUYgo1

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:18270:CgHglxARIAANAYIIGRBZAjhAkSAisSFECShJndcsqIoI7ABTQtBMzBirAwAspkICZHGEgEWACRAIqmghYsZBGAKAATIg0hRk

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000000000
Perceptual Hash:e611994466119944
Difference Hash:0000000000000000
Wavelet Hash:30303020273f3333
Color Hash:#93211f

Other Hashes

Crop Resistant:0000000000000000

Scan History

Scan history not available

Unable to load historical scan data