ScamLens
Cached < 6hAnonymous (3/day)

Security Report for pub-5274618e0b0147ed8e1e1de19e222862.r2.dev

ScamLens analyzed pub-5274618e0b0147ed8e1e1de19e222862.r2.dev using 90+ threat intelligence sources and assigned a trust score of 50/100, classifying it as moderate risk.

Trust Score: 50/100

Risk Level: Caution

This domain already shows strong risk signals. Stop interacting, preserve the page, chat, phone, and payment evidence, and move into response or reporting immediately.

Site Title
Not Found
Website meta information unavailable
en HTTPS ✓
2
Checked 2 times

Quick Answer

This domain already shows strong risk signals. Stop interacting, preserve the page, chat, phone, and payment evidence, and move into response or reporting immediately.

Positive Signals

  • + Google Safe Browsing: Safe
  • + HTTPS encryption supported

Concerns

  • - 4 security sources flagged as suspicious

Score Breakdown

Domain Reputation 50
Threat Intelligence 86
13/17 safeSafeBrowsing OK
Technical Security 60
HTTPS
Community Reputation 50
No community data yet

Was this assessment accurate?
0 say Safe0 say Suspicious
What do you think?
What to do next

Mixed signals on pub-5274618e0b0147ed8e1e1de19e222862.r2.dev

We did not find direct threat-feed hits, but coverage is thin or other signals warrant care.

Confidence:High
  1. Verify the company exists offline
    Search the registered company name + 'reviews' or 'scam'. Real businesses leave a long trail of independent mentions.
  2. Pay only via reversible methods
    Use credit cards or PayPal Goods & Services. Avoid wire transfers, crypto, gift cards — those are non-reversible.
  3. Confirm the contact details
    Look up the phone number and email address separately. Free webmail addresses or VoIP numbers are a red flag.
Cross-check with independent scanners

Trust but verify — open this domain on unrelated security services and compare the verdict.

VirusTotalurlscan.ioGoogle Safe Browsing
How we decide this

AI Risk Assessment

Moderate Risk
Based on 4 sourcesUpdated 10h ago

What matters right now

With a high-risk result, the priority is not reading more pages. It is immediate containment, credential resets, evidence preservation, and the reporting path.

[FACT] Safe Browsing reports this domain as clean 1, and 24 of 28 threat feeds responded clean 3. However, 4 threat feeds have flagged this domain with critical signals 2: shodan_internetdb detected suspicious ports, dns_security flagged it for DNS-based malware blocking, and both phishing_database and phishing_army independently classified it as phishing 2. [INFERENCE] The convergence of two dedicated phishing databases (phishing_database and phishing_army) combined with DNS malware blocking indicates strong evidence of phishing infrastructure, with 85% confidence. The suspicious ports detection suggests active exploitation or command-and-control activity. While Safe Browsing remains clean, this may reflect a detection lag; the specialist threat feeds represent real-time abuse intelligence 2. [FACT] The .dev TLD carries low abuse risk 4, and no brand impersonation or homograph attacks were detected, which are positive indicators 2. However, these factors do not override the concrete phishing and malware signals.

Recommendation

[FACT] Given phishing classifications from two independent sources and confirmed DNS malware blocking 2, do not visit this domain and do not enter credentials or payment information 2. [INFERENCE] This domain exhibits characteristics consistent with active phishing or malware infrastructure. If you received a link to this domain via email, SMS, or chat, treat it as a phishing attempt and report it to the sender's official organization. Consider reporting it to Google Safe Browsing and your email provider to accelerate public flagging.

Sources

  1. Google Safe BrowsingThreat intel

    clean

    Verify at source
  2. Threat intelligence feeds (4 flagged)Threat intel

    shodan_internetdb (SUSPICIOUS_PORTS); dns_security (DNS_BLOCKED_MALWARE); phishing_database (phishing); phishing_army (phishing)

  3. 24/28 threat feeds responded cleanThreat intel
  4. TLD risk classification: .dev (low risk)Analysis

    Based on APWG / Spamhaus / Interisle 2024 abuse rankings

Powered by ScamLens AI· Check sources to verify important claims

Threat-intelligence sources

Checked across 28 sources — 4 flagged this domain

Show source breakdown
  • safe_browsing clean
  • urlhaus clean
  • cloudflare_radar clean
  • cert_transparency clean
  • alienvault_otx clean
  • phishstats clean
  • virustotal clean
  • ipqs clean
  • abuseipdb clean
  • securitytrails clean
  • phishdestroy clean
  • threatfox clean
  • shodan_internetdb flagged
  • phishtank clean
  • urlscan clean
  • rdap clean
  • maltiverse clean
  • dns_security flagged
  • wanted_domains clean
  • darkweb clean
  • phishing_database flagged
  • phishing_army flagged
  • openphish clean
  • scam_blocklist clean
  • maltrail clean
  • crypto_scam_feed clean
  • hagezi_tif clean
  • red_flag_domains clean

ScamLens aggregates real-time signals from 90+ commercial and open-source threat-intelligence providers including Google Safe Browsing, VirusTotal, PhishTank, URLhaus, ThreatFox, Cloudflare Radar, OTX, IPQS, GoPlus, Honeypot.is, and more. A flagged signal is evidence; the absence of flags is not proof of safety. Use the signals below alongside community reports to decide.

Advanced Scan

Comprehensive data lookup across premium sources

$2.99one-time payment
  • Website history verification
  • Detailed WHOIS information
  • Reverse WHOIS association
  • Traffic rank analysis
  • Company registration check
Recommended

AI Deep Investigation

Cross-check the story, claims, and supporting evidence before you decide

$4.99one-time payment
  • Everything in Advanced Scan
  • AI website content analysis
  • AI cross-reference verification
  • Claim authenticity validation
  • Detailed report with evidence
Most Thorough

Comprehensive Investigation

Full-spectrum investigation with company deep search & social intelligence

$14.99one-time payment
  • Everything in Deep Investigation
  • AI company background search
  • Social media intelligence
  • Detailed suspicious point analysis
  • Event timeline & entity connections

This analysis is for informational purposes only and does not constitute a legal determination.

Security Sources

Google Safe Browsing
Safe
Cloudflare Radar
Safe
URLhaus (abuse.ch) Confidence: Medium
Not Listed
Certificate Transparency Confidence: Low
Not Listed
AlienVault OTX Confidence: Medium
Not Listed
PhishStats Confidence: Low
Not Listed
VirusTotal Confidence: Low
Not Listed
IPQualityScore Confidence: Low
Not Listed
AbuseIPDB Confidence: Low
Not Listed
SecurityTrails Confidence: Low
Not Listed
PhishDestroy Confidence: Low
Not Listed
ThreatFox (abuse.ch) Confidence: Low
Not Listed
Shodan InternetDB Confidence: Medium
Unsafe
PhishTank Confidence: Low
Not Listed
URLScan.io Confidence: Low
Not Listed
RDAP Domain Registration Confidence: Low
Not Listed
Maltiverse Confidence: Low
Not Listed
DNS Security Confidence: High
Unsafe
Law Enforcement Confidence: Low
Not Listed
darkweb Confidence: Low
Not Listed
Phishing Database Confidence: Medium
Unsafe
Phishing Army Confidence: Medium
Unsafe
OpenPhish Confidence: Low
Not Listed
Scam Blocklist (Jarelllama) Confidence: Low
Not Listed
Maltrail (stamparm) Confidence: Low
Not Listed
Crypto Scam Feed Confidence: Low
Not Listed
HaGeZi Threat Intelligence Confidence: Low
Not Listed
Red Flag Domains Confidence: Low
Not Listed

Domain Information

DNSSEC
Disabled

SSL/TLS Certificate

No data available

Server Information

IP Address
104.18.54.45
Hosting Provider
Cloudflare, Inc.
ASN
AS13335 Cloudflare, Inc.
Server Location
Toronto, Canada
Organization
Cloudflare, Inc.

Related Intelligence
Technical Details (DNS / Headers / Subdomains)

DNS Records

Email Security

SPF Not Configured DMARC Not Configured
Type Value
A 104.18.54.45
A 104.18.50.34
AAAA 2606:4700:311b::6812:362d
AAAA 2606:4700:311b::6812:3222

HTTP Security Headers

Security header detection was blocked by the target website (e.g. rate limiting or access restriction). Results may be inaccurate.

Channels / Subdomains

No data available

Community Reports

Log in to report and share your experience

...

Report & Take Down This Website

High-Risk Signals

The risk signals are strong enough. Move on evidence preservation, reporting, and victim response now

This result is no longer just a normal verification case. Moving the chat, phone, payment, and official-reporting path in parallel is usually more important than waiting for more data.

Recommended First

Move into the victim action plan

If you already paid, logged in, or installed tools, use the action plan first to prioritize containment and evidence work.

Move into the website-reporting flow

Move the site, payment evidence, chat trail, and contact points into the formal reporting path.

Add the chat, DM, and payment-pressure trail

Keep the Telegram, WhatsApp, social DM, and payment-pressure trail in the same timeline.

Check the callback number and SMS

If the actor also used calls, SMS, or one-time codes, verify that phone path next.

The results are based on multiple third-party data sources and AI models. False positives or negatives may occur. This report should not be used as the sole basis for any decision. Please verify with additional sources.

If a loss already happened, move into the response flow now

Delay is the main risk with high-risk domains. Prioritize freezes, credential resets, reporting, and evidence preservation now.

Start the response

If no loss happened yet, continue with the website-reporting and official-agency paths next.

Related Security Guides

Learn more about how to protect yourself from this type of threat.

Phishing Scams Guide

Understanding this threat

Phishing Scams

Deceptive websites and emails designed to steal login credentials, financial data, and personal information by impersonating trusted organizations.

FAQ

Is pub-5274618e0b0147ed8e1e1de19e222862.r2.dev safe to visit?

pub-5274618e0b0147ed8e1e1de19e222862.r2.dev received a trust score of 50/100 from ScamLens. Some minor concerns were identified but no critical threats were found. Exercise normal caution.

Was pub-5274618e0b0147ed8e1e1de19e222862.r2.dev flagged by any threat databases?

pub-5274618e0b0147ed8e1e1de19e222862.r2.dev was flagged by 3 out of 30+ threat intelligence sources. Specifically flagged by: dns_security, phishing_database, phishing_army. The detected threat categories include: general threat.

How old is pub-5274618e0b0147ed8e1e1de19e222862.r2.dev?

Registration date information for pub-5274618e0b0147ed8e1e1de19e222862.r2.dev is not publicly available through WHOIS records, which can itself be a risk indicator.

Does pub-5274618e0b0147ed8e1e1de19e222862.r2.dev use HTTPS and have a valid SSL certificate?

ScamLens could not verify the SSL certificate details for pub-5274618e0b0147ed8e1e1de19e222862.r2.dev during this scan. Treat this as unavailable evidence, not as proof that the site is safe or unsafe.

What security headers does pub-5274618e0b0147ed8e1e1de19e222862.r2.dev implement?

No security header information was available for pub-5274618e0b0147ed8e1e1de19e222862.r2.dev.

What does the ScamLens community think about pub-5274618e0b0147ed8e1e1de19e222862.r2.dev?

No community votes or reports have been submitted for pub-5274618e0b0147ed8e1e1de19e222862.r2.dev yet. You can be the first to share your experience.

Where is pub-5274618e0b0147ed8e1e1de19e222862.r2.dev hosted?

pub-5274618e0b0147ed8e1e1de19e222862.r2.dev is hosted by Cloudflare, Inc. in Toronto, Canada (ASN: ASAS13335 Cloudflare, Inc.).

What should I do about pub-5274618e0b0147ed8e1e1de19e222862.r2.dev?

[FACT] Given phishing classifications from two independent sources and confirmed DNS malware blocking [2], do not visit this domain and do not enter credentials or payment information [2]. [INFERENCE] This domain exhibits characteristics consistent with active phishing or malware infrastructure. If you received a link to this domain via email, SMS, or chat, treat it as a phishing attempt and report it to the sender's official organization. Consider reporting it to Google Safe Browsing and your email provider to accelerate public flagging.

Is this report useful?

Use this report to tell others to stop interacting now and move straight into containment, evidence preservation, and reporting.

Forward to your parents — they deserve to browse safely too.

About this analysis

This report is generated from real-time data across 90+ threat intelligence sources, combined with AI analysis and community feedback.

Learn about our scoring methodology | Last analyzed: June 23, 2026

All Cloudflare, Inc. domains

Other domains on the same server