Warning signs detected
GitHub Pages subdomain flagged in phishing feeds with a malicious URL path, now returning a 404. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.
Is appcloudfare.github.io legit or a scam?
Be careful — we couldn't verify this site.
GitHub Pages subdomain flagged in phishing feeds with a malicious URL path, now returning a 404.
Score breakdown
These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.
At a glance
The most useful evidence from this scan, separated from the final verdict so you can judge the signals yourself.
8 checks completedWebsite Preview

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. Marker positions are approximate. See full visual analysis →
Visual analysis
Intelligence
The subdomain appcloudfare.github.io appears in a phishing abuse feed dated 2026-07-15 with a long random path that matches known credential-harvesting patterns. The hosting IP carries a moderate abuse score and 52 prior abuse reports. The current page renders only a standard GitHub 404, indicating the malicious content has been removed or the link was never fully deployed. GitHub Pages subdomains are frequently abused for short-lived phishing campaigns because they require no registration and are easy to spin up. The combination of an abuse-feed hit plus the suspicious subdomain name outweighs the clean browser blocklist result and the empty page.
Web Research Findings
Threat Detection
Security Scans
Checked against the major public blocklists used by browsers and security tools — no hits.
Reputation Sources
How this domain rates across independent threat-intelligence and blocklist providers.
Technical Details
domain · encryption · redirects · server reputation · referencedThe plumbing behind the site — who registered it, how it’s encrypted, where it’s hosted, and where it links out. A valid certificate or a calm server doesn’t mean the business is honest — scam sites pass these checks too. Use this to corroborate the verdict, not to overturn it.
User reviews & comments(0)
Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.