MalwareTips
SUSPICIOUS

Warning signs detected

Cloudflare-blocked suspected phishing site with spam flagging from multiple security vendors and no business legitimacy signals. Several risk indicators suggest caution. This site might be legitimate — but treat it as unverified until you can independently confirm.

Security Review

Is webcatalog-files.cloud legit or a scam?

Our verdict:Suspicious· 51/100

Cloudflare-blocked suspected phishing site with spam flagging from multiple security vendors and no business legitimacy signals.

Top reasons
Cloudflare explicitly flags the site as 'Suspected Phishing' and blocks user access with a security interstitial.Four antivirus engines (Abusix, alphaMountain.ai, Fortinet, Sophos) independently classify the domain as spam.No business registration, company details, or WHOIS data available — complete lack of legitimate business identity.
webcatalog-files.cloudScanned 1h ago
Post Facebook
0
Trust score
SUSPICIOUS
Heuristics 68·MT 40
Category tags
phishingsuspicious-infrastructure#Phishing#Data Harvester78% MT confidence
Warning signals (1)
4 of 91 engines flagged

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
4/91
Engines flagged this URL
Domain Age
Registration date unknown
MT Intelligence
Suspicious
High likelihood · 78% confidence

MT Intelligence

Advanced threat intelligence
MT Security Analyst
High scam likelihoodengineMT · Guardiantrust40/100
MT AgentLive web researchVisual inspection
0%
Confidence
The domain webcatalog-files.cloud is actively blocked by Cloudflare's security system with an explicit 'Suspected Phishing' warning. Four antivirus engines (Abusix, alphaMountain.ai, Fortinet, Sophos) independently flagged it as spam. The hosting IP shows no abuse history, but the combination of a phishing interstitial, spam-engine consensus, and complete absence of business registration or legitimate web presence creates a high-risk profile. The subdomain structure and lack of any public references suggest this is either a newly deployed phishing asset or an infrastructure endpoint being misused. The visual risk score of 75/100 reflects the active security warning and blocked access.
Full dossier
Analysis complete

Page Content

The page is not accessible to users — Cloudflare's security interstitial blocks all access with a 'Suspected Phishing' warning. The underlying site content is hidden behind a CAPTCHA challenge and an 'Ignore & Proceed' link, indicating the destination has been flagged for phishing activity.

Infrastructure

Hosted on IP 104.21.86.95 with valid SSL from Google Trust Services. The IP has zero abuse reports and a clean reputation score. However, the domain sits behind Cloudflare's security layer, which is actively warning visitors of phishing risk.

Domain History

No WHOIS data is publicly available. The domain is not indexed in global traffic databases. No business registration, company details, or historical records were found. The subdomain naming pattern (webcatalog-files.cloud) suggests it may be infrastructure-related, but no legitimate association with WebCatalog.io or any known service could be confirmed.

Web Reputation

Four antivirus engines flagged the domain as spam. No scam reports, complaints, or positive reviews exist in public databases. The absence of any web presence or references is consistent with a newly created or non-public asset, but combined with the phishing flag and spam detections, this absence is a risk signal rather than neutral.

Risk Factors
7
  • Cloudflare explicitly flags the site as 'Suspected Phishing' and blocks user access with a security interstitial.
  • Four antivirus engines (Abusix, alphaMountain.ai, Fortinet, Sophos) independently classify the domain as spam.
  • No business registration, company details, or WHOIS data available — complete lack of legitimate business identity.
  • Domain is not indexed in global traffic databases and has zero public web presence or references.
  • Visual risk assessment score of 75/100 reflects active security blocking and phishing warning.
  • HTTP access returns 403 Forbidden when bypassing the Cloudflare interstitial, suggesting intentional access restriction.
  • Subdomain structure and infrastructure pattern suggest this may be a newly deployed or repurposed phishing asset.
Positive Signals
4
  • Hosting IP (104.21.86.95) has zero abuse reports and a clean reputation score of 0/100.
  • SSL certificate is valid and issued by Google Trust Services with 86 days remaining.
  • No clone-site indicators detected — the domain does not impersonate a known legitimate site.
  • Browser blocklists show no additional flags beyond the Cloudflare interstitial.
AI Recommendation
Do not visit this site. The Cloudflare phishing warning is a strong indicator of malicious intent — do not click 'Ignore & Proceed' or enter any personal or payment information. If you arrived here from a link or email, report it to the sender and your email provider.
Next-gen fraud intelligence
Evidence-backedCross-checked

Website Preview

Screenshot of webcatalog-files.cloud
LIVE RENDER
webcatalog-files.cloud
1Visual risk score 75/100

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual Screenshot Analysis

We capture a fresh screenshot of the live page and ask a vision model to look for scam visual patterns — fake trust badges, countdown timers, overlay pop-ups, and visual clones of legitimate brands.

75
/ 100
Critical visual risk

Visual red flags detected in the screenshot

The screenshot shows a Cloudflare-issued phishing warning interstitial blocking access to the destination site, which has been flagged for suspected phishing; the underlying site's content is not visible, but the active security warning itself is a significant risk indicator.

Visual risk75/100

What our vision model saw

4 signals

Cloudflare interstitial warning page explicitly labels the destination site as 'Suspected Phishing' — reported for potential phishing activity

Page presents an 'Ignore & Proceed' link, indicating the underlying site is still accessible despite the phishing flag

Cloudflare CAPTCHA challenge ('Verify you are human') is present, consistent with a mid-block interstitial rather than a fully rendered destination page

The actual destination site content is not visible — only the Cloudflare security warning is rendered

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for webcatalog-files.cloud, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Business registration
No public record found
Could not match the site to a registered company — common for small sites.
Clone check
Not a clone
No well-known site's layout or branding detected here.
Typosquat check
No look-alike match
The domain doesn't resemble any well-known brand's spelling.
Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.
Key findings
7 headline facts from open-web research
  • Domain webcatalog-files.cloud returns a Cloudflare 'Security Check' / Turnstile page; direct content could not be retrieved (status 403 in automated access)
  • No search results contain the exact domain string "webcatalog-files.cloud" or "webcatalogfiles.cloud" outside of the scanned instance
  • webcatalog.io is a legitimate desktop app platform for turning websites into native-like apps; it has mixed Trustpilot reviews (some malware/virus complaints about apps, but main site rated safe by Scamadviser)
  • No mentions of malware, phishing, scams, or complaints specifically tied to webcatalog-files.cloud on Reddit, Trustpilot, Scamadviser, or general web
  • The subdomain name suggests it may be a file hosting or CDN endpoint associated with WebCatalog (similar to how they list many CDN services in their app catalog)
  • Domain age unknown; no business registration, owner, or historical data surfaced in searches
  • Absence of any reviews, reports, or references is consistent with an internal, non-public, or newly created asset rather than a consumer-facing site
Research summary
Narrative write-up from our AI analyst, grounded on the facts above

We searched scam-report databases, consumer-review sites, and general web sources for webcatalog-files.cloud and found no scam reports, complaints, or positive reviews. The domain does not appear in any public records, Reddit discussions, or independent review aggregators. The complete absence of any web presence is consistent with a newly created or non-public infrastructure asset — however, this absence combined with the Cloudflare phishing flag and spam-engine detections indicates this is likely a malicious or compromised domain rather than a legitimate but low-traffic service.

Antivirus Engines

Detection matrix · live
4 engines flagged this URL

We cross-check every URL against our antivirus network of 91 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

0Malicious4Suspicious52Harmless91Engines
0
of 91
Abusix
Suspicious· spam
alphaMountain.ai
Suspicious· spam
Fortinet
Suspicious· spam
Sophos
Suspicious· spam

4 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render
Sandbox capture incomplete — no traffic recorded
Requests made0
Unique IPs0
Countries0
Detected brandsNone

Domain & Encryption

Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerGoogle Trust Services · WE1
ExpiresSep 2, 2026 (86d)
Self-signedNo
Hosting & Technology
HostingCloudflare, Inc.
Server locationUS

Server Reputation

Hosting
CountryUnknown
NetworkUnknown
IP addressUnknown
Abuse Intelligence
Confidence score0%
Reports on file0
ISPCloudflare, Inc.
Usage typeContent Delivery Network

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Phishing
Phishing
Low-level signals
10/100
  • AI analyst tagged this as phishing.

Warning: phishing patterns

This page shows signs of attempting to steal credentials or impersonate a trusted brand.

  • Treat webcatalog-files.cloud as unverified

    Do not enter credentials or send money until you have independently verified the business.

  • If you already typed your password — change it now

    Change the password on the legitimate site and anywhere else you re-used it. Turn on two-factor authentication. Review recent account activity.

  • Report the phishing URL

    APWG (Anti-Phishing Working Group) accepts phishing reports at reportphishing@apwg.org. Google Safe Browsing reports help protect other users.

    Open
  • Get help on the forum

    MalwareTips members can help you assess damage and next steps.

    Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗
Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review marked webcatalog-files.cloud as suspicious. Several warning signs were detected; it may still turn out legitimate, but you should verify it through independent channels before trusting it with money or credentials.
  • webcatalog-files.cloud currently scores 51/100 on our trust scale. We found enough warning signals to recommend caution. Verify the site through independent channels before entering credentials or money.
  • Yes. webcatalog-files.cloud presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 86 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • 4 out of 91 antivirus engines in our malware network flagged webcatalog-files.cloud as malicious or suspicious. Even one detection is a meaningful signal.
  • No. webcatalog-files.cloud is not currently listed on the major browser blocklist feeds that modern browsers use.
  • webcatalog-files.cloud resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • We cache results for 24 hours. Signed-in MalwareTips members can trigger a manual rescan at any time using the "Rescan" button on the report page, which re-runs every check from scratch and refreshes this page.

Final Verdict

0
Trust / 100
Final Verdict·webcatalog-files.cloud
SUSPICIOUS

Cloudflare has flagged this domain as suspected phishing and is blocking access with a security interstitial. Four antivirus engines mark it as spam, and no legitimate business registration exists.

Do not visit this site. The Cloudflare phishing warning is a strong indicator of malicious intent — do not click 'Ignore & Proceed' or enter any personal or payment information. If you arrived here from a link or email, report it to the sender and your email provider.

AV engines
91
MT passes
2
Net signals
0
Scan another URL
Security review completemalwaretips.com/url-scan
Recently scanned

Other Suspicious reports

Browse all reports
Suspicioustrust64
yelp.com
1h ago
Read the review
Suspicioustrust53
kidzage.com
2h ago
Read the review
Suspicioustrust70
achthview.space
2h ago
Read the review
Suspicioustrust61
speedtree.com
2h ago
Read the review
Suspicioustrust58
bestvisionsupport.com
2h ago
Read the review
Suspicioustrust62
af.net
2h ago
Read the review
Suspicioustrust59
3191061127.sfo3.digitaloceanspaces.com
2h ago
Read the review
Suspicioustrust56
old-games.com
3h ago
Read the review
Suspicioustrust66
themanufacturingoutlookeurope.com
3h ago
Read the review
Suspicioustrust56
istatus.co.za
4h ago
Read the review
Suspicioustrust61
braiptv.me
4h ago
Read the review
Suspicioustrust68
speakr.online
4h ago
Read the review
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.