Is xai660k.pages.dev a scam?

Our automated security review flags xai660k.pages.dev as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.

Is xai660k.pages.dev safe to use?

No — xai660k.pages.dev scored 12/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.

Does xai660k.pages.dev have a valid SSL certificate?

Yes. xai660k.pages.dev presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 33 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.

How old is the xai660k.pages.dev domain?

xai660k.pages.dev is 0 days old. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.

Has xai660k.pages.dev been flagged by antivirus engines?

2 out of 92 antivirus engines in our malware network flagged xai660k.pages.dev as malicious or suspicious (1 outright malicious). Even one detection is a meaningful signal.

Is xai660k.pages.dev on any phishing or malware blacklists?

No. xai660k.pages.dev is not currently listed on the major browser blocklist feeds that modern browsers use.

Where is xai660k.pages.dev hosted?

xai660k.pages.dev resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.

How often is the xai660k.pages.dev report updated?

This is a permanent record of the scan run on June 15, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around xai660k.pages.dev have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Security Review

Is xai660k.pages.dev legit or a scam?

Our verdict:Dangerous· 12/100

SafeSuspiciousDangerous

Fake xAI token presale site launched today, flagged as phishing, with no legitimate business contact details.

Top reasons

Domain registered today (0 days old) — typical of disposable fraud infrastructure.Forcepoint ThreatSeeker classified the page as phishing.Direct brand impersonation of xAI (Elon Musk's AI company) to exploit recognition and trust.

xai660k.pages.devScanned 2h ago

Post Facebook

Trust score

DANGEROUS

Heuristics 0·MT 18

Category tags

crypto-investment#Crypto Fraud#AI Token Presale#Fake AI Brand92% MT confidence

Technical red flags (3)

2 of 92 engines flagged Domain is 0 days old Crypto Investment

Warning signals (1)

Scam-network signals (35/100)

Positive signals (3)

Not on major blacklists Encrypted connection Clean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence

2/92

Engines flagged this URL

Domain Age

0 days old

Registration date unknown

MT Intelligence

Dangerous

Critical likelihood · 92% confidence

DANGEROUS

Fake shop — do not order

Domain was registered only 0 days ago — brand-new sites are higher-risk by default. The site shows patterns common to non-delivery scam shops. Don't submit payment details, and if you already paid by card or PayPal, start a chargeback today.

Website Preview

LIVE RENDER

xai660k.pages.dev

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

MT Intelligence

Advanced threat intelligence

MT Security Analyst

Critical scam likelihoodengineMT · Guardiantrust18/100

MT AgentLive web researchVisual inspectionNetwork correlation

Confidence

The domain was registered today and immediately hosts a token presale claiming to offer xAI tokens with up to 200% bonuses. Forcepoint ThreatSeeker classified it as phishing, and the page title directly mimics xAI (Elon Musk's artificial-intelligence company) to exploit brand recognition. The site provides zero contact information—no email, phone, or address—which is a hallmark of disposable fraud infrastructure. The page instructs users to send cryptocurrency to external addresses and promises token delivery after payment, a classic advance-fee scam pattern. Our network fingerprint identified it as part of a drainer-farm template with shared infrastructure markers. The combination of brand impersonation, zero-day registration, phishing detection, and contactless crypto-collection mechanics indicates this is a coordinated token-presale scam.

Full dossier

Analysis complete

Page Content

The page claims to be the 'Official Website' for xAI tokens and advertises a presale with up to 200% bonus. It instructs users to send Bitcoin, Ethereum, Tether, XRP, ADA, or BNB to receive xAI tokens in return. The page includes a fake CAPTCHA challenge and references 'Invity checkout' and 'customer reviews' (including a fabricated quote from Ballet CEO Bobby Lee). No legitimate business registration, team information, or verifiable contact details appear anywhere.

Infrastructure

Hosted on Cloudflare Pages (172.66.44.97) with a valid SSL certificate issued by Google Trust Services. The IP has zero abuse reports and a clean reputation score, which is typical for newly-provisioned hosting. External resources load from legitimate CDNs (Google Fonts, jQuery, Telegram CDN) and social platforms, a common obfuscation tactic to appear legitimate.

Domain History

Registered 0 days ago with privacy protection disabled. The domain name directly impersonates xAI, Elon Musk's artificial-intelligence venture, to exploit brand trust. Zero global traffic ranking indicates no organic user base or legitimate business history.

Web Reputation

Forcepoint ThreatSeeker flagged the page as phishing. alphaMountain.ai marked it suspicious. Browser blocklists remain clean (likely because the domain is too new to be indexed). Our scam-network fingerprint matched it to contactless-crypto-new-domain patterns and drainer-farm infrastructure templates.

Risk Factors

Domain registered today (0 days old) — typical of disposable fraud infrastructure.
Forcepoint ThreatSeeker classified the page as phishing.
Direct brand impersonation of xAI (Elon Musk's AI company) to exploit recognition and trust.
Zero contact information: no email, phone, or postal address anywhere on the page.
Instructs users to send cryptocurrency to external addresses with promise of token delivery — classic advance-fee scam.
Scam-network fingerprint matched to drainer-farm template and contactless-crypto-new-domain pattern.
Fake customer testimonials and CAPTCHA challenge designed to appear legitimate while collecting payments.

Positive Signals

SSL certificate is valid and issued by a trusted certificate authority.
Hosting IP has zero abuse reports and a clean reputation score.
No malware or exploit code detected in our sandbox analysis.

AI Recommendation

Do not visit this site or send any cryptocurrency to the addresses it provides. Report the domain to the hosting provider and relevant law enforcement. If you have already sent funds, contact your cryptocurrency exchange immediately to attempt a reversal.

Next-gen fraud intelligence

Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for xai660k.pages.dev, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Domain age

0 days

Brand-new domains are higher-risk by default.

Web mentions

No scam reports found

No complaints, no negative coverage turned up in our sweep.

Research summary

Narrative write-up from our AI analyst

No independent review data available for analysis.

Scam Network Intelligence

Cross-site correlation

This site shares signals with a broader cluster

Moderate correlation

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score

0/100

ClearLowModerateHighCritical

Evidence (2)

Zero contact info, crypto/gambling content, and the domain is only 0 days old — hallmark of a drainer farm.
Domain is only 0 days old and already carries multiple network-level red flags.

Linked signals (2)

cdn.jsdelivr.netPattern · Contactless Crypto NEW Domain

Antivirus Engines

Detection matrix · live

2 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

1Malicious1Suspicious59Harmless92Engines

of 92

Forcepoint ThreatSeeker

Malicious· phishing

alphaMountain.ai

Suspicious· suspicious

2 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check

Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found

No clear contact details on the page

Emails on site's domainNone

Phone numbersNone

Postal addressNot listed

Linked social profiles2

Signal Summary

Several contact red flags

No contact email found anywhere on the page.
No phone number listed on the page.
No postal address visible on the page.
Scam family match: Crypto Investment.

Links to 2 social profiles.

Domain & Encryption

Domain History

Age0 days old

RegistrarHidden

RegisteredUnknown

ExpiresUnknown

Owner privacyVisible

Encryption Certificate

StatusValid

ProtocolTLSv1.3

IssuerGoogle Trust Services · WE1

ExpiresJul 19, 2026 (33d)

Self-signedNo

Hosting & Technology

HostingCloudflare, Inc.

Server locationUS

Web servercloudflare

Redirect Chain

Hops

Cross-domain

Lookalike

Punycode

1301http://xai660k.pages.dev/
2200https://xai660k.pages.dev/

Server Reputation

Abuse Intelligence

Confidence score0%

Reports on file0

ISPCloudflare, Inc.

Usage typeContent Delivery Network

Scam-Type Likelihood

2 scam-type patterns detected

Scam-Type Likelihood

2 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Fake Shop

Fake Shop

High likelihood

68/100

Page contains e-commerce copy (cart / checkout / shipping).
No phone number or postal address anywhere on the page.
Multiple contact / trust-signal red flags on the page.
Domain is 0 days old — very young for a shop.
+1 more signal

Investment Scam

High likelihood

65/100

Primary scraped category: crypto-investment scheme.
High-yield / guaranteed-returns investment language on the page.
Investment pitch on a 0-day-old domain.

Scam-Type Likelihood

2 of 13 categories showed signals

Top match: Fake Shop

Fake Shop

High likelihood

68/100

Page contains e-commerce copy (cart / checkout / shipping).
No phone number or postal address anywhere on the page.
Multiple contact / trust-signal red flags on the page.
Domain is 0 days old — very young for a shop.
+1 more signal

Investment Scam

High likelihood

65/100

Primary scraped category: crypto-investment scheme.
High-yield / guaranteed-returns investment language on the page.
Investment pitch on a 0-day-old domain.

Fake shop — do not order

Signals common to non-delivery scam shops were detected on this site.

Do not interact with xai660k.pages.dev
Do not enter credentials, deposit money, download files, or install browser extensions from this site.
If you already paid by card or PayPal — start a chargeback
Contact your bank or card issuer and dispute the charge as "goods not received" or "merchant fraud." PayPal users can open a case in the Resolution Centre. Act within 120 days for card chargebacks in most jurisdictions.
Save every piece of evidence
Screenshots of the checkout, order confirmation emails, any chat transcripts, and the product listing page. Chargeback and fraud reports go faster when you have receipts.
Report the shop
Report to the FTC (reportfraud.ftc.gov), Action Fraud UK, or your local consumer-protection body. Post the URL on the MalwareTips scam forum so other buyers can find it.
Open

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing

Not listedCheck ↗

VirusTotal

ListedCheck ↗

AbuseIPDB

Not listedCheck ↗

Also verify:Spamhaus ↗DNSBL / SURBL ↗PhishTank ↗

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

fonts.googleapis.com facebook.com googletagmanager.com cdn.jsdelivr.net code.jquery.com youtube.com t.co twitter.com platform.twitter.com cdn4.cdn-telegram.org statcounter.com c.statcounter.com

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

Our automated security review flags xai660k.pages.dev as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
No — xai660k.pages.dev scored 12/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
Yes. xai660k.pages.dev presents a valid TLSv1.3 certificate issued by Google Trust Services · WE1, expiring in 33 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
xai660k.pages.dev is 0 days old. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
2 out of 92 antivirus engines in our malware network flagged xai660k.pages.dev as malicious or suspicious (1 outright malicious). Even one detection is a meaningful signal.
No. xai660k.pages.dev is not currently listed on the major browser blocklist feeds that modern browsers use.
xai660k.pages.dev resolves to an IP operated by Cloudflare, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
This is a permanent record of the scan run on June 15, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around xai660k.pages.dev have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.

Final Verdict

Trust / 100

Final Verdict·xai660k.pages.dev

DANGEROUS

A brand-new domain impersonating xAI (Elon Musk's AI company) to sell fake tokens. Forcepoint flagged it as phishing, it has zero contact information, and the entire setup matches known crypto-drainer patterns.

AV engines

MT passes

Net signals

Scan another URL

Security review completemalwaretips.com/url-scan

Recently scanned

Other Dangerous reports

site-4hencvzd9.godaddysites.com

chloewnavalcert.wasmer.app

1h ago

Read the review

Dangeroustrust1

multipliers-kinetiq.xyz

fiverr-orders-payment.pro

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…

Loading comments…

This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.