ScanMalware.com

Security Scan Report: umbrella-ecx.pages.dev

Site favicon
Submitted: Jan 4, 2026, 1:44:41 PMCompleted: Jan 4, 2026, 1:45:43 PMpubliccompleted
Loading additional data...

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 52 HTTP transactions. The main domain is umbrella-ecx.pages.dev and was registered NaN years ago.

Submitted URL: https://umbrella-ecx.pages.dev/de

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

High‑risk phishing site impersonating Ookla Speedtest; malicious primary domain detected.

Risk Factors
Primary domain pages.dev flagged as malicious Indicator of Compromise
Brand impersonation of Ookla Speedtest on an unranked domain
Unranked domain despite presenting a well‑known service
Domain age information unavailable

Details

Page Title

Speedtest von Ookla - Der umfassende Breitband-Geschwindigkeitstest

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

technology software

(51%)

Domain Information

You're looking at domain 'umbrella-ecx.pages.dev' on the developer-focused generic top-level domain (.dev); it also runs on subdomain 'umbrella-ecx'. The registrable portion 'pages' spans 5 characters split between 2 vowels and 3 consonants. Splitting it apart reveals one word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://umbrella-ecx.pages.dev/de

Page Load Overview

3.63s
Total Load Time
57
HTTP Requests
17
Domains
2.7 MB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:2,397 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software51% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
51%
government public service
27%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1518.245.31.65United States
AS16509AMAZON-02
2104.18.86.42United States
AS13335CLOUDFLARENET
254.234.12.96United States
AS20940
2178.250.1.12France
AS44788Criteo Technology SAS
213.226.244.7Unknown
AS16276
22.16.110.80Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
218.245.31.123Unknown
AS396982
252.45.51.250Ashburn, Virginia, United States
AS14618AMAZON-AES
2104.18.87.42United States
AS13335CLOUDFLARENET
23.217.134.118Unknown
AS16509
5722--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T16E1408F162B8536D908B879DAF36A618770FE0B7F99649C5B79D8B644B83DE0EC03404

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:p/1PFA54yvgs0xE6J/CgbcVKzoKeMXKLnpI6dDcPXE+ymj6aslNzlbsjq0Aok39U:/AbgbagbcVMaWUZD+3UbwnZjKs5tct9e

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:195895:skIAOHQAMIAAMhMaFAZGEgAJKmgCIFqAeCcLKAUghctlsUGhRISIjWFAXkSyFTGAGBIIBrxkoEWlACDKCEIEgEY2JChI7CAI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:6fb9ddfdfdfd1101
Perceptual Hash:aad532f30bd522d1
Difference Hash:9931353131a521a1
Wavelet Hash:7f39393939190101
Color Hash:#56ac53

Other Hashes

Crop Resistant:2d2d2d2d2c2d2ded,9931353131a521a1

Scan History

Scan history not available

Unable to load historical scan data