ScanMalware.com

Security Scan Report: icmtracker-backup2-workx.pages.dev

Redirected to: https://icmtracker-backup2-workx.pages.dev/#/

Site favicon
Submitted: Nov 13, 2025, 11:34:51 PMCompleted: Nov 13, 2025, 11:35:24 PMpubliccompleted
Loading additional data...

Summary

This website contacted 10 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main domain is icmtracker-backup2-workx.pages.dev.

Submitted URL: http://icmtracker-backup2-workx.pages.dev/

Effective URL: https://icmtracker-backup2-workx.pages.dev/#/Redirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

High‑risk phishing page harvesting passwords on a newly created, unranked domain

Risk Factors
Credential harvesting form (password only)
Hidden password field
New/unranked domain
Lack of username field
Potential brand impersonation without verification
Domain age information unavailable

Details

Page Title

ICM Tracker v0.1.0.1

Scan Type

public

Language

🇱🇹

LT

(50% confidence)

Category

corporate business

(57%)

Domain Information

You're looking at domain 'icmtracker-backup2-workx.pages.dev' on the developer-focused generic top-level domain (.dev) and includes subdomain 'icmtracker-backup2-workx'. The registrable portion 'pages' spans 5 characters containing two vowels alongside 3 consonants. Tokenizing the label suggests 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://icmtracker-backup2-workx.pages.dev/

Page Load Overview

5.53s
Total Load Time
12
HTTP Requests
3
Domains
86 KB
Total Size

Language Analysis

Primary Language

🇱🇹LT
Code: lt
Confidence:50%
Script:Unknown
Direction:ltr

Detection Details

Language Code:lt
Detection Confidence:50%
Script Type:Unknown
HTML Lang Attribute:en
Text Length:95 chars
Detector Agreement:50%
Language mismatch: Declared as en but detected as lt

Website Classification

Primary Category

corporate business57% confidence
Type: static
Method: ml+structural

All Detected Categories

corporate business
57%
documentation technical
49%
technology software
43%
news media journalism
30%
healthcare medical
25%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1172.66.47.4United States
AS13335CLOUDFLARENET
1172.66.44.252United States
AS13335CLOUDFLARENET
1142.250.184.227United States
AS15169GOOGLE
1142.250.181.234United States
AS15169GOOGLE
12a00:1450:4001:803::2003Frankfurt am Main, Hesse, Germany
AS15169GOOGLE
12606:4700:310c::ac42:2f04United States
AS13335CLOUDFLARENET
12606:4700:310c::ac42:2cfcUnited States
AS13335CLOUDFLARENET
1142.250.186.138United States
AS15169GOOGLE
1142.250.186.131United States
AS15169GOOGLE
12a00:1450:4001:827::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
1210--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T17D9372A8BD5171761E6FD7FD63CAA408626BF481DF02C9D1B6B2D00012CD7B0E26BE56

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:tYpvKsW7skLN8XbIeqX2AQRfRG16aE8H/DEe5ZPXeHaTe0xeTreG:nsY9N8XbIXDVpQaTXG3

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:92032:XaeRKyRAQQ1JCuE8aBARsSAi1Eg4gKsABJAW2k4QQIEDgQImAQBAUkvFZm0Ei5BKUAXMCCwRjrsIY0NAEKIStATEUdlEIgNB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fefeeeeee6e6fefe
Perceptual Hash:f5dd8c6688d922cc
Difference Hash:000018180c0c0008
Wavelet Hash:0e0e262626263e3e
Color Hash:#783a66

Other Hashes

Crop Resistant:000018180c0c0008

Scan History

Scan history not available

Unable to load historical scan data