ScanMalware.com

Security Scan Report: guohaolin.pages.dev

Site favicon
Submitted: Jan 4, 2026, 4:16:02 PMCompleted: Jan 4, 2026, 4:18:17 PMpubliccompleted
Loading additional data...

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 53 HTTP transactions. The main domain is guohaolin.pages.dev and was registered NaN years ago.

Submitted URL: https://guohaolin.pages.dev/it

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Site impersonates Ookla Speedtest and is flagged by malicious Indicators of Compromise; treat as high‑risk phishing.

Risk Factors
Malicious Indicator of Compromise match on primary domain pages.dev
Brand impersonation of Ookla Speedtest on an unrelated domain
Unranked domain with low reputation used to mimic a reputable service
Domain age information unavailable

Details

Page Title

Speedtest di Ookla - Il test globale per la velocità della tua banda larga

Scan Type

public

Language

🇮🇹

Italian

(80% confidence)

Category

technology software

(54%)

Domain Information

Domain 'guohaolin.pages.dev' uses the developer-focused generic top-level domain (.dev) with subdomain 'guohaolin'. The second-level label 'pages' is 5 characters long containing two vowels alongside 3 consonants. Segmentation suggests 1 word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://guohaolin.pages.dev/it

Page Load Overview

50.68s
Total Load Time
58
HTTP Requests
18
Domains
2.7 MB
Total Size

Language Analysis

Primary Language

🇮🇹Italian
Code: it
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:it
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:it
Text Length:2,423 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software54% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
54%
government public service
28%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16142.250.185.162Sweden
AS15169
213.226.244.128United States
AS54113
223.36.162.25France
AS20940
2188.114.96.3United States
AS13335CLOUDFLARENET
254.234.12.96Unknown
AS44788
223.36.162.6Unknown
AS16276
2172.217.18.10Unknown
AS396982
252.202.155.16Unknown
AS13335
2146.75.122.219Unknown
AS14618
2141.95.98.64Unknown
AS16509
5822--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T139F308F522BC535D908B875DEF36B608630FE0B7B5A689D5BB5D8F644B839E4E803840

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:PBPjqTa0Jl4yv+s0xE6J/CgbcVKzoKeMXKLnpI6dDcPXE+ymj6aslNzlbsjq0AoB:9cb+bagbcVMaWUZD+3UbwnZHh

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:168745:gEJNgEAFVABKAABOEHASKEHgRANAQiCCoBAYJgAIQLRQwNSJlliBpIhDg6AFBbSAFQJQCiAOFRimngACCo6A1BBAHSTwJFIC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffffffffff0100
Perceptual Hash:aad522f132c7ca55
Difference Hash:9971616111010101
Wavelet Hash:7f3b3b3b073f0100
Color Hash:#91ac53

Other Hashes

Crop Resistant:9971616111010101

Scan History

Scan history not available

Unable to load historical scan data