ScanMalware.com

Security Scan Report: umbrella-ecx.pages.dev

Site favicon
Submitted: Dec 28, 2025, 3:49:00 PMCompleted: Dec 28, 2025, 3:50:04 PMpubliccompleted
Loading additional data...

Summary

This website contacted 15 IPs in 1 country across 15 domains to perform 54 HTTP transactions. The main domain is umbrella-ecx.pages.dev and was registered NaN years ago.

Submitted URL: https://umbrella-ecx.pages.dev/ru

AI Security Verdict

High Risk

Confidence: 92%

9
Risk Score

High‑risk phishing site impersonating Ookla Speedtest on a malicious pages.dev subdomain.

Risk Factors
Primary domain pages.dev flagged as malicious
Impersonation of Ookla Speedtest on an unrelated domain
Unranked domain presenting a well‑known brand
Multiple redirects to a suspicious subdomain
Domain age information unavailable

Details

Page Title

Speedtest от Ookla - Глобальный тест скорости широкополосного доступа

Scan Type

public

Language

🇷🇺

Russian

(80% confidence)

Category

technology software

(73%)

Domain Information

Within the developer-focused generic top-level domain (.dev), 'umbrella-ecx.pages.dev' is registered and includes subdomain 'umbrella-ecx'. The core label 'pages' covers 5 characters containing 2 vowels alongside 3 consonants. Tokenizing the label suggests one word: pages. The median word length lands at 5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://umbrella-ecx.pages.dev/ru

Page Load Overview

1.79s
Total Load Time
54
HTTP Requests
0
Domains
N/A
Total Size

Language Analysis

Primary Language

🇷🇺Russian
Code: ru
Confidence:80%
Script:Cyrillic
Direction:ltr

Detection Details

Language Code:ru
Detection Confidence:80%
Script Type:Cyrillic
HTML Lang Attribute:ru
Text Length:2,461 chars
Detector Agreement:50%

Website Classification

Primary Category

technology software73% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
73%
government public service
49%
documentation technical
44%
corporate business
37%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
19146.75.122.219Germany
AS54113FASTLY
12188.114.96.3UnknownUnknown
423.36.162.6UnknownUnknown
454.234.12.96UnknownUnknown
3172.217.23.106UnknownUnknown
252.202.155.16UnknownUnknown
2178.250.1.12UnknownUnknown
1141.95.33.120UnknownUnknown
1108.177.15.84UnknownUnknown
123.56.202.65Germany
AS16625AKAMAI-AS
015--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T139F308F522BC535C908B975DEF36B608630FE0B7B5A689D5BB5D8F644B839E4E803840

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:/lkbOKdh4yves0xE6J/CgbcVKzoKeMXKLnpI6dDcPXE+ymj6aslNzlbsjq0Aok3a:WTrbebagbcVMaWUZD+3UbwnZpJ

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:169990:AGBMOoDtJiICZAggtB8IJGRDLAYoiC6EFF0UFKPWVCAQKy1QUhwCoAImh4jkWkCEMUkAAAQIkjDAGXQA2W0ABMgQSPm9EEjg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffffffffff0100
Perceptual Hash:aad532f132d58a55
Difference Hash:9971616111010101
Wavelet Hash:6f3b393901310100
Color Hash:#70783a

Other Hashes

Crop Resistant:9971616111010101

Scan History

Scan history not available

Unable to load historical scan data