ScanMalware.com

Security Scan Report: zhengge.pages.dev

Submitted: Dec 29, 2025, 1:36:12 PMCompleted: Dec 29, 2025, 1:39:14 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 68 HTTP transactions. The main domain is zhengge.pages.dev and was registered NaN years ago.

Submitted URL: https://zhengge.pages.dev/awards/

AI Security Verdict

High Risk

Confidence: 95%

9
Risk Score

Site impersonates Ookla Speedtest Awards on a malicious pages.dev subdomain; high‑risk phishing.

Risk Factors
Primary domain malicious Indicators of Compromise
Brand impersonation on an unusual subdomain (zhengge.pages.dev)
Unranked domain in Cisco Umbrella
Multiple redirects before final destination
Use of a generic hosting domain (pages.dev) known for malicious activity
Domain age information unavailable

Details

Page Title

Speedtest Awards presented by Ookla

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(49%)

Domain Information

You're looking at domain 'zhengge.pages.dev' on the developer-focused generic top-level domain (.dev); it also runs on subdomain 'zhengge'. Its registrable label 'pages' stretches across 5 characters split between 2 vowels and three consonants. Tokenizing the label suggests one word: pages. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://zhengge.pages.dev/awards/

Page Load Overview

41.61s
Total Load Time
36
HTTP Requests
5
Domains
1.5 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,115 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software49% confidence
Type: static
Method: ml+structural

All Detected Categories

technology software
49%
documentation technical
41%
government public service
25%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6172.66.45.34United States
AS13335CLOUDFLARENET
523.36.162.6Germany
AS20940
523.36.162.25United States
AS16509
513.32.121.127New York, New York, United States
AS16509AMAZON-02
5104.18.87.42United States
AS13335CLOUDFLARENET
513.32.121.98UnknownUnknown
5146.75.122.219UnknownUnknown
367--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1CC45F1B66206313D6407CF6576F0BE453F310117D01A62B5FCB6F8288F8E6E89967A8D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

24576:FjzC0e+1Wtvm9KY0Z/rZkkGj4Tgi2zjI0UbbgrZ:ZrKfVT9Mj80V

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:1255380:SSXAwMGCKEORAEoAgMDyEEUsAUJUAoY1GXKBgCi34BhDxwcQZoFDJIgyxSCAMyUy1ltAJhokULJKgAG1BVFAYgCYQCAApSeK

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00617f7f7f7d7d7d
Perceptual Hash:aa453b383c4d4e37
Difference Hash:ddcbc5c5c5555555
Wavelet Hash:006177771f353d25
Color Hash:#bf8040

Other Hashes

Crop Resistant:2d2d2d2d2eae4eae,ddcbc6c4c4555555

Scan History

Scan history not available

Unable to load historical scan data