ScanMalware.com

Security Scan Report: bot1.pages.dev

Submitted: Mar 30, 2026, 5:19:48 AMCompleted: Mar 30, 2026, 5:20:43 AMpubliccompleted
Loading additional data...

Summary

This website contacted 15 IPs in 3 countries across 15 domains to perform 56 HTTP transactions. The main domain is bot1.pages.dev and was registered NaN years ago.

Submitted URL: https://bot1.pages.dev/

AI Security Verdict

Moderate Risk

Confidence: 80%

5
Risk Score

The page mimics Speedtest branding on a pages.dev subdomain without login forms – moderate‑risk brand impersonation.

Risk Factors
Brand impersonation: brand name used on unrelated domain
Unranked subdomain on free hosting platform
Potentially new subdomain with unknown creation date
Safety Factors
No forms collecting passwords, emails, or payment data
No malicious Indicators of Compromise matches found
No JavaScript malware patterns detected
No credential exfiltration observed
Standard page content without suspicious scripts
Domain age information unavailable

Details

Page Title

Speedtest by Ookla - The Global Broadband Speed Test

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(46%)

Domain Information

The domain name 'bot1.pages.dev' uses the developer-focused generic top-level domain (.dev), featuring subdomain 'bot1'. Its registrable label 'pages' stretches across 5 characters split between two vowels and 3 consonants. Tokenizing the label suggests 1 word: pages. Expect 5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bot1.pages.dev/

Page Load Overview

4.75s
Total Load Time
82
HTTP Requests
27
Domains
4.9 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:2,390 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software46% confidence
Type: spa
Method: ml+structural

All Detected Categories

technology software
46%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1254.85.80.27Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
5188.114.97.3United States
AS13335Cloudflare, Inc.
513.226.244.99United States
AS20940
523.56.202.65Frankfurt am Main, Hesse, Germany
AS16625Akamai Technologies, Inc.
5172.217.16.202Unknown
AS16276
5142.251.127.84United States
AS15169Google LLC
5178.250.1.12France
AS44788Criteo Technology SAS
523.36.162.25Unknown
AS14618
5162.19.138.119Frankfurt am Main, Hesse, Germany
AS16276OVH SAS
518.245.31.9UnknownUnknown
8215--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1741407F162B8536D808B979CEF36A618670FE0B7F99649D5B79D8B644B83DE0EC03404

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:dSCEhMs4kl4s0xE6J/CgbcVKzoKeMXKLnpI6dDcPXE+ymj6aslNzlbsjq0Aok3at:HcX4bagbcVMaWUZD+3UbwnZA5M9X

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:192615:YEQcjGuFZkdSxIKkiQQACk5wxYZaGRRD7CwCQAGRAaAqw0TYGmKY4AIQkLEoKwFDoBtAScMAUEAIOxDUCo2KoIhFSCsJAzQk

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:6fbdfdfdfdfd1101
Perceptual Hash:aad522f30bf522d1
Difference Hash:9935353131352161
Wavelet Hash:6f3f1f1f39390101
Color Hash:#79d27c

Other Hashes

Crop Resistant:2d2d2d2d2c2d2ded,9935353131352161

Scan History

Scan history not available

Unable to load historical scan data