ScanMalware.com

Security Scan Report: nexus.ultimagen.com

Redirected to:
https://uma.app.ultimagen.com/signin?destination=nexus
Site favicon
Submitted: May 12, 2026, 8:07:44 PMCompleted: May 12, 2026, 8:09:02 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 2 domains to perform 17 HTTP transactions. The main domain is uma.app.ultimagen.com and was registered NaN years ago.

Submitted URL: https://nexus.ultimagen.com

Effective URL: https://uma.app.ultimagen.com/signin?destination=nexusRedirected

The Cisco Umbrella rank of the primary domain is #692,761 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 72%

5
Risk Score

Login page on an old, low‑rank domain that mimics a brand and uses heavily obfuscated JavaScript; moderate risk of brand impersonation.

Risk Factors
Low Cisco Umbrella ranking (outside top 100K)
Brand name mismatch suggests possible typosquatting
High JavaScript obfuscation score
Safety Factors
Domain age >9 years (well‑established)
No malicious Indicators of Compromise or YARA matches
Legitimate cross‑origin SSO form submission
Domain age information unavailable

Details

Page Title

User Management - Signin

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'nexus.ultimagen.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'nexus'. The second-level label 'ultimagen' is 9 characters long with four vowels and 5 consonants. Segmentation suggests two words: ultima, gen. Expect 4.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://nexus.ultimagen.com

Page Load Overview

4.08s
Total Load Time
11
HTTP Requests
2
Domains
4.5 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:108 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1144.210.255.15Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
111--

Detected Technologies1

PasswordField
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D3A1DC7849910A37E3070DDF3CEA770A1787C929CA00A924FB7986D74AD9F511B23B5B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:Th3rrJzib4xTSTiVJeV2STSTy3x0STiVEeddnSTSTyvlrdh5d83:BEz+V0VTeO+ZrSeal+

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:4902:AAKEgAABAgQBIWAIEiGwQAAAABgAVASgAFkgAFBBBoAAJkCRQACEIAeqBABSEIABjcgEAAEIRACGEAACACQgGgLAgCZEAEEC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7c7c3ffffff
Perceptual Hash:b3338ccc66cc9933
Difference Hash:000e1e0d0d140000
Wavelet Hash:03030303c3c3ffff
Color Hash:#2dd2b1

Other Hashes

Crop Resistant:000e1e0d0d140000

Scan History

Scan history not available

Unable to load historical scan data