ScanMalware.com

Security Scan Report: nesar.dehghaninesar.workers.dev

Redirected to:
https://nesar.dehghaninesar.workers.dev/performance/united-states
Site favicon
Submitted: May 5, 2026, 11:21:37 AMCompleted: May 5, 2026, 11:22:52 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main domain is nesar.dehghaninesar.workers.dev and was registered NaN years ago.

Submitted URL: http://nesar.dehghaninesar.workers.dev/performance/united-states

Effective URL: https://nesar.dehghaninesar.workers.dev/performance/united-statesRedirected

AI Security Verdict

Moderate Risk

Confidence: 80%

5
Risk Score

The site uses the Speedtest brand on an unranked workers.dev subdomain without collecting credentials, indicating moderate risk of brand misuse.

Risk Factors
Brand name displayed on unranked hosting subdomain
Unknown subdomain age
Potential typosquatting of a well‑known brand
Safety Factors
No login or payment forms
No malicious scripts or exfiltration behavior detected
No network IDS alerts
Domain age information unavailable

Details

Page Title

Find Your Next ISP with Speedtest’s Help | Speedtest

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(29%)

Domain Information

You're looking at domain 'nesar.dehghaninesar.workers.dev' on the developer-focused generic top-level domain (.dev); it also runs on subdomain 'nesar.dehghaninesar'. The registrable portion 'workers' spans 7 characters holding 2 vowels versus 5 consonants. Segmentation suggests 1 word: workers. Median word length is 7 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://nesar.dehghaninesar.workers.dev/performance/united-states

Page Load Overview

0.94s
Total Load Time
30
HTTP Requests
8
Domains
1009 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:3,445 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software29% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
29%

Detected Features

Search
Schema.org

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
9104.18.86.42United States
AS13335Cloudflare, Inc.
7104.18.128.216United States
AS13335Cloudflare, Inc.
723.36.162.6Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
7104.21.48.14United States
AS13335Cloudflare, Inc.
304--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T190732AE1A34C435E916B478C7E36F518731FA0BAFE5689DAE69D8B2442839D0FC07C58

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:G7Qr4ki+orUmd13HxEHxVGoQDclzH71Bo84:G0/sgRQDazHRBw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:79937:WgwQBlcKBuyAIABQEcn9gEVgMASUtLABvUoWkoUHgjEAICARS2TK4gUQYBsPAgIowUFAEEk1QLQYYg+2FA6AAQksoDISMwOP

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:00ffffffffffffff
Perceptual Hash:f772380a4b0e4b73
Difference Hash:990e0c440e22261a
Wavelet Hash:00c2e6fee7a383a3
Color Hash:#9187c5

Other Hashes

Crop Resistant:990e0c440e22261a,010523dddd234501

Scan History

Scan history not available

Unable to load historical scan data