ScanMalware.com

Security Scan Report: whitecloud.ath.cx

Site favicon
Submitted: Jan 11, 2026, 11:10:41 PMCompleted: Jan 11, 2026, 11:12:21 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 23 HTTP transactions. The main domain is whitecloud.ath.cx and was registered NaN years ago.

Submitted URL: https://whitecloud.ath.cx/login

AI Security Verdict

High Risk

Confidence: 95%

8
Risk Score

High‑risk phishing site impersonating Nextcloud; report as scam.

Risk Factors
Primary domain matches malicious Indicators of Compromise
Brand impersonation of Nextcloud on an unranked, non‑official domain
Use of a dynamic suspicious domain (ath.cx)
Login‑style page title on a domain that is not the official brand
Domain age information unavailable

Details

Page Title

Login – Nextcloud

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(79%)

Domain Information

The domain name 'whitecloud.ath.cx' uses the .cx country-code top-level domain, featuring subdomain 'whitecloud'. The second-level label 'ath' is 3 characters long with one vowel and 2 consonants. Word splitting yields two words: a, th. Expect 1.5 characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://whitecloud.ath.cx/login

Page Load Overview

96.80s
Total Load Time
23
HTTP Requests
0
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:175 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software79% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

technology software
79%
documentation technical
40%
real estate property
31%
news media journalism
30%
corporate
25%

Detected Features

OG: website

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
2366.189.169.111Atascadero, California, United States
AS20115CHARTER-20115
01--

Detected Technologies1

Open-Graph-Protocolvwebsite
100%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14BD1088E18808EFA074462FE53C1BA2B55FF70236B5618D5DBEED138129EF80529F54A

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:xNxxOZBXbZd9a1J1sPym13fUprie3TPmTsQjPJys1w:xNaZBXbv9a1J1sPdPYbmVPJyIw

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:6348:FwChAEBwYIBAAAYIDJEIIkAKKBCaACZ3gbdAgADKAKgJkAABjACugmAA2WAig3Ik2Ki0InziQiYQUUCFgOAAgwBMEDACEEQA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000000000180018
Perceptual Hash:9966996699669966
Difference Hash:0000000000100c32
Wavelet Hash:000000003f3f3f3f
Color Hash:#77e06c

Other Hashes

Crop Resistant:82a2d24d49528682,0000000000100c32

Scan History

Scan history not available

Unable to load historical scan data