ScanMalware.com

Security Scan Report: f005.backblazeb2.com

Submitted: Nov 21, 2025, 9:19:58 AMCompleted: Nov 21, 2025, 9:22:11 AMpubliccompleted
Loading additional data...

Summary

This website contacted 15 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main domain is f005.backblazeb2.com and was registered NaN years ago.

Submitted URL: https://f005.backblazeb2.com/file/bellmtssvbssw7272239/bellmtslee.html

The Cisco Umbrella rank of the primary domain is #13,278 of the top 1 million websites

AI Security Verdict

Confirmed Scam

Confidence: 96%

10
Risk Score

Confirmed phishing scam harvesting BellMTS credentials on a cloud storage domain.

Risk Factors
Credential harvesting form on cloud storage domain
Impersonation of BellMTS brand
Use of cloud storage URL for login page
Password field collecting user credentials
Domain age information unavailable

Details

Page Title

MTS Mail | Login

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

social_media

(50%)

Domain Information

Domain 'f005.backblazeb2.com' uses the commercial generic top-level domain (.com), featuring subdomain 'f005'. Its registrable label 'backblazeb2' stretches across 11 characters holding three vowels versus 7 consonants; it also includes one digit. Word splitting yields four words: back, blaze, b, 2. Median word length comes out to 2.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://f005.backblazeb2.com/file/bellmtssvbssw7272239/bellmtslee.html

Page Load Overview

1.36s
Total Load Time
12
HTTP Requests
6
Domains
119 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:580 chars
Detector Agreement:100%

Website Classification

Primary Category

social_media50% confidence
Type: webapp
Method: structural

All Detected Categories

social_media
50%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
12104.17.5.3United States
AS13335CLOUDFLARENET
6140.238.130.32Toronto, Ontario, Canada
AS31898ORACLE-BMC-31898
1149.137.136.16United States
AS40401BACKBLAZE
1172.67.134.82United States
AS13335CLOUDFLARENET
1104.17.25.14United States
AS13335CLOUDFLARENET
1129.159.124.34Ashburn, Virginia, United States
AS31898ORACLE-BMC-31898
1104.17.6.3United States
AS13335CLOUDFLARENET
02606:4700::6811:190eUnited States
AS13335CLOUDFLARENET
02606:4700::6811:180eUnited States
AS13335CLOUDFLARENET
0104.21.25.148United States
AS13335CLOUDFLARENET
1215--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1A542C61E7CFB04710A53D0D9B6E7A9097D70D117D849CD883AAC8B881FD6E95C8A739C

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:1g0gvxY/xuEkgo9JEmYeTekE/j2pVtNpv0htBpYsUeStxV98vNQlh6Ac3+3iA+2m:1g0g5YQIzlHkJrKm4vNQD5i1

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:13123:ARCIIwBEiXiCMSGoUvCACKEJUI0RoBE8cCXkAhRFTAQiAD5qAQiAcGybQDOCSYRiJIIIEMPUgAIgMFeQiBL1ACNKSYC4BQNC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffefe7e7e7ffff
Perceptual Hash:b399cc6666999926
Difference Hash:0000080c0c0c0000
Wavelet Hash:3c3c2424e4e4fcfc
Color Hash:#bfb940

Other Hashes

Crop Resistant:0000080c0c0c0000

Scan History

Scan history not available

Unable to load historical scan data