ScanMalware.com

Security Scan Report: reactivatenumero.z21.web.core.windows.net

Submitted: Mar 30, 2026, 3:47:58 AMCompleted: Mar 30, 2026, 3:49:06 AMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 1 HTTP transaction. The main domain is reactivatenumero.z21.web.core.windows.net and was registered NaN years ago.

Submitted URL: https://reactivatenumero.z21.web.core.windows.net/

The Cisco Umbrella rank of the primary domain is #44 of the top 1 million websitesTop 100 Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

9
Risk Score

Phishing page impersonating AT&T Mail on Azure storage, harvesting passwords.

Risk Factors
Password field without accompanying username field
Brand impersonation (AT&T Mail) on non‑official domain
Cloud storage hosting with credential form (Azure Blob storage)
Google Safe Browsing social engineering detection
Domain age information unavailable

Details

Page Title

Login Screen

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

finance banking

(65%)

Domain Information

You're looking at domain 'reactivatenumero.z21.web.core.windows.net' on the network infrastructure generic top-level domain (.net), featuring subdomain 'reactivatenumero.z21.web.core'. The registrable portion 'windows' spans 7 characters split between two vowels and five consonants. It segments into one word: windows. Median word length is seven characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://reactivatenumero.z21.web.core.windows.net/

Page Load Overview

0.77s
Total Load Time
3
HTTP Requests
2
Domains
40 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:401 chars
Detector Agreement:100%

Website Classification

Primary Category

finance banking65% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

finance banking
65%
healthcare medical
39%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
220.209.27.132San Antonio, Texas, United States
AS8075Microsoft Corporation
1104.26.12.205United States
AS13335Cloudflare, Inc.
32--

Detected Technologies1

Azure
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1C103AFB05AB6483897538082FFE933866F1AC50F66854049FE1C9BD94F82DA5D6D3DCC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:dU9HflxcAh3wi5u3MzKmK0K6mnY6cflxcAh3wi5u3MzKmK0K6mnYpB2tjh:G9HflxXhA7eFUcflxXhA7eF/Mtjh

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:40427:KAEYRakZoALjGBCLFAYQBAA8ZhMBIIhCIxAdpQEAmSAC1ILsCCiSlANKkBUJJWvERU0gxWKegUIIMIhTM0SFRjAAFggBIAQB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffe7e7e7e7ffffff
Perceptual Hash:b326cc99336c9999
Difference Hash:080c0c4d0c100000
Wavelet Hash:07070707e4e4f0f0
Color Hash:#2dd2ac

Other Hashes

Crop Resistant:080c0c4d0c100000

Scan History

Scan history not available

Unable to load historical scan data