Security Scan: https://danos.z13.web.core.windows.net/bab.ht

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is mail26.serverlet.top and was registered NaN years ago.

Submitted URL: https://danos.z13.web.core.windows.net/bab.html#[email protected]

Effective URL: https://mail26.serverlet.top/_andromeda_oxy/[email protected]&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=nullRedirected

The Cisco Umbrella rank of the primary domain is #44 of the top 1 million websitesTop 100 Site

AI Security Verdict

Moderate Risk

Confidence: 80%

Risk Score

Page redirects to an unknown domain, embeds an email in the URL and contains a hidden form with eval() calls – strong phishing indicators despite no visible credential fields.

Risk Factors

Email in URL fragment used as phishing lure

Redirect to untrusted domain

Eval() usage in JavaScript

Hidden form field (cf-turnstile-response) without visible inputs

Unknown creation date of subdomain on hosting platform

Safety Factors

Verdict cited a credential/login form, but DOM analysis found no password field (real or disguised) or payment field, and no other hard signal — credential-phishing framing unsupported; risk adjusted from 8 to 5

Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(66% confidence)

Screenshot

Page Load Overview

1.42s

Total Load Time

HTTP Requests

Domains

35 KB

Total Size

Language Analysis

Primary Language

🇺🇸English

Code: en

Confidence:66%

Script:Latin

Direction:ltr

Detection Details

Language Code:en

Detection Confidence:66%

Script Type:Latin

Text Length:54 chars

Detector Agreement:100%

Website Classification

Primary Category

documentation technical45% confidence

Type: static

Method: ml+structural

All Detected Categories

documentation technical

45%

news media journalism

45%

phishing scam

40%

healthcare medical

39%

e-commerce shopping

31%

Detected Features

No structural features detected

Domain & IP Information

Requests	IP Address	Location	AS Autonomous System
11	172.67.204.249	United States	AS13335Cloudflare, Inc.
11	57.150.155.68	Washington, Virginia, United States	AS8075Microsoft Corporation
22	2	-	-

Detected Technologies6

JQueryv3.6.3

100%

50%

45%

40%

30%

Google Hosted Libraries

20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1024164B97D1A92349A125196313DE35D3C33E065BF01848486ECCC399D58FDA08BBEAD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:Ltx8isEZHKWrGLrGWASTw2wptI8Id65OS:LGT8Nnx/Iq

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:1879:AAAAEgbAAgAIBMIBIABBlEAiBIAAABAAADYQAAAAgAAEAAAAAABAAABABoCAAAQAAAAAAACAAAAAQCAIAAUAEAiEA0AAgiiB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3f7fffffffffffff

Perceptual Hash:83070707070f1fff

Difference Hash:c080000000000000

Wavelet Hash:30f0f0f0f0f0f0f0

Color Hash:#3b783a

Other Hashes

Crop Resistant:c080000000000000

Scan History

Scan history not available

Unable to load historical scan data

Security Scan Report: danos.z13.web.core.windows.net