ScanMalware.com

Security Scan Report: bellsouth-att-sign-in-4f949a.webflow.io

Site favicon
Submitted: Feb 25, 2026, 6:20:15 AMCompleted: Feb 25, 2026, 6:21:28 AMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 1 country across 3 domains to perform 9 HTTP transactions. The main domain is bellsouth-att-sign-in-4f949a.webflow.io and was registered NaN years ago.

Submitted URL: https://bellsouth-att-sign-in-4f949a.webflow.io/

AI Security Verdict

High Risk

Confidence: 85%

7
Risk Score

Impersonates BellSouth/AT&T login page on a Webflow subdomain; likely phishing.

Risk Factors
Brand impersonation of BellSouth/AT&T
Credential harvesting form (email + password)
Unranked domain on a free hosting subdomain
Google Safe Browsing social engineering detection
Domain age information unavailable

Details

Page Title

bellsouth att sign in

Scan Type

public

Language

🇺🇸

English

(71% confidence)

Category

technology software

(48%)

Domain Information

The domain name 'bellsouth-att-sign-in-4f949a.webflow.io' uses the British Indian Ocean Territory country-code top-level domain (.io), featuring subdomain 'bellsouth-att-sign-in-4f949a'. Its registrable label 'webflow' stretches across 7 characters holding two vowels versus five consonants. Word splitting yields 2 words: web, flow. Median word length is 3.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://bellsouth-att-sign-in-4f949a.webflow.io/

Page Load Overview

0.65s
Total Load Time
18
HTTP Requests
4
Domains
12 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:71%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:71%
Script Type:Latin
Text Length:608 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software48% confidence
Type: static
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
48%
phishing scam
44%
adult content
42%
documentation technical
41%
government public service
32%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6172.64.151.8United States
AS13335Cloudflare, Inc.
652.222.232.47United States
AS13335
6104.18.161.117United States
AS13335Cloudflare, Inc.
183--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T10171B677A124401AC30719F5FBD0B1DCF482835DCE626680F4B94A6C13ADCD96EB9ACC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:Y4y+UDOPeJwLgnC4iGba2o+F+u8yJfeDoQoU9DPXVeBp+en2DhEQRIcwkoyzev:vy+ZPewLTw/PfTQoEDvVmp+e2WQRIwpc

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3550:gAQAAoAAIAgEwCFAUAVARACCACAAUADACIVQITAAAACACAAAAAgAEAVojAIIIIgEAAAgYAAoAAALACAgAUAQCQBCACsKCYAS

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:7f7fff7f240000ff
Perceptual Hash:a2888d778808f77f
Difference Hash:c0c088b04d0e9e40
Wavelet Hash:7f7f7f07000000ff
Color Hash:#d02dd2

Other Hashes

Crop Resistant:c0c088b04d0e9e40

Scan History

Scan history not available

Unable to load historical scan data