Security Scan: Webmail Aruba

Summary

This website contacted 17 IPs in 3 countries across 5 domains to perform 28 HTTP transactions. The main domain is wetransfer550.blob.core.windows.net.

Submitted URL: https://wetransfer550.blob.core.windows.net/file589132014888291392103/index.html

Effective URL: https://wetransfer550.blob.core.windows.net/file589132014888291392103/webm.htmlRedirected

The Cisco Umbrella rank of the primary domain is #44 of the top 1 million websitesTop 100 Site

AI Security Verdict

Confirmed Scam

Confidence: 95%

Risk Score

Phishing page hosted on cloud storage, impersonating Aruba Webmail to harvest credentials.

Risk Factors

Cloud storage hosting combined with credential collection forms

Brand impersonation of Aruba Webmail

Multiple password fields without legitimate service context

Likely newly registered or unknown‑age domain

Absence of noindex tag facilitating search engine indexing

Domain age information unavailable

Details

Page Title

Webmail Aruba

Scan Type

public

Language

🇮🇹

Italian

(36% confidence)

Screenshot

Page Load Overview

0.32s

Total Load Time

HTTP Requests

Domains

1.3 MB

Total Size

Language Analysis

Primary Language

🇮🇹Italian

Code: it

Confidence:36%

Script:Latin

Direction:ltr

Detection Details

Language Code:it

Detection Confidence:36%

Script Type:Latin

HTML Lang Attribute:en

Text Length:494 chars

Detector Agreement:100%

Language mismatch: Declared as en but detected as it

Website Classification

Primary Category

unknown0% confidence

Type: webapp

Method: structural

All Detected Categories

No categories detected

Detected Features

Domain & IP Information

Requests	IP Address	Location	AS Autonomous System
18	20.209.87.193	Milan, Lombardy, Italy	AS8075MICROSOFT-CORP-MSN-AS-BLOCK
12	151.101.1.229	San Francisco, California, United States	AS54113FASTLY
5	151.101.65.229	San Francisco, California, United States	AS54113FASTLY
2	142.250.184.195	United States	AS15169GOOGLE
2	104.17.24.14	United States	AS13335CLOUDFLARENET
1	151.101.193.229	San Francisco, California, United States	AS54113FASTLY
1	142.250.186.106	United States	AS15169GOOGLE
1	151.101.129.229	San Francisco, California, United States	AS54113FASTLY
1	104.17.25.14	United States	AS13335CLOUDFLARENET
1	2a04:4e42:600::485	United States	AS54113FASTLY
28	17	-	-

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11022405060F4083751A785D83AA8670A3EC6E21BCB57454477FC4BE81FDBC93AE53A2E

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

96:nZF+zgW2JueoT/ve/c7vNt/jqEGEuPMsa3pTgd4rZN6RFqLQQxKAj:ZF+EW2JEck/ZfLQQgAj

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:10547:EJQTAaQBAlGFABCDNUhALASpA1CUmAiyAAYwq8aCDJHochMqZhxYuIWAkGAHAlgNONCKm6h5Dog4oQpgA0WgCgEgBmeABFiI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcf878783cfffff

Perceptual Hash:b033c7cc7ec33838

Difference Hash:041e1a1f3f3a000c

Wavelet Hash:f38183818107ffe7

Color Hash:#931f86

Other Hashes

Crop Resistant:041e1a1f3f3a000c,e18491d18db07aed

Scan History

Scan history not available

Unable to load historical scan data

Security Scan Report: wetransfer550.blob.core.windows.net