ScanMalware.com

Security Scan Report: heshun.com.tw

Redirected to: https://storage.googleapis.com/tryblueupdatesagain/email_enc.html?err=4UL82G2EUBSLHLHJJGY&dispatch=CCb&id=7A6b0B63B124247883637Abb8B8392#[email protected]

Submitted: Mar 10, 2026, 9:22:19 AMCompleted: Mar 10, 2026, 9:23:31 AMpubliccompleted
Loading additional data...

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 28 HTTP transactions. The main domain is storage.googleapis.com and was registered NaN years ago.

Submitted URL: https://heshun.com.tw/latest/#[email protected]

Effective URL: https://storage.googleapis.com/tryblueupdatesagain/email_enc.html?err=4UL82G2EUBSLHLHJJGY&dispatch=CCb&id=7A6b0B63B124247883637Abb8B8392#[email protected]Redirected

AI Security Verdict

Confirmed Scam

Confidence: 94%

10
Risk Score

Confirmed credential‑phishing site that harvests email/password and exfiltrates them to Google Cloud Storage.

Risk Factors
Cross‑origin credential exfiltration to cloud storage
Use of Google Cloud Storage as backend for password collection
Email address embedded in URL fragment
JavaScript credential exfiltration functions detected
High‑severity IDS alerts for hex‑obfuscated script tags
Domain age information unavailable

Details

Page Title

SEKURE - Mail

Scan Type

public

Language

🇳🇴

Norwegian

(72% confidence)

Category

unknown

(0%)

Domain Information

Within the Taiwanese country-code top-level domain (.com.tw), 'heshun.com.tw' is registered with no subdomain. The second-level label 'heshun' is 6 characters long containing 2 vowels alongside four consonants. Word splitting yields two words: he, shun. Median word length is three characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://heshun.com.tw/latest/#je@sekure.net

Page Load Overview

4.62s
Total Load Time
28
HTTP Requests
5
Domains
2.7 MB
Total Size

Language Analysis

Primary Language

🇳🇴Norwegian
Code: no
Confidence:72%
Script:Latin
Direction:ltr

Detection Details

Language Code:no
Detection Confidence:72%
Script Type:Latin
HTML Lang Attribute:en
Text Length:32 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as no

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
4142.251.208.27United States
AS15169Google LLC
3103.138.106.62Taiwan
AS17408AboveNet Communications Taiwan
3104.17.24.14United States
AS13335Cloudflare, Inc.
3142.251.208.187United States
AS15169Google LLC
3151.101.1.229United States
AS54113Fastly, Inc.
3151.101.65.229United States
AS54113Fastly, Inc.
3104.17.25.14United States
AS13335Cloudflare, Inc.
3151.101.193.229United States
AS54113Fastly, Inc.
3216.58.206.91United States
AS15169Google LLC
289--

Detected Technologies3

PasswordField
100%
LiteSpeed
40%
HTTP/3
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19632B03731580D290657A0D471F2267C0EDC9E399896CDD476D2EBBD1FD0F8712AA2C9

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:raPzZZT9C9pjcaOvQiD3D748TTbNQBBd3f9Uir4cH74e8MQ9Ol:+ZXuRcxvQibn35QBrv9UYt8e8f9Y

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:11587:QiJs1ATsAFCoNWYTVQEXAAi9EMAsuBoIAQgNEKEuCBgAggDCSGkbA1IBgITEGq5PTJBIgIweZpQImLgJ3ACkUGrEILoaPAkA

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffefe7ffe7e7ffff
Perceptual Hash:b399cc26999966c6
Difference Hash:000808000c0c0008
Wavelet Hash:3c242424e4e4e4fc
Color Hash:#86672d

Other Hashes

Crop Resistant:000808000c0c0008

Scan History

Scan history not available

Unable to load historical scan data