ScanMalware.com

Security Scan Report: littleturtlessea.blob.core.windows.net

Redirected to: https://arubabuckets3cdn.blob.core.windows.net/managehosting/webm.html

Submitted: Nov 21, 2025, 8:28:00 AMCompleted: Nov 21, 2025, 8:30:09 AMpubliccompleted
Loading additional data...

Summary

This website contacted 14 IPs in 3 countries across 7 domains to perform 28 HTTP transactions. The main domain is arubabuckets3cdn.blob.core.windows.net.

Submitted URL: https://littleturtlessea.blob.core.windows.net/pmevb1dyot/Yhh8.html

Effective URL: https://arubabuckets3cdn.blob.core.windows.net/managehosting/webm.htmlRedirected

The Cisco Umbrella rank of the primary domain is #44 of the top 1 million websitesTop 100 Site

AI Security Verdict

Confirmed Scam

Confidence: 96%

10
Risk Score

Confirmed phishing scam targeting Aruba Webmail credentials

Risk Factors
Cloud storage hosting with credential collection
Multiple password fields on a suspicious domain
Brand impersonation (Webmail Aruba) on an unauthorized domain
New or unregistered domain age
Hidden password fields
Domain age information unavailable

Details

Page Title

Aruba.it - Caricamento in corso

Scan Type

public

Language

🇮🇹

Italian

(36% confidence)

Category

unknown

(0%)

Domain Information

The domain name 'littleturtlessea.blob.core.windows.net' uses the network infrastructure generic top-level domain (.net), featuring subdomain 'littleturtlessea.blob.core'. The registrable portion 'windows' spans 7 characters holding two vowels versus 5 consonants. It segments into 1 word: windows. Median word length comes out to seven characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://littleturtlessea.blob.core.windows.net/pmevb1dyot/Yhh8.html

Page Load Overview

0.49s
Total Load Time
28
HTTP Requests
7
Domains
608 KB
Total Size

Language Analysis

Primary Language

🇮🇹Italian
Code: it
Confidence:36%
Script:Latin
Direction:ltr

Detection Details

Language Code:it
Detection Confidence:36%
Script Type:Latin
HTML Lang Attribute:en
Text Length:434 chars
Detector Agreement:100%
Language mismatch: Declared as en but detected as it

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1720.209.87.193Milan, Lombardy, Italy
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
3104.16.175.226United States
AS13335CLOUDFLARENET
2104.16.174.226United States
AS13335CLOUDFLARENET
2142.250.186.99United States
AS15169GOOGLE
2104.17.25.14United States
AS13335CLOUDFLARENET
2104.17.24.14United States
AS13335CLOUDFLARENET
22606:4700::6811:180eUnited States
AS13335CLOUDFLARENET
22606:4700::6811:190eUnited States
AS13335CLOUDFLARENET
22a00:1450:4001:81c::200aFrankfurt am Main, Hesse, Germany
AS15169GOOGLE
22606:4700::6810:aee2United States
AS13335CLOUDFLARENET
2814--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T190712F2792B304266C97927967EB670B32A19443D64FDE243FCC62488FC4BE495A23CC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:Hk8cIO/0wtq/fBFtDR4P0+4SfcnVW8wF3P1MUaXF1FNSh2kQpES99lxABuV:HUIOjYBFAPeeYY8wnMUaXn362HDAm

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3550:KEACgEKhAQBEAAAACCAiAAEBgCSJAADFiACAiEAAAABiBAgEAAAIAIAAAEQAAIEBiI0AUAgIAEQEBACBQhQAKAgIABAAQAAC

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000183c3c180000
Perceptual Hash:9b93644c9b3333cc
Difference Hash:0000282a2a280000
Wavelet Hash:0f0f1b1b1b1b0f0f
Color Hash:#4c2d86

Other Hashes

Crop Resistant:0000282a2a280000

Scan History

Scan history not available

Unable to load historical scan data