ScanMalware.com

Security Scan Report: danos.z13.web.core.windows.net

Redirected to:
https://mail26.serverlet.top/_andromeda_oxy/[email protected]&pag...
Submitted: Jun 17, 2026, 5:11:20 PMCompleted: Jun 17, 2026, 5:12:40 PMpubliccompleted
Loading additional data...

Summary

This website contacted 2 IPs in 1 country across 2 domains to perform 2 HTTP transactions. The main domain is mail26.serverlet.top and was registered NaN years ago.

Submitted URL: https://danos.z13.web.core.windows.net/bab.html#[email protected]

Effective URL: https://mail26.serverlet.top/_andromeda_oxy/[email protected]&page=null&request_type=null&page_bg=null&no_redrct=null&pcnt=null&no_psplash=null&pmax=null&vcnt=null&use_cdtimr=nullRedirected

The Cisco Umbrella rank of the primary domain is #44 of the top 1 million websitesTop 100 Site

AI Security Verdict

Moderate Risk

Confidence: 72%

5
Risk Score

Page exhibits phishing cues such as email in URL and unknown subdomain, but lacks concrete malicious forms; moderate risk.

Risk Factors
Unknown subdomain age (could be newly created)
Email in URL fragment – classic phishing lure
Heavy use of eval() without clear benign purpose
Cross‑domain redirect to a non‑brand domain
Absence of legitimate content or clear purpose
Safety Factors
High Cisco Umbrella ranking (top 100)
No IoC matches against known malicious domains
No JavaScript YARA malware patterns detected
No network‑level IDS alerts
No credential exfiltration observed in traffic analysis
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(66% confidence)

Category

documentation technical

(45%)

Domain Information

You're looking at domain 'danos.z13.web.core.windows.net' on the network infrastructure generic top-level domain (.net); it also runs on subdomain 'danos.z13.web.core'. Its registrable label 'windows' stretches across 7 characters containing 2 vowels alongside 5 consonants. Word splitting yields 1 word: windows. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://danos.z13.web.core.windows.net/bab.html#eriq@sekure.net

Page Load Overview

0.56s
Total Load Time
22
HTTP Requests
5
Domains
38 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:66%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:66%
Script Type:Latin
Text Length:54 chars
Detector Agreement:100%

Website Classification

Primary Category

documentation technical45% confidence
Type: static
Method: ml+structural

All Detected Categories

documentation technical
45%
news media journalism
45%
phishing scam
40%
healthcare medical
39%
e-commerce shopping
31%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1157.150.155.68Washington, Virginia, United States
AS8075Microsoft Corporation
11104.21.44.232United States
AS13335Cloudflare, Inc.
222--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1094144B97D1A4634865291963139E75D3C33F0197F01848486DCCC395D58FDA18BBD6D

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:Ltx8isqZHKWrGLrGW+STw2wptI8Id65OS:LG187nx/Iq

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:1879:AAAAEAbAIgAABMIBAABBlEQihIAAABAAACYAAABAgAAEAAAAAABAAABABoCAAAQAAAAAAACAAAAAQCAIAEUAAAiEAwAAgiiB

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3f7fffffffffffff
Perceptual Hash:83070707070f1fff
Difference Hash:c080000000000000
Wavelet Hash:30f0f0f0f0f0f0f0
Color Hash:#3b783a

Other Hashes

Crop Resistant:c080000000000000

Scan History

Scan history not available

Unable to load historical scan data