Critical Threat

Critical risk detected

16 of 92 antivirus engines flag this page (15 outright malicious). Leave the page unless you can independently prove that it is genuine.

Security Review

Is bright-concha-4e6328.netlify.app legit or a scam?

Critical Threat: General Web Risk

Recommended action:Leave the page unless you can independently prove that it is genuine.

This assessment combines 11 completed security checks into one public risk profile. Review the evidence and missing checks below before deciding whether to interact with bright-concha-4e6328.netlify.app.

Cross-checked against 11 completed checks 1 raised a concern
Open-web research was partially available; the verdict uses the other completed checks.
bright-concha-4e6328.netlify.appScanned Jul 17, 2026
Risk profile
Critical Threat
Threat type
General Web Risk
Evidence strength
Strong
Recommended action
Avoid this site
Technical score

Legacy trust score: 1/100

Score breakdown
Heuristics 0·MT 15
Category tags
phishingHow sure we are: High
Technical red flags (1)
16 of 92 engines flagged
Warning signals (1)
Some abuse reports (21%)
Positive signals (2)
No Google Safe Browsing matchEncrypted connection

These checks passed — but they don't clear the site. Valid SSL and a calm hosting IP only show that parts of the infrastructure work normally. They do not prove the business is real or cancel the warning signals above.

View density

At a glance

The most useful evidence from this scan, separated from the final verdict so you can judge the signals yourself.

11 checks completed
Antivirus engines
16/92
Engines flagged this URL
Domain registration
Registration date unknown
Operator identity
Claimed Only
The site provides an identity or contact claim that was not independently verified
How this report was created
Checks completed11
Open-web researchPartial
AnalysisAI-assisted synthesis
Scan timeJul 17, 2026

The public risk profile combines the completed automated checks into one consistent interpretation. A staff review is only claimed when explicitly identified on the report.

Intelligence

Advanced threat intelligence
Analysis
Critical ThreatengineMT · GuardianThreat pattern matchNo specific pattern
MT AgentLive web researchVisual inspectionNetwork correlation
90%
Confidence
Bottom line

The page loads a standard Zimbra login interface with username, password, and stay-signed-in fields. Six different antivirus engines returned explicit phishing detections on this exact URL. The domain sits on Netlify free hosting and loads external resources from mail.nlv.gov.vn and submit-form.com. Three similar Netlify subdomains have already been documented by PhishDestroy as credential-harvesting Zimbra phishing pages. The hosting IP carries 11 abuse reports. No business contact details, postal address, or legitimate operator information appear anywhere on the page. The combination of a live login form, multiple engine detections, and matching phishing patterns on the same hosting platform indicates active credential theft.

Full analysis

Page Content

The page title reads exactly "Zimbra Web Client Sign In" and displays the familiar username/password form with a "Stay signed in" checkbox. No contact email, phone, or postal address is present. The body text matches the official Zimbra copyright notice from 2005-2023.

Infrastructure

The site runs on Netlify free hosting with IP 98.84.224.111. Six antivirus engines (BitDefender, Criminal IP, Emsisoft, Forcepoint ThreatSeeker, Fortinet, G-Data) flag the page as phishing. The TLS certificate is valid and issued by DigiCert.

Domain History

The domain age is unknown. The page loads external domains mail.nlv.gov.vn and submit-form.com, which are not part of official Zimbra infrastructure.

What This Means for You

Entering any username or password on this page sends those credentials to an attacker. Avoid the site entirely and use only the official Zimbra domain provided by your organization.

Evidence behind the conclusion
Risk Factors
5
  • Six antivirus engines flag the page as phishing.
  • Live login form on a Netlify subdomain with no business contact details.
  • Three similar Netlify Zimbra phishing pages already documented by PhishDestroy.
  • Hosting IP carries 11 abuse reports.
  • External domains loaded that are unrelated to official Zimbra.
Recommendation
Leave the page unless you can independently prove that it is genuine.
Scam network detected
3 linked domains correlated

Multiple Netlify subdomains using the same Zimbra login template have been flagged as phishing.

gov-db635f70-zlimbra-4528-48ac-6460e3.netlify.appm4-4ad0-bc1d-zimbra-76fd724f94-1cf408.netlify.appfriendly-concha-1fb687.netlify.app
Next-gen fraud intelligence
Evidence-backedCross-checked

Website Preview

Screenshot of bright-concha-4e6328.netlify.app
SCAN-TIME CAPTURE
bright-concha-4e6328.netlify.app
What our review noticed on this page

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site. See full visual analysis →

Visual analysis

Web Research

Findings and citations

Threat Detection

Antivirus Engines

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Sandbox Render
Page rendered in a safe sandbox
Requests made0
Unique IPs2
Countries2
Detected brandsNone

What this means: we opened the page inside a locked-down browser and watched what it tried to load. This is context for the checks above — not a verdict on its own.

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗

Technical Details

The plumbing behind the site — who registered it, how it’s encrypted, where it’s hosted, and where it links out. A valid certificate or a calm server doesn’t mean the business is honest — scam sites pass these checks too. Use this to corroborate the verdict, not to overturn it.

Identity

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbers2005-2023
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No postal address visible on the page.
  • Phone number listed (2005-2023).

Domain

Domain History
AgeUnknown
RegistrarHidden
RegisteredUnknown
ExpiresUnknown
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerDigiCert Inc · DigiCert Global G2 TLS RSA SHA256 2020 CA1
ExpiresMar 19, 2027 (245d)
Self-signedNo
Hosting & Technology
HostingAmazon Data Services Northern Virginia
Server locationUS
Web serverNetlify

Infrastructure

Hosting
CountryGermany
NetworkAMAZON-02 - Amazon.com, Inc., US
IP address63.176.8.218
Abuse Intelligence
Confidence score21%
Reports on file11
ISPAmazon Data Services Northern Virginia
Usage typeContent Delivery Network

Connections — Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

What to do

Before interacting

Leave the page unless you can independently prove that it is genuine.

If you already paid, signed in or downloaded

Act promptly and follow the steps that match what you shared or opened.

Final Verdict

Threat type
General Web Risk
Evidence strength
Strong
Technical score

Legacy trust score: 1/100

Final Verdict·bright-concha-4e6328.netlify.app
Critical Threat

Why we rated bright-concha-4e6328.netlify.app critical threat

bright-concha-4e6328.netlify.app is rated Critical Threat for general web risk, with strong evidence.

Leave the page unless you can independently prove that it is genuine.

AV engines
92
Domain age
Flagged
16
Scan another URL
Security review completemalwaretips.com/url-scan

Safety FAQ

Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.