wmail-web-zimbra-authenticator-4ae.netlify.app
Category: Phishing And Fraud
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of wmail-web-zimbra-authenticator-4ae.netlify.app
This URL appears to host a webmail-style login page branded as Zimbra, a messaging and collaboration platform. The page title and visible interface indicate a "Zimbra Web Client Sign In" screen, and the domain name includes terms such as "wmail," "zimbra," and "authenticator," which suggest an attempt to present itself as an email authentication or webmail access portal.
The site is served from a Netlify subdomain rather than from an obvious official Zimbra-owned domain. It also references external assets associated with a separate mail domain and Zimbra's public website, which may indicate that the page is imitating or reproducing a legitimate login experience rather than operating as an official vendor-hosted service. Based on the available categories and page content, this appears to be a credential-collection style page rather than a general technology website.
No clear operator identity is presented on the page beyond copied branding elements. In the absence of transparent ownership details and given the use of a hosted subdomain, the site may not represent an official enterprise mail portal.
Safety Assessment for wmail-web-zimbra-authenticator-4ae.netlify.app
Multiple security signals indicate elevated risk at the time of this scan. The URL was flagged by 13 out of 91 security engines, with several classifying it as phishing, and multiple web-classification providers categorized it as phishing or fraud-related content. The screenshot shows a branded email login form, while the domain itself is an unrelated Netlify subdomain rather than an apparent official Zimbra login address, which may indicate an attempt to imitate a legitimate mail service.
The malware scan did not detect malicious files, but that does not materially reduce concern in this case because phishing pages often contain little or no malware and instead focus on collecting usernames and passwords. In addition, the domain's IP address is listed on one mail-reputation blocklist, which is a weaker signal than phishing detections but still adds minor caution.
The domain is several years old and uses valid HTTPS, but age and TLS alone do not establish legitimacy. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid SSL/TLS certificate issued by DigiCert and is hosted on Netlify infrastructure backed by AWS EC2 in Frankfurt, Germany. The certificate validity suggests encrypted transport is in place, although the specific protocol details were not provided in the scan data.
DNSSEC appears to be unsigned, which means DNS responses may not benefit from DNSSEC validation. The domain uses NS1 nameservers and resolves to hosting commonly used for static or quickly deployed web content. From a technical perspective, the main concern is not transport security but the apparent mismatch between the hosted subdomain and the branded login experience it presents.
Share your experience with this website. Was it safe? Did you encounter any issues?