ScanMalware.com

Security Scan Report: verify.welser.afi-cloud.de

Redirected to: https://login.microsoftonline.com/636e24fa-fa22-4ec4-91f5-1621515278bc/saml2?SAMLRequest=hZLBbtswEETv%2FQqBd0oiI1kWYSlwYwQ1kLZGrOTQS0BRy4QARbok5TR%2FH1aOgfTQ5LqYfTuY2dXln1EnR3BeWdMgkuYoASPsoMxjg%2B66a7xEl%2B2Xleejpge2nsKTuYXfE%2FiQrL0HF%2BLelTV%2BGsHtwR2VgLvbmwY9hXDwLMsiWsmX9Bl0FKdcKiy0nYZ0gIxH2IMDb%2FURULKJSGV4mH2ct7V9VCYdlXDWWxms0cpAKuyYLS4WQAvJseSU4gJEgWsiS0wWlJSkpNWyF9nsGiXbTYMegEsgC0H7nosa8hzqvoJyWdCcFBe8rKLM%2Bwm2xgduQoNoTiONYFp1pGKkZmWe1nn9CyU7Z4MVVn9V5hTT5Ayz3CvPDB%2FBsyDYfv39htE0Z%2F1J5Nm3rtvh3c99h5L7c9z0b9yxAOPZKeCPWYe3w6g99cFmx%2B494WMAPzeG2s%2F7WWXvj7TnF%2FgRqdvNzmolXpK11vb5ygEP0CDJIwMl19aNPPzfCEnJPFEDlrOUTcYfQCipYEBZ%2B3b332drXwE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Ousx1ULalQtLypI0THJuY49G%2FQA8t%2BAIDav57YQOdaP73L5hKCnSNpgScrEDgMCKeIPKFhBM5yS1SjkVQ5Vv%2FE9MN%2BQSwSke8cTYOcmWYcqnvGHxmIc9KZq47VgF2rLd%2Bf%2Fcr101AhUCVjh8eLzPCeYAWi0fjisK6NkWN0Lb%2Bbi%2F7232fs8TVADb%2FR3TrMZ9PTrmAiGu%2Bj%2FGAJMfMyKt%2BlEY4Tes%2F3NFp6%2FhiGTSZmk116%2FQMp1w2%2BACkhRCzndUgKBjq7zMzFJmV%2FWIZbfdcVPptM%2BTw0kZZAScmYCfXvnxx%2B7yV22%2BSwe6wqyz1%2F6kogydY1J%2FRsZtl6eBb%2BGTig%3D%3D&sso_reload=true

Submitted: Nov 27, 2025, 5:16:11 PMCompleted: Nov 27, 2025, 5:20:28 PMpubliccompleted
Loading additional data...

Summary

This website contacted 44 IPs in 4 countries across 7 domains to perform 33 HTTP transactions. The main domain is login.microsoftonline.com.

Submitted URL: http://verify.welser.afi-cloud.de/

Effective URL: https://login.microsoftonline.com/636e24fa-fa22-4ec4-91f5-1621515278bc/saml2?SAMLRequest=hZLBbtswEETv%2FQqBd0oiI1kWYSlwYwQ1kLZGrOTQS0BRy4QARbok5TR%2FH1aOgfTQ5LqYfTuY2dXln1EnR3BeWdMgkuYoASPsoMxjg%2B66a7xEl%2B2Xleejpge2nsKTuYXfE%2FiQrL0HF%2BLelTV%2BGsHtwR2VgLvbmwY9hXDwLMsiWsmX9Bl0FKdcKiy0nYZ0gIxH2IMDb%2FURULKJSGV4mH2ct7V9VCYdlXDWWxms0cpAKuyYLS4WQAvJseSU4gJEgWsiS0wWlJSkpNWyF9nsGiXbTYMegEsgC0H7nosa8hzqvoJyWdCcFBe8rKLM%2Bwm2xgduQoNoTiONYFp1pGKkZmWe1nn9CyU7Z4MVVn9V5hTT5Ayz3CvPDB%2FBsyDYfv39htE0Z%2F1J5Nm3rtvh3c99h5L7c9z0b9yxAOPZKeCPWYe3w6g99cFmx%2B494WMAPzeG2s%2F7WWXvj7TnF%2FgRqdvNzmolXpK11vb5ygEP0CDJIwMl19aNPPzfCEnJPFEDlrOUTcYfQCipYEBZ%2B3b332drXwE%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Ousx1ULalQtLypI0THJuY49G%2FQA8t%2BAIDav57YQOdaP73L5hKCnSNpgScrEDgMCKeIPKFhBM5yS1SjkVQ5Vv%2FE9MN%2BQSwSke8cTYOcmWYcqnvGHxmIc9KZq47VgF2rLd%2Bf%2Fcr101AhUCVjh8eLzPCeYAWi0fjisK6NkWN0Lb%2Bbi%2F7232fs8TVADb%2FR3TrMZ9PTrmAiGu%2Bj%2FGAJMfMyKt%2BlEY4Tes%2F3NFp6%2FhiGTSZmk116%2FQMp1w2%2BACkhRCzndUgKBjq7zMzFJmV%2FWIZbfdcVPptM%2BTw0kZZAScmYCfXvnxx%2B7yV22%2BSwe6wqyz1%2F6kogydY1J%2FRsZtl6eBb%2BGTig%3D%3D&sso_reload=trueRedirected

AI Security Verdict

AI analysis unavailable for this scan

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

Within the German country-code top-level domain (.de), 'verify.welser.afi-cloud.de' is registered and includes subdomain 'verify.welser'. The second-level label 'afi-cloud' is 9 characters long holding four vowels versus 4 consonants, along with one hyphen. Splitting it apart reveals 2 words: afi, cloud. The median word length lands at 4 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://verify.welser.afi-cloud.de/

Page Load Overview

0.42s
Total Load Time
33
HTTP Requests
7
Domains
986 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:182 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
33176.53.136.67Germany
AS3320Deutsche Telekom AG
2013.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
420.190.160.132Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
32.16.241.207Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
2176.53.136.69Germany
AS3320Deutsche Telekom AG
120.190.159.4Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
120.50.73.10Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
140.126.31.1Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.160.14Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.2Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
3344--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T11A734BEABFA62937828641B9B5B56D02AF7B5907488CCD60F18CC9C42FFB60D8137553

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:l6DB8GLGGAFjbvgtsavzTEyqU6MVnvnaloMPbrEeZjiVRC:EDB8FFjbvgGaCyS2vRC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:76950:BZEgCGDB4kHQGeREJ8CgAqAgJIgGOElNUogwFivBrYKoA6SRCQAICAISFCkLoImEnxPeAnJoIyoqQ1LAkhWTfHNIiV6AaAUE

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3c3c3c3c3c3c3c3c
Perceptual Hash:c29339d26dc73287
Difference Hash:d8f0f8f4e4dce8f8
Wavelet Hash:3c3c3c3c3c3c3c3c
Color Hash:#e07f6c

Other Hashes

Crop Resistant:b22072bc93833e32,c9004030347000ca,d8f0f8f4e4dce8f8

Scan History

Scan history not available

Unable to load historical scan data