ScanMalware.com

Security Scan Report: id.sehlat.io

Redirected to: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=beG70vHQLQGeorIHfJzHGrBYj7FlZYLsGbrSgFGV3_GTH198mDVcLXxYP1ohBeBezib4b0myvk_bX23M9IyWW2Sxfb0atdy0uiAuLt8JJSssC6LlyZG2MYnj0gGFey8-sygJShWkyNpebqGjgq6YupaBUEMDkYEIMKX6W-JAvA83LcUQD5yUnE1n0xy6u_6jthp8R4hg9aOUG2fG4fZuUXv5M8uwlDhOIoVQ8Vm0FO6GICgLqyw40UxqJiavXxlge1ABariaPCjdKzKOO5S795-R6LR4b8CflYQjtnD0Qw96r12d0xr3GbNqV35Wp9TMoCyAZW_TFMmnRRu9e7qRLaZU2lMP0XE1Hvs-3ms2Nd8WlOi0Zm0OzcXbszDsBF6N5k77Mx12is2xQUaxPldkt9CzPDELrx2M9xarKpNaLL_iqWBEFQjIM4URO3Ta6Mv3IlxL_ZReTsc95tTpfM0R6H9vZGF7KZzssbQo8hU0QwR0fX5RfjyeOWpbe0iSikMBal7xGH9o5urpS1PoX5QjWK5foCPO4Xx4WPyhCC7wXaeI5IQnMu3ENX7vIgsj6vpWx6GKgLB-5BBIDCAncQ27WIXvEEdgXqHvAFDhzPUW22q6SxOH-ZjcMn8gOq_-OBpSfkxR6qcRqz7N647Pu9yoxnkhHkpQ79F9w3jM1bf6GKPCAPvLS3qbA_lPgqmn5ezIq6lqQWaAX9y1i-Bsrwe3aa9LdVjVr6m-e705qXr6EcaPUmBCMqTnZA1FLXLtK2nZRtxfsauENMUP9_IbW6oKREJrMrEv1bM9XXKmhrt7F4m_M--hnfY-RWkHoeZqn56PRN8ZAi7Rkg9H0WIiN2FfqbkCDRKpbqeEOYT88aOrXeO43EMywk_LXgbQo9mq48WaZRR4Kdqc36dXKsG8THv-AQG-LkWNIUWxiBAQpohUNIM_9-ygQm5yordy7qEXeD-J28LQH3gAUd5IkT3ZwHn9tLiJ8azO6h0igJU6NZIMHGgq6OJ9hXWf4ap5FDjmDEL6fMQKLPK9fMoSgl6okztfxVhXOuBH9knJjAZ4-S3gTUkf--_9nvY64zccH_ksoVhXorK-o3NZEbrZkTA5BbZXky7JY08LgP7Txg_GQXZ0iyIpu9iL6RBD_gLdvJewNIg9Bvpkp6f0KZ7c_syH_YBpRSEd4vDguc6GK478RBxnZJbMcLvaaiBss6Tp8z15cgq417ZThM5WCmCKT1KnFrez8twfPsRV2GDko-uMAumZMhzjbV_FnZ_TfYf9G_TeBdgD2HGcYJISUnxUQRco8yI7UMwbHhfTTStk-_eCPdaFYQBTHxOUGOfe7wTBfRGE-tQ9Ds9x9_lreZ2AhDnG8xLOjbBexS7-dB8OHg_dQdNInPrC1W1N1tQmoLeFncb8&sso_reload=true

Submitted: Dec 16, 2025, 11:57:19 AMCompleted: Dec 16, 2025, 11:58:12 AMpubliccompleted
Loading additional data...

Summary

This website contacted 29 IPs in 4 countries across 5 domains to perform 18 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://id.sehlat.io/oauth2/auth?access_type=offline&client_id=8373396b-25da-4fa2-ac9b-a2adf050a34c&code_challenge=yyXSvNaJz38XZRdUPhiFhUR54MXPlvlF7PoMw-qGQ50&code_challenge_method=S256&nonce=LQa8UdA8LyvXoSJl57qZup32jzkxe9Uu&redirect_uri=https%3A%2F%2Fnginx-auth.devcloud-system.dcr.sehlat.io%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=Duxn61x3skzg1xz02tCJNiDuWrGDSCnt

Effective URL: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=beG70vHQLQGeorIHfJzHGrBYj7FlZYLsGbrSgFGV3_GTH198mDVcLXxYP1ohBeBezib4b0myvk_bX23M9IyWW2Sxfb0atdy0uiAuLt8JJSssC6LlyZG2MYnj0gGFey8-sygJShWkyNpebqGjgq6YupaBUEMDkYEIMKX6W-JAvA83LcUQD5yUnE1n0xy6u_6jthp8R4hg9aOUG2fG4fZuUXv5M8uwlDhOIoVQ8Vm0FO6GICgLqyw40UxqJiavXxlge1ABariaPCjdKzKOO5S795-R6LR4b8CflYQjtnD0Qw96r12d0xr3GbNqV35Wp9TMoCyAZW_TFMmnRRu9e7qRLaZU2lMP0XE1Hvs-3ms2Nd8WlOi0Zm0OzcXbszDsBF6N5k77Mx12is2xQUaxPldkt9CzPDELrx2M9xarKpNaLL_iqWBEFQjIM4URO3Ta6Mv3IlxL_ZReTsc95tTpfM0R6H9vZGF7KZzssbQo8hU0QwR0fX5RfjyeOWpbe0iSikMBal7xGH9o5urpS1PoX5QjWK5foCPO4Xx4WPyhCC7wXaeI5IQnMu3ENX7vIgsj6vpWx6GKgLB-5BBIDCAncQ27WIXvEEdgXqHvAFDhzPUW22q6SxOH-ZjcMn8gOq_-OBpSfkxR6qcRqz7N647Pu9yoxnkhHkpQ79F9w3jM1bf6GKPCAPvLS3qbA_lPgqmn5ezIq6lqQWaAX9y1i-Bsrwe3aa9LdVjVr6m-e705qXr6EcaPUmBCMqTnZA1FLXLtK2nZRtxfsauENMUP9_IbW6oKREJrMrEv1bM9XXKmhrt7F4m_M--hnfY-RWkHoeZqn56PRN8ZAi7Rkg9H0WIiN2FfqbkCDRKpbqeEOYT88aOrXeO43EMywk_LXgbQo9mq48WaZRR4Kdqc36dXKsG8THv-AQG-LkWNIUWxiBAQpohUNIM_9-ygQm5yordy7qEXeD-J28LQH3gAUd5IkT3ZwHn9tLiJ8azO6h0igJU6NZIMHGgq6OJ9hXWf4ap5FDjmDEL6fMQKLPK9fMoSgl6okztfxVhXOuBH9knJjAZ4-S3gTUkf--_9nvY64zccH_ksoVhXorK-o3NZEbrZkTA5BbZXky7JY08LgP7Txg_GQXZ0iyIpu9iL6RBD_gLdvJewNIg9Bvpkp6f0KZ7c_syH_YBpRSEd4vDguc6GK478RBxnZJbMcLvaaiBss6Tp8z15cgq417ZThM5WCmCKT1KnFrez8twfPsRV2GDko-uMAumZMhzjbV_FnZ_TfYf9G_TeBdgD2HGcYJISUnxUQRco8yI7UMwbHhfTTStk-_eCPdaFYQBTHxOUGOfe7wTBfRGE-tQ9Ds9x9_lreZ2AhDnG8xLOjbBexS7-dB8OHg_dQdNInPrC1W1N1tQmoLeFncb8&sso_reload=trueRedirected

AI Security Verdict

Safe Website

Confidence: 85%

2
Risk Score

Legitimate OAuth redirect to Microsoft login; no phishing or scam indicators detected.

Safety Factors
Final URL matches the brand (Microsoft) and is a known legitimate authentication endpoint
Login form is served by Microsoft, not by the initial domain
Absence of malicious Indicators of Compromise
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

πŸ‡ΊπŸ‡Έ

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'id.sehlat.io' uses the British Indian Ocean Territory country-code top-level domain (.io) with subdomain 'id'. The core label 'sehlat' covers 6 characters containing 2 vowels alongside four consonants. Splitting it apart reveals 3 words: se, hl, at. Median word length is two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://id.sehlat.io/oauth2/auth?access_type=offline&client_id=8373396b-25da-4fa2-ac9b-a2adf050a34c&code_challenge=yyXSvNaJz38XZRdUPhiFhUR54MXPlvlF7PoMw-qGQ50&code_challenge_method=S256&nonce=LQa8UdA8LyvXoSJl57qZup32jzkxe9Uu&redirect_uri=https%3A%2F%2Fnginx-auth.devcloud-system.dcr.sehlat.io%2Fcallback&response_type=code&scope=openid+profile+email+offline_access&state=Duxn61x3skzg1xz02tCJNiDuWrGDSCnt

Page Load Overview

13.98s
Total Load Time
18
HTTP Requests
5
Domains
449 KB
Total Size

Language Analysis

Primary Language

πŸ‡ΊπŸ‡ΈEnglish
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1813.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
023.207.210.132Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
040.126.31.69Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.128Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
020.190.159.73Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.68.146.194Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
023.207.210.137Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
020.190.159.75Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
02603:1026:3000:150::cAmsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
040.126.31.2Dublin, Leinster, Ireland
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
1829--

Detected Technologies5

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
HSTS
40%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D4938DDA7EFA2937438601B674B66E029E3AA9438D4DCC60F09CCD802FE674D8173657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:D08GLGG3loClylua1oVzTEyqU6MVnvnaloMPtyEqr/iQC:o84loClylL1jyS2jC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:97205:MJAowgBAkHVBKlwkRKiiAJRBGhCFhWoCCkJXEARAI3QGDjYaBtEYQgSe4A5BAAQgAliwNjQIGWKwEIQACiDphsRgSohIgQEp

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000181818180000
Perceptual Hash:8cd93366cc9999cc
Difference Hash:200cb2b2b2b20c31
Wavelet Hash:0c0c3c3c1f1f0f0f
Color Hash:#d22dcd

Other Hashes

Crop Resistant:90e0babca283acb2,200cb2b2b2b20c31

Scan History

Scan history not available

Unable to load historical scan data