ScanMalware.com

Security Scan Report: creditnotes.dm-drogeriemarkt.com

Redirected to: https://login.microsoftonline.com/655bc315-ddc8-46fd-8e94-a3e104272732/oauth2/authorize?client_id=feed842b-34b0-4eae-913f-b824555fe236&redirect_uri=https%3A%2F%2Fcreditnotes.dm-drogeriemarkt.com%2F.auth%2Flogin%2Faad%2Fcallback&response_type=code&scope=openid+profile+email&state=bf1b881a8078b737b3d87b40f13c3eb08d6b13261235b254fc27a5da80e12c7d9b2911f842365bf5474650fc3541f79999c3c0f2d361e41ee8e2bc12bd87bb873c9fa40e49d7ccd066bde5f0862e4c2f3c36bde8b8346790050b85bffdfc4e3c5123fbcb768dbf8f&sso_reload=true

Site favicon
Submitted: Feb 27, 2026, 9:51:51 AMCompleted: Feb 27, 2026, 9:53:04 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: http://creditnotes.dm-drogeriemarkt.com/

Effective URL: https://login.microsoftonline.com/655bc315-ddc8-46fd-8e94-a3e104272732/oauth2/authorize?client_id=feed842b-34b0-4eae-913f-b824555fe236&redirect_uri=https%3A%2F%2Fcreditnotes.dm-drogeriemarkt.com%2F.auth%2Flogin%2Faad%2Fcallback&response_type=code&scope=openid+profile+email&state=bf1b881a8078b737b3d87b40f13c3eb08d6b13261235b254fc27a5da80e12c7d9b2911f842365bf5474650fc3541f79999c3c0f2d361e41ee8e2bc12bd87bb873c9fa40e49d7ccd066bde5f0862e4c2f3c36bde8b8346790050b85bffdfc4e3c5123fbcb768dbf8f&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #794,816 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page collecting Microsoft credentials; do not enter any data.

Risk Factors
Credential harvesting via cross‑origin form
Brand impersonation of Microsoft on a low‑rank domain
Low Cisco Umbrella ranking for a brand‑claiming site
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'creditnotes.dm-drogeriemarkt.com' uses the commercial generic top-level domain (.com), featuring subdomain 'creditnotes'. The second-level label 'dm-drogeriemarkt' is 16 characters long holding five vowels versus ten consonants; it also includes 1 hyphen. Word splitting yields five words: dm, d, roger, ie, markt. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://creditnotes.dm-drogeriemarkt.com/

Page Load Overview

1.35s
Total Load Time
17
HTTP Requests
6
Domains
450 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
54.185.184.230Frankfurt am Main, Hesse, Germany
AS8075Microsoft Corporation
220.190.159.131United States
AS20940
223.207.210.132SwedenUnknown
240.126.31.0GermanyUnknown
213.107.246.45United States
AS8075Microsoft Corporation
213.107.213.44UnknownUnknown
240.126.32.76UnknownUnknown
177--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13E835BDA7FA21937828A45B4B1B57E036A3B59078C4CDCA4F19CC9882FFB74D8123657

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jHVa8GLGGpN9Enk00g+ayaDUoIyEk77gx2xpTvPoMmCBDEkJ0jir00RC:LVa8oHEk0lUJ32RAS04C

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:82688:IAfGtHNiQFiQAA7QMMAgTBfWAFQYmgIAQeYDYBCSAQgrIMriykOrYjKAqCAZCqhsAlkRQQmQwEBeiADkwIAyIKE2uCGAQYgs

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0000181818180000
Perceptual Hash:8cd93366cc9999cc
Difference Hash:200cb2b2b2b24c31
Wavelet Hash:3030383838380001
Color Hash:#ac538a

Other Hashes

Crop Resistant:c0606072b4a08382,8280ca3034e08082,200cb2b2b2b24c31

Scan History

Scan history not available

Unable to load historical scan data