ScanMalware.com

Security Scan Report: github.threatbuild.com

Redirected to: https://github.threatbuild.com/login

Site favicon
Submitted: Feb 28, 2026, 5:32:33 PMCompleted: Feb 28, 2026, 5:33:59 PMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 2 domains to perform 65 HTTP transactions. The main domain is github.threatbuild.com and was registered NaN years ago.

Submitted URL: https://github.threatbuild.com

Effective URL: https://github.threatbuild.com/loginRedirected

The Cisco Umbrella rank of the primary domain is #856,044 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Impersonates GitHub login page and harvests credentials on a low‑rank domain – phishing.

Risk Factors
Brand impersonation (GitHub branding on non‑official domain)
Credential harvesting form (password field) on suspicious domain
Low Cisco Umbrella ranking for a site claiming a major brand
Domain age information unavailable

Details

Page Title

Sign in via LDAP · GitHub

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'github.threatbuild.com' on the commercial generic top-level domain (.com) and includes subdomain 'github'. The core label 'threatbuild' covers 11 characters holding four vowels versus 7 consonants. Word splitting yields 2 words: threat, build. Average segment length settles at 5.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://github.threatbuild.com

Page Load Overview

13.14s
Total Load Time
65
HTTP Requests
2
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:374 chars
Detector Agreement:50%

Website Classification

Primary Category

unknown0% confidence
Type: spa
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6563.162.55.68Santa Clara, California, United States
AS396922Cisco Systems, Inc.
651--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T12FE296E2A450546D03070ACFF6B3FA98E562A32ADEC4C458B0FE61F8A7C2DD5D963518

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:BXXu3Bsu9M1j9zur+AoV3CV/Opdfhtdk4uNCTVyjS8KoVabJXa5ePlgt+pVCczxM:BXXu3Bsu9M1j9zur+AoV3CV/OpdfhteZ

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:32443:gZhAABEQMgkFOgMUA4ew0VoRsARkiArVwQINNmExEyQAgCItKBsEkxgITCwBA3QBEC0BoEEigAIxASCiIWWQKnAGICQWZaO0

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:3f3fffffffffffff
Perceptual Hash:800001011fffffff
Difference Hash:c0c0000000000000
Wavelet Hash:3030f0f0f0f0f0f0
Color Hash:#79a1d2

Other Hashes

Crop Resistant:c0c0000000000000

Scan History

Scan history not available

Unable to load historical scan data