ScanMalware.com

Security Scan Report: www.spark.co.nz

Redirected to:
https://signin.spark.co.nz/?goto=https://www.spark.co.nz/xtramail/chec...
Site favicon
Submitted: May 20, 2026, 4:30:32 PMCompleted: May 20, 2026, 4:32:18 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main domain is signin.spark.co.nz.

Submitted URL: https://www.spark.co.nz/cwa/openam/SSORedirect/metaAlias/Xtramail/idp1?SAMLRequest=hZJva9swEMa%2FitF7W46zZK1IAsaeIdBtJenG6JuhKVcqpn%2FTnetun36Ss43sTQsCwd093PN7pA1Ka4JoR3p0B%2FgxAlLxbI1DMTe2bIxOeIkahZMWUJASx%2Fb9jWiqWoToyStv2IXkZYVEhEjaO1bs%2By37ejUMy6Zb1t2q7d91zdV1u%2B6vhzf1Yli3q%2F5tx4rPEDHNb1mSJxHiCHuHJB2lUt2sy3pVNvXdYi2WdTr3rOgTg3aSZtUjUUDB%2BTRNFQYZv1fKV%2B4XV5PkPkByyI%2FHjwc46QiKuAWSrdES%2BReK0kptuD6FBSs67xDyzpfo1HlIqDHGdJfaBqOVJlYMPiqYQ96yB2kQMsptSkM%2Fwb9K%2BzecvGy0EI8Qn7SCT4ebCxD4lm1Vz8nfHxYLxnjHg0c6AIZsgu02%2BTHEnFfcyRBw1ARlLpY0xQ2%2FbG%2FOn%2BBDAtr3tz55%2FpkdW%2FkKb67oU%2Fkwj4pkyKFO3IkkGZq6CJISHcURGN%2BdV%2F7%2F1Xa%2FAQ%3D%3D&RelayState=https%3A%2F%2Fwebmail.xtra.co.nz%2Findex.cgi&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EErHqSZ80cGAWwJaPh1ZJ%2B7D0vAw7%2FubYzKFHy1z7RThJDl9kMwWtG5YP0XWOg3c7NHDR4lgVGy4WtsgWY6s86d27HiHZI7ALqJ94puQEqk2odTT6ENLUtpyQsAa768gLJH4krooDrcqohVJ2kYMzOm29PflZqAazsCAuDxvl82j85GupjN7DLgwfEKDQbRTGJ89XwwJ3tUGC%2BzoXI5XzJUjmVctVWj9slAXpKgO2oD7VP3nyxmdTeXz9nqNzVwUSATPdeSJ7o1EBiolsitzTY3Au8ot1r0Rfnh9yEWL4Cftbdi0UUGYRPUjnUI2x2gU98GJsEu4VafBjXx7s4ssNg%3D%3D

Effective URL: https://signin.spark.co.nz/?goto=https://www.spark.co.nz/xtramail/checkcookies?spEntityID%3Dappsuite-saml-twr%26goto%3Dhttp://openam.internal.spark.co.nz:8080/openam/saml2/continue/metaAlias/Xtramail/idp1?secondVisitUrl%253D/SSORedirect/metaAlias/Xtramail/idp1?ReqID%25253D_8FF32C30C5ADEC289A6D9F401F6A5D7C%26AMAuthCookie%3D&brand=xtramailRedirected

The Cisco Umbrella rank of the primary domain is #416,869 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 80%

8
Risk Score

High risk login page; likely credential phishing targeting Xtra Mail users.

Risk Factors
Unknown domain age
Low domain ranking for a claimed brand
Critical JavaScript obfuscation score
Brand impersonation on a low‑ranked domain
Domain age information unavailable

Details

Page Title

Sign in

Scan Type

public

Language

🇺🇸

English

(54% confidence)

Category

healthcare medical

(29%)

Domain Information

Domain 'www.spark.co.nz' uses the New Zealand country-code top-level domain (.co.nz), featuring subdomain 'www'. Its registrable label 'spark' stretches across 5 characters split between 1 vowel and 4 consonants. It segments into 1 word: spark. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://www.spark.co.nz/cwa/openam/SSORedirect/metaAlias/Xtramail/idp1?SAMLRequest=hZJva9swEMa%2FitF7W46zZK1IAsaeIdBtJenG6JuhKVcqpn%2FTnetun36Ss43sTQsCwd093PN7pA1Ka4JoR3p0B%2FgxAlLxbI1DMTe2bIxOeIkahZMWUJASx%2Fb9jWiqWoToyStv2IXkZYVEhEjaO1bs%2By37ejUMy6Zb1t2q7d91zdV1u%2B6vhzf1Yli3q%2F5tx4rPEDHNb1mSJxHiCHuHJB2lUt2sy3pVNvXdYi2WdTr3rOgTg3aSZtUjUUDB%2BTRNFQYZv1fKV%2B4XV5PkPkByyI%2FHjwc46QiKuAWSrdES%2BReK0kptuD6FBSs67xDyzpfo1HlIqDHGdJfaBqOVJlYMPiqYQ96yB2kQMsptSkM%2Fwb9K%2BzecvGy0EI8Qn7SCT4ebCxD4lm1Vz8nfHxYLxnjHg0c6AIZsgu02%2BTHEnFfcyRBw1ARlLpY0xQ2%2FbG%2FOn%2BBDAtr3tz55%2FpkdW%2FkKb67oU%2Fkwj4pkyKFO3IkkGZq6CJISHcURGN%2BdV%2F7%2F1Xa%2FAQ%3D%3D&RelayState=https%3A%2F%2Fwebmail.xtra.co.nz%2Findex.cgi&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=EErHqSZ80cGAWwJaPh1ZJ%2B7D0vAw7%2FubYzKFHy1z7RThJDl9kMwWtG5YP0XWOg3c7NHDR4lgVGy4WtsgWY6s86d27HiHZI7ALqJ94puQEqk2odTT6ENLUtpyQsAa768gLJH4krooDrcqohVJ2kYMzOm29PflZqAazsCAuDxvl82j85GupjN7DLgwfEKDQbRTGJ89XwwJ3tUGC%2BzoXI5XzJUjmVctVWj9slAXpKgO2oD7VP3nyxmdTeXz9nqNzVwUSATPdeSJ7o1EBiolsitzTY3Au8ot1r0Rfnh9yEWL4Cftbdi0UUGYRPUjnUI2x2gU98GJsEu4VafBjXx7s4ssNg%3D%3D

Page Load Overview

18.57s
Total Load Time
20
HTTP Requests
3
Domains
164 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:54%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:54%
Script Type:Latin
Text Length:187 chars
Detector Agreement:100%

Website Classification

Primary Category

healthcare medical29% confidence
Type: spa
Method: ml+structural

All Detected Categories

healthcare medical
29%
technology software
27%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
834.160.81.0Kansas City, Missouri, United States
AS396982Google LLC
666.22.91.48Auckland, Auckland, New Zealand
AS48851Radware Ltd
666.22.91.1Auckland, Auckland, New Zealand
AS48851Radware Ltd
203--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1F153C7CA1570A24815CEE54EDF6FEEC8101B606BE9B3D5C57AEE8B0C4B8BAD4FD41844

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:wzgO/fvJf7ck9NKZoBz7qawqh0QKoZCktWnBo2rTbFDqJuK6v5qwqb2TplP3:wB/Vf7r7qa1ZI42rZR0Hb2Tplf

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:66507:oBKPQt1lMhUBQGQpAfjhA9emrwSMBQpQBBgS6jAoSKhCAgcBQUIWk1AwIJCAAjg2CC4BxIBQ5EMFFIEr20RqBpBIYgIgwwOt

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:1018181818180000
Perceptual Hash:8dc877227626dc27
Difference Hash:b2b2b2b2b3b34326
Wavelet Hash:18181819191b83c7
Color Hash:#2d3a86

Other Hashes

Crop Resistant:fa78c2e8b0b28e8e,b2b2b2b2b3b34326

Scan History

Scan history not available

Unable to load historical scan data