ScanMalware.com

Security Scan Report: servicedesk.krz-swd.support

Redirected to:
https://sso.krzcloud.de/realms/krz/protocol/openid-connect/auth?scope=...
Site favicon
Submitted: Jun 3, 2026, 1:47:32 AMCompleted: Jun 3, 2026, 1:49:09 AMpubliccompleted
Loading additional data...

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 2 HTTP transactions. The main domain is sso.krzcloud.de.

Submitted URL: https://servicedesk.krz-swd.support

Effective URL: https://sso.krzcloud.de/realms/krz/protocol/openid-connect/auth?scope=email+profile+openid&response_type=code&oauth_provider_id=e96234972b3fee10db9df59c4e91bfb3&state=SNC1fcd81826651a4341a30861093512be7&redirect_uri=https%3A%2F%2Fservicedesk.krz-swd.support%2F&client_id=servicenow-prodRedirected

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Unranked KRZ‑branded login page with cross‑origin SSO likely phishing; avoid interaction.

Risk Factors
Unranked domain with brand name (typosquatting indicator)
Login form on non‑official domain
Cross‑origin form submission to a different domain
Domain age < 1 year (recent registration)
Domain age information unavailable

Details

Page Title

Anmeldung bei KRZ Single Sign-on

Scan Type

public

Language

🇩🇪

German

(80% confidence)

Category

cryptocurrency blockchain

(81%)

Domain Information

You're looking at domain 'servicedesk.krz-swd.support' on the .support top-level domain, featuring subdomain 'servicedesk'. The core label 'krz-swd' covers 7 characters containing 0 vowels alongside 6 consonants, plus one hyphen. Breaking it apart gives 4 words: kr, z, s, wd. Median word length comes out to 1.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://servicedesk.krz-swd.support

Page Load Overview

3.53s
Total Load Time
37
HTTP Requests
2
Domains
16 KB
Total Size

Language Analysis

Primary Language

🇩🇪German
Code: de
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:de
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:de
Text Length:89 chars
Detector Agreement:100%

Website Classification

Primary Category

cryptocurrency blockchain81% confidence
Type: static
Method: ml+structural

All Detected Categories

cryptocurrency blockchain
81%
government public service
74%
finance banking
67%
healthcare medical
57%
news media journalism
56%

Detected Features

No structural features detected

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
37149.96.179.107Düsseldorf, North Rhine-Westphalia, Germany
AS16839SERVICENOW, INC.
371--

Detected Technologies1

HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T14061215094F4082902F28458BED5241A9ECDEB138B9A8949F3BC43F52FEAEC68CE7555

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

48:3NIPGTBB4BM48Ye+p8B0W4ud6gNerZtY4lt0aBVQ+gdeC2CXV:9IPEAM48n+p8B0UdzeNh0cVLg4CF

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:3295:GAUAAACAAIAgEWAACQCAQgQAgAAAQQAgwEIgAAAAAAAIUIQAgEwiIBAAREAgEBEEIIBACLgIkDIKAEAACAFAQSBEAAIAAIAI

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:677f2727bf9e9cc0
Perceptual Hash:b7a3589c2b362798
Difference Hash:cccc4c4d60243019
Wavelet Hash:672727273e9e8cc0
Color Hash:#40bfb7

Other Hashes

Crop Resistant:cccc4c4d60243019

Scan History

Scan history not available

Unable to load historical scan data