ScanMalware.com

Security Scan Report: custlogin-pp.gm.com

Redirected to: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639106235909296655.Nzc0NmU1ODAtMjQzNy00Y2E5LWI5NDktZGE2NTRlZGY5OTE5MTkyNGE4MTQtYzFjMS00NGNmLWIxYmUtMDk5MDI3ZDAxNGQz&ui_locales=en-US&mkt=en-US&client-request-id=adf99711-29c1-4388-98c5-948a9417eba2&state=h8JbbwoUp1O33uj6aFYE1k2hx06wwq0cwQWNxSqLgduu0lVyAgL-rZj37Bk8THfDWaBO5LHuqXfbVY4KBgrtSqyWoX8DG0hxx_6GwiA42ppDJK40kM33t1xh03D015QFtMD8ad1iKyWyneAq5ZddTFfmeyrEQRsEFE_P4mocv95ledtIakmVq6eKzo_A2DJu62LKB0RjC0Ij5WTrmrqL8pxS_WScJ0LwWQE59_xKNd3O-TC04c4a1haxMnvUDI95GGONWUWYKpDk4nYfORIiHXWUIIktEolfkQRIf2ezlYSSQecPGY0skS9XRPMSH091zdLeX-UqJx1Xk8pXfTVGYPAgacniQvGtjNoYuntUkHvDcKxh4wneRzODZKwz3WUAb7BwoadLEV0WmWZFU04Pu-5v-xp8hCuwD5UXwUEo28Q&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=true

Submitted: Apr 1, 2026, 6:59:48 AMCompleted: Apr 1, 2026, 7:00:59 AMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 49 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://custlogin-pp.gm.com

Effective URL: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id=4765445b-32c6-49b0-83e6-1d93765276ca&redirect_uri=https%3A%2F%2Fwww.office.com%2Flandingv2&response_type=code%20id_token&scope=openid%20profile%20https%3A%2F%2Fwww.office.com%2Fv2%2FOfficeHome.All&response_mode=form_post&nonce=639106235909296655.Nzc0NmU1ODAtMjQzNy00Y2E5LWI5NDktZGE2NTRlZGY5OTE5MTkyNGE4MTQtYzFjMS00NGNmLWIxYmUtMDk5MDI3ZDAxNGQz&ui_locales=en-US&mkt=en-US&client-request-id=adf99711-29c1-4388-98c5-948a9417eba2&state=h8JbbwoUp1O33uj6aFYE1k2hx06wwq0cwQWNxSqLgduu0lVyAgL-rZj37Bk8THfDWaBO5LHuqXfbVY4KBgrtSqyWoX8DG0hxx_6GwiA42ppDJK40kM33t1xh03D015QFtMD8ad1iKyWyneAq5ZddTFfmeyrEQRsEFE_P4mocv95ledtIakmVq6eKzo_A2DJu62LKB0RjC0Ij5WTrmrqL8pxS_WScJ0LwWQE59_xKNd3O-TC04c4a1haxMnvUDI95GGONWUWYKpDk4nYfORIiHXWUIIktEolfkQRIf2ezlYSSQecPGY0skS9XRPMSH091zdLeX-UqJx1Xk8pXfTVGYPAgacniQvGtjNoYuntUkHvDcKxh4wneRzODZKwz3WUAb7BwoadLEV0WmWZFU04Pu-5v-xp8hCuwD5UXwUEo28Q&x-client-SKU=ID_NET8_0&x-client-ver=8.14.0.0&sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #12,098 of the top 1 million websites

AI Security Verdict

High Risk

Confidence: 92%

8
Risk Score

Phishing page mimicking Microsoft login; do not enter credentials.

Risk Factors
Brand impersonation (Microsoft) on unrelated domain
Cross‑origin credential form (email+password) to Microsoft login endpoint
Login form on non‑official domain
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

technology software

(85%)

Domain Information

Domain 'custlogin-pp.gm.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'custlogin-pp'. The core label 'gm' covers 2 characters split between 0 vowels and 2 consonants. It segments into one word: gm. The median word length lands at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://custlogin-pp.gm.com

Page Load Overview

1.31s
Total Load Time
31
HTTP Requests
6
Domains
472 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:133 chars
Detector Agreement:100%

Website Classification

Primary Category

technology software85% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

technology software
85%
social media network
40%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
720.190.159.2Germany
AS8075
420.42.65.94Ireland
AS20940
420.190.160.131NetherlandsUnknown
440.126.32.76Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
423.207.210.137Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
423.103.241.19UnknownUnknown
413.107.246.44United States
AS8075Microsoft Corporation
317--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T161935CE67FA22937828A49B5F4766D026F3A9907884CDCA0F09CCD882FFB71D4523557

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jcW9Wr8GLG2sUzU9WsWi0O6RWSUOUFuUFiUxCNoIyEk77gx2xpTvPoMmCB/Ef8iS:QMy8pOu9gjRDhjbjNJ32RApFxC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:92375:AGPl4KDqFIQdgCkOjOABkcQQSYREIo7BVCADYfWImQUECeD9JjQmhEFUAACuIACuDEgExMSAhQCGC8MBGS0YOSRDHBgDAqII

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5e6e6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#756ce0

Other Hashes

Crop Resistant:88e4d2d3e5e6e6e6

Scan History

Scan history not available

Unable to load historical scan data