ScanMalware.com

Security Scan Report: int.sell2vti.usedcars.vwfs.com

Redirected to: https://gisidint.b2clogin.com/gisidint.onmicrosoft.com/b2c_1_sell2vti_signin/oauth2/v2.0/authorize?client_id=800d2dca-20ee-45e5-a7df-f0ba5b3dfa7c&redirect_uri=https%3A%2F%2Fint.sell2vti.usedcars.vwfs.com%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=639056612757485837.OGE2NDdhZDgtZWE5Yy00YWIyLTg5YWQtNDVkZGFlMmVjM2MzNDk5OWQ3NmEtYjY5Ni00ODI5LThkODUtZjBiOWUyODYyYzhh&client_info=1&x-client-brkrver=IDWeb.4.0.1.0&state=CfDJ8KjgDSGTnLlBoG-FbiKS3fipiPokPxN7awpEmdjYQ_6BjEHGJcV8U23JVcPE7AdUlhrGZ0Dql_4zjwShCOyZWHDMJHapb0kkK_d666dS1vn8QF-z1ZbenEGU6AV68xbHYC-5yAeUPfl80ClMbDp0WDEygELiopJaNdKwSz-__Oi1w_KtKwHBoBWQiBa1po3zOQArNmlWEfRqEDetY1qniFJyz701pVzfqzY5zb8onqewk61g7iIGPK_uDKQaM0hJVnLjkSsYOrCIdkG2jBszZgW-0LhCpKIlF1Ant0DrBBDvIAz_bWXl68mPI1uwocy-Wg&x-client-SKU=ID_NET9_0&x-client-ver=8.14.0.0

Submitted: Feb 2, 2026, 8:34:31 PMCompleted: Feb 2, 2026, 8:35:42 PMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 1 country across 4 domains to perform 1 HTTP transaction. The main domain is gisidint.b2clogin.com and was registered NaN years ago.

Submitted URL: https://int.sell2vti.usedcars.vwfs.com

Effective URL: https://gisidint.b2clogin.com/gisidint.onmicrosoft.com/b2c_1_sell2vti_signin/oauth2/v2.0/authorize?client_id=800d2dca-20ee-45e5-a7df-f0ba5b3dfa7c&redirect_uri=https%3A%2F%2Fint.sell2vti.usedcars.vwfs.com%2Fsignin-oidc&response_type=id_token&scope=openid%20profile&response_mode=form_post&nonce=639056612757485837.OGE2NDdhZDgtZWE5Yy00YWIyLTg5YWQtNDVkZGFlMmVjM2MzNDk5OWQ3NmEtYjY5Ni00ODI5LThkODUtZjBiOWUyODYyYzhh&client_info=1&x-client-brkrver=IDWeb.4.0.1.0&state=CfDJ8KjgDSGTnLlBoG-FbiKS3fipiPokPxN7awpEmdjYQ_6BjEHGJcV8U23JVcPE7AdUlhrGZ0Dql_4zjwShCOyZWHDMJHapb0kkK_d666dS1vn8QF-z1ZbenEGU6AV68xbHYC-5yAeUPfl80ClMbDp0WDEygELiopJaNdKwSz-__Oi1w_KtKwHBoBWQiBa1po3zOQArNmlWEfRqEDetY1qniFJyz701pVzfqzY5zb8onqewk61g7iIGPK_uDKQaM0hJVnLjkSsYOrCIdkG2jBszZgW-0LhCpKIlF1Ant0DrBBDvIAz_bWXl68mPI1uwocy-Wg&x-client-SKU=ID_NET9_0&x-client-ver=8.14.0.0Redirected

The Cisco Umbrella rank of the primary domain is #309,548 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 90%

4
Risk Score

Legitimate Volkswagen Financial Services login page with low risk.

Risk Factors
Login form collecting credentials on a non‑top‑ranked domain
Safety Factors
Domain is over 8 years old
Domain is a subdomain of the legitimate brand (vwfs.com)
Uses a recognized Microsoft identity provider (b2clogin.com)
No malicious Indicators of Compromise detected
Domain age information unavailable

Details

Bot Protection Detected

This website is protected by access_denied bot protection. Our scanner was challenged or blocked during access.

Page Title

Choose your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'int.sell2vti.usedcars.vwfs.com' uses the commercial generic top-level domain (.com) and includes subdomain 'int.sell2vti.usedcars'. The core label 'vwfs' covers 4 characters split between 0 vowels and 4 consonants. Splitting it apart reveals two words: vw, fs. Median word length comes out to 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://int.sell2vti.usedcars.vwfs.com

Page Load Overview

4.53s
Total Load Time
3
HTTP Requests
2
Domains
159 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en-US
Text Length:649 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
398.64.116.209Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
013.107.246.44Netherlands
AS8075
040.126.31.71Netherlands
AS8075
0184.25.51.17Netherlands
AS8075
34--

Detected Technologies5

PasswordField
100%
Bootstrapv3.3.5
100%
Microsoft ASP.NET
50%
Kestrel
40%
HSTS
40%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T138B43A89BAE5313B0B5330F94DAF970A72F9801A044C8954F49CD5E82FA8958D17BFBD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

6144:ixRhqRoKiRoyx86RQwWbxPuHO+veCNO0qTvnKkW5+U7N7FwU:ipym+uHO+4xTvnKkW5+c77

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:518221:DWDlZVjTU4l4RGHkEFJBIQWpAACgOAQAkEaOBQ9JAqc2wzIg0wQCDLTomA1kBIAiaAMQZC1giQjAygZwJjOS9YiGTQAgkm4K

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:f0f8f8f8f8f8d840
Perceptual Hash:c9e67688055c9b67
Difference Hash:c0424bd2d37bb282
Wavelet Hash:f0f8f8f8f8f8d000
Color Hash:#4ed22d

Other Hashes

Crop Resistant:c0424bd2d37bb282,1e3453113d399c19,fdd4d8edaa8cccfa,030ac9ce0c014041,06cb472727273333

Scan History

Scan history not available

Unable to load historical scan data