ScanMalware.com

Security Scan Report: ncvps.instructure.com

Redirected to: https://ncvps.instructure.com/login/canvas

Submitted: Mar 17, 2026, 12:22:13 PMCompleted: Mar 17, 2026, 12:23:12 PMpubliccompleted
Loading additional data...

Summary

This website contacted 7 IPs in 1 country across 7 domains to perform 1 HTTP transaction. The main domain is ncvps.instructure.com and was registered NaN years ago.

Submitted URL: https://ncvps.instructure.com

Effective URL: https://ncvps.instructure.com/login/canvasRedirected

The Cisco Umbrella rank of the primary domain is #994 of the top 1 million websitesTop 1K Site

AI Security Verdict

Moderate Risk

Confidence: 85%

4
Risk Score

Legitimate Canvas login page, but the missing username field is unusual; proceed carefully.

Risk Factors
Password field without accompanying username/email field (potential credential harvesting pattern)
Safety Factors
Domain age > 10 years (well‑established)
Official Instructure branding and page title
No cross‑origin credential exfiltration detected
No malicious Indicators of Compromise
Domain age information unavailable

Details

Page Title

Canvas Login | Instructure

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

social media network

(52%)

Domain Information

You're looking at domain 'ncvps.instructure.com' on the commercial generic top-level domain (.com) and includes subdomain 'ncvps'. The second-level label 'instructure' is 11 characters long split between 4 vowels and 7 consonants. Splitting it apart reveals two words: in, structure. Median word length is 5.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ncvps.instructure.com

Page Load Overview

9.03s
Total Load Time
89
HTTP Requests
10
Domains
1.1 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:574 chars
Detector Agreement:100%

Website Classification

Primary Category

social media network52% confidence
Type: dynamic
Method: ml+structural

All Detected Categories

social media network
52%
education learning
28%

Detected Features

Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
17216.58.206.74United States
AS15169Google LLC
1265.8.131.48United States
AS16509Amazon.com, Inc.
1252.217.198.209United States
AS396982
1218.173.206.26United States
AS16509Amazon.com, Inc.
1244.199.240.105Ashburn, Virginia, United States
AS14618Amazon.com, Inc.
1299.84.152.67United States
AS16509Amazon.com, Inc.
12108.138.7.12United States
AS16509Amazon.com, Inc.
897--

Detected Technologies5

PasswordField
100%
Amazon Web Services
50%
HSTS
40%
ReadSpeaker
20%
Amazon S3
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1ADB2093250705876CDE18394E9B07F1C9AB5B05BB4C0ACD9B5FD8A089BE3EE6061315B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

384:FxSdqYPFs/s1svwkdAOvSXv6SGr4x+1CPFP09vf4j+m31Xv2eozpTJ6Zn/1PAAv6:qXGCZ09nE+Ze8he+VFPH

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:25159:I4CUAkYggIBBaEc5BAiOLVDLRRkAVoZSQinYcRhLYRshQQFjKIkUAGJQhRArCh4sEFAAatgCCFQALQStYCAhgcKacgAwDFmi

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Scan History

Scan history not available

Unable to load historical scan data