ScanMalware.com

Security Scan Report: esupport-view-bff-pre-608.dcr.sehlat.io

Redirected to: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=Y54L_H3J3Ns7DP3gOzUzZr9ZxLwAYPASZxKpF-ApVTEHKM8m8r2tqUpAPPLbF0qKfYoi2ehGmVMXv4qUq6G9QAYTU-hWgxvU44b2DuWBdpttbVTXUqQM-bpDXH52r2oKE6ZvMwd-HfEG8hRTzHg__5JO5HjDRYatvGr9pl_XNWdch-a3QUvaAUTEelOR1oy3dqAYpxSx6XRXBu5DMUuyzDy8BzYPj4KFLLVgDJfawvtaWVJHIIqZnNaGxzYJ53HLZobhlLspksB-F-a9zzE7pV7ZXqXOyy8xlH-oZQ0aR1KrmF4uZMU6VMu9bbcIBsPso1wGYtT4erj-9wfuxR8vhZ8SAj0pF81y4LxWttBhwVdmnUgUwMAclE1Bvd-AV3g1CjDoxldGCdj3WWiMwYUFey9bztMXjrL5aoDhJZkjVYwa_TYCbxji4WKCFaKDX4VQQ44AxRIN-to83QUO9a2mOqCq882EZoO9M9lfMlc5O7TY_chZ1cuDctDFLAg7s8meo5McFLH5wMHXYtDZgMK8kzzrJ5o2cPaz7_opXH_0YOlI1keI_i8VN_zhZ6YaIFpogYBJ0QBeYhN2nCO2V0kIHI1BopursaLaeewif21D3m3m22vKAaP-fnMkpthDqsQ_rZpWb50p4UIEmQ8B2QsymsRo5rMHUowIQ7LxA1tOyo0KH3s92Pihn87EhVN94hgcahkJ7pGlzl_pO3UpVRN38YBogUsmm5_RWaR--hwCn5geQjrP9OciWAoVHPm9zOKSKewRJML5Hm4cpdTbHPNHFBTYuikxUEoJ3J4U4A-ISVYAbN4qX0YOotMFzchnWsgUmtR3p2hfSiWXe0tacbiscP6IrQQjhwfy8OGwaRUgxcvpeggQzR7JNlZle3-9NtlO4LhzRnhJilO24tLMmjph0n7_suSzABWbZsBkqBrkMZVp9870KZOXoovgjtCH5420Ubq2cPSAuY2FGhtUqUu9m7cHocuDiyIr18K7GOb7TCkdqxacbZ-jwMRFSzP8TXQIDpgFL8fAUWR2VlYVah48iM5-Qu09bmo6xEdLmxDuTL2TCttBetvJbgAG-1oXjf2F8_kbw-cO-qhjS3iGZw7WE_ICSW0JAHG20APoYGk8N7xJQMMP8HWwand1FQjvTp16nBGJtVjIhjHWASfLvU-EVuIJ2gb8o81cg_9t28f7vYvSdr_38821wBIORN8uxdILXpAOpGuQF9sUvehOdQcFpTSV76mTy9IDhfq8TW9T-myN_3F4QZ31F3pQ1VedTHU9Xbpmlgy_SLKm4-mdbLS7VaJ9eFR0fJL0CJux2spLb4Z0ORmSivAMS6WGNkwZcf0_VEvt_8mV29GSr7i_pV8scqm_K6JtPaM-OKPT8AytpcKZQZ2zULLm79ftRWEF&sso_reload=true

Site favicon
Submitted: Dec 29, 2025, 2:25:01 AMCompleted: Dec 29, 2025, 2:26:11 AMpubliccompleted
Loading additional data...

Summary

This website contacted 4 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: http://esupport-view-bff-pre-608.dcr.sehlat.io/

Effective URL: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=Y54L_H3J3Ns7DP3gOzUzZr9ZxLwAYPASZxKpF-ApVTEHKM8m8r2tqUpAPPLbF0qKfYoi2ehGmVMXv4qUq6G9QAYTU-hWgxvU44b2DuWBdpttbVTXUqQM-bpDXH52r2oKE6ZvMwd-HfEG8hRTzHg__5JO5HjDRYatvGr9pl_XNWdch-a3QUvaAUTEelOR1oy3dqAYpxSx6XRXBu5DMUuyzDy8BzYPj4KFLLVgDJfawvtaWVJHIIqZnNaGxzYJ53HLZobhlLspksB-F-a9zzE7pV7ZXqXOyy8xlH-oZQ0aR1KrmF4uZMU6VMu9bbcIBsPso1wGYtT4erj-9wfuxR8vhZ8SAj0pF81y4LxWttBhwVdmnUgUwMAclE1Bvd-AV3g1CjDoxldGCdj3WWiMwYUFey9bztMXjrL5aoDhJZkjVYwa_TYCbxji4WKCFaKDX4VQQ44AxRIN-to83QUO9a2mOqCq882EZoO9M9lfMlc5O7TY_chZ1cuDctDFLAg7s8meo5McFLH5wMHXYtDZgMK8kzzrJ5o2cPaz7_opXH_0YOlI1keI_i8VN_zhZ6YaIFpogYBJ0QBeYhN2nCO2V0kIHI1BopursaLaeewif21D3m3m22vKAaP-fnMkpthDqsQ_rZpWb50p4UIEmQ8B2QsymsRo5rMHUowIQ7LxA1tOyo0KH3s92Pihn87EhVN94hgcahkJ7pGlzl_pO3UpVRN38YBogUsmm5_RWaR--hwCn5geQjrP9OciWAoVHPm9zOKSKewRJML5Hm4cpdTbHPNHFBTYuikxUEoJ3J4U4A-ISVYAbN4qX0YOotMFzchnWsgUmtR3p2hfSiWXe0tacbiscP6IrQQjhwfy8OGwaRUgxcvpeggQzR7JNlZle3-9NtlO4LhzRnhJilO24tLMmjph0n7_suSzABWbZsBkqBrkMZVp9870KZOXoovgjtCH5420Ubq2cPSAuY2FGhtUqUu9m7cHocuDiyIr18K7GOb7TCkdqxacbZ-jwMRFSzP8TXQIDpgFL8fAUWR2VlYVah48iM5-Qu09bmo6xEdLmxDuTL2TCttBetvJbgAG-1oXjf2F8_kbw-cO-qhjS3iGZw7WE_ICSW0JAHG20APoYGk8N7xJQMMP8HWwand1FQjvTp16nBGJtVjIhjHWASfLvU-EVuIJ2gb8o81cg_9t28f7vYvSdr_38821wBIORN8uxdILXpAOpGuQF9sUvehOdQcFpTSV76mTy9IDhfq8TW9T-myN_3F4QZ31F3pQ1VedTHU9Xbpmlgy_SLKm4-mdbLS7VaJ9eFR0fJL0CJux2spLb4Z0ORmSivAMS6WGNkwZcf0_VEvt_8mV29GSr7i_pV8scqm_K6JtPaM-OKPT8AytpcKZQZ2zULLm79ftRWEF&sso_reload=trueRedirected

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Phishing page that collects credentials before redirecting to Microsoft login.

Risk Factors
Credential harvesting login form on an unrelated, unranked domain
Brand impersonation of Microsoft on a non‑official domain
Multiple redirects (4) increasing suspicion
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

entertainment media

(30%)

Domain Information

The domain 'esupport-view-bff-pre-608.dcr.sehlat.io' uses the British Indian Ocean Territory country-code top-level domain (.io) with subdomain 'esupport-view-bff-pre-608.dcr'. The second-level label 'sehlat' is 6 characters long containing two vowels alongside four consonants. Tokenizing the label suggests 3 words: se, hl, at. Median word length comes out to two characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of http://esupport-view-bff-pre-608.dcr.sehlat.io/

Page Load Overview

1.65s
Total Load Time
36
HTTP Requests
0
Domains
N/A
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

entertainment media30% confidence
Type: webapp
Method: ml+structural+ocr_tiebreaker

All Detected Categories

entertainment media
30%

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
1513.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
13104.126.37.178Germany
AS20940Akamai International B.V.
420.190.159.73UnknownUnknown
120.190.160.65UnknownUnknown
04--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T183A36CD97EB3393B864A41B9F4767D02AA3A5A43CD48CC68F19CCC952FE671C8127607

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:jJE58GLGGPv7No7J7qG1zzTEyqU6MVnvnaloMPt/EqrdijC:i8s7y7J7b1myS2JC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:98541:VKMAWJkjAICJFguENiYI0rIAsiAiV4JgQwAWtA3MyoYFpAAoGJA8tQHAACiUc4GAsAAIcV5Q1KlGEZoqxSAAkSk2CK1gECd1

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fffffe1818180000
Perceptual Hash:9dc8233ecdd1998c
Difference Hash:204db23232325cfe
Wavelet Hash:ffffff9a18180000
Color Hash:#862d5c

Other Hashes

Crop Resistant:82a0eabab2b283b2,bea0c03034e080b6,204db23232325cfe

Scan History

Scan history not available

Unable to load historical scan data