ScanMalware.com

Security Scan Report: portal.gaggle.net

Redirected to:
https://apps.gaggle.net/gen?_template=/templates/gaggle/html/index.jsp...
Submitted: Apr 13, 2026, 3:49:06 AMCompleted: Apr 13, 2026, 3:50:25 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 1 HTTP transaction. The main domain is apps.gaggle.net and was registered NaN years ago.

Submitted URL: https://portal.gaggle.net

Effective URL: https://apps.gaggle.net/gen?_template=/templates/gaggle/html/index.jsp&cdnSupported=false&SAMLRequest=fZFLT8MwEITv%2FIrId%2BdNaa0mVQVCqgQS0MKBS%2BWk29QosY13Ux6%2FHrelPC492ppvZnd2PHnv2mALDpXRBUvCmAWga7NSuinY4%2BKaD9mkPBuj7NrUimlPG%2F0Arz0gBVNEcOS5S6Ox78DNwW1VDY8PNwXbEFkUUSQ9EdY9kvECbo0j2XJpVdjIpmkhxAOD0T4hUivrAK03BBZc%2BRSlJe1H%2BzG0Fo%2BwBop%2BDdBwh5IFs6uCLeN8LYdpBTwZJDHPh%2BcDPqqSNU%2Fq0bm8qPIqi%2F2qM8QeZhpJaipYGqcDHuc8yRZxJvKRSLIwu8ieWfB0LCjdFeQr0ygOlRSsd1oYiQqFlh2goFrMp7c3wkuFdYZMbVpWHhoU%2B0AXXBvXSTrN7n7Uiq%2F3UgGaFH38yz6Ny%2BN1WLmTyU5%2BGi1q02hFRqAVPfI3XzBPl7a%2Fg5ftfZOOo79Tlt%2FP%2F2cvvwA%3D&RelayState=H4sIAAAAAAAAADWS3W6jMBCF34XrugWDbchdQpMm2aRNmjQ_rKrIgB27NYGCgbTVvvtOtVrNxXzWOR6PdPztcGfgtA3qRWMRPlXtSrx16zN2bpwUlLPoNWAGaA3G-F1flKdVrRq3lcSvWFhx0HPQlbVVM7i7q8racnN75uezEbcXYUEXoGdlLgAl4Ga4XACencFvp6zERec_noJrA72qS6mNcF5vHAVettVtLPJpvsbdVT4E0-HkqV6FX7MkitNd7yIasgDKZb7PscSSuVQyzALq0QwLyqAzqIwSOAlKWIAlPKNhNj5SLT5iVkpR-H0QHeXDST1Fx69mttjOe7VyN8edmC2H8QvcePvZHBMK-A54eJT3_KDiRbvbEGH7T1I_N106wvtugffHZPuYn06TaTwN580kwaY8mF2yVWJoFMo-Bf4im1F-6GdT5O33htUVK9K6WE_6t7kIX07Leidov3nS5eoy3f5a8PEyHPmZynfVyB0fct1Ya5LhBxmasa8T8nz9jMeJj4w9qvDd2uWViGuxmnf3D2vY2MDGvLXqNmsbWxaiRv9yQrzS_7NqRN3pTDRgL5yBxxh1CfaID5k4A8lNI26c-icSmlOWewTxXDIUEBkiHqYZCgIWEY9EEucezLBgPbmB5CFOBfKo56IgJBRFqSeRl0WEszRIfdcFbwdf4fXPX3M2D8yOAgAA.H4sIAAAAAAAAAMsX4WCt5la0iGvLPNt28N4Ej3NML1gXlP1ay9A5b51z9H4At4wjcyAAAAA.3Redirected

The Cisco Umbrella rank of the primary domain is #292,692 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 75%

5
Risk Score

The site shows moderate signs of credential phishing due to brand claim on a low‑rank domain and a login form; avoid entering sensitive credentials.

Risk Factors
Low Cisco Umbrella ranking for a site claiming the Gaggle brand
Credential collection form on a sub‑domain rather than a primary brand domain
ML model indicates phishing likelihood
Safety Factors
Domain age 9851 days (well‑established)
No malicious Indicators of Compromise, YARA matches, or IDS alerts
Cross‑origin form submission appears to be a legitimate SSO flow
Domain age information unavailable

Details

Page Title

N/A

Scan Type

public

Language

🇺🇸

English

(45% confidence)

Category

phishing/scam

(40%)

Domain Information

Within the network infrastructure generic top-level domain (.net), 'portal.gaggle.net' is registered with subdomain 'portal'. The registrable portion 'gaggle' spans 6 characters holding two vowels versus four consonants. Breaking it apart gives 1 word: gaggle. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://portal.gaggle.net

Page Load Overview

11.53s
Total Load Time
91
HTTP Requests
10
Domains
5.0 MB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:45%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:45%
Script Type:Latin
Text Length:822 chars
Detector Agreement:67%

Website Classification

Primary Category

phishing/scam40% confidence
Type: webapp
Method: ml+structural

All Detected Categories

phishing/scam
40%
technology software
35%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
16162.216.127.237United States
AS2734CoreSite
1534.36.213.229Kansas City, Missouri, United States
AS396982Google LLC
1554.192.35.16United States
AS16509Amazon.com, Inc.
1523.36.162.219Frankfurt am Main, Hesse, Germany
AS20940Akamai International B.V.
15192.178.183.94United States
AS15169Google LLC
1552.13.101.60Boardman, Oregon, United States
AS16509Amazon.com, Inc.
916--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T15533A70150114229A65306E622CCBE51FF194D92D910A3B6F6FD8B8ADFEBCA3735E335

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

768:/WgjDs/V+m0kn1KqsOVv3hX06FlsZVcEWS9fc8sAVFN7yvdMDKh5rD8SEXqPecxP:SIfe9MDKnrD8SEXqPV

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:53426:wMIBJtgglUDEgiYAAQiQ9LlwEIEEHGGliQrC4gACrgExQUAAVZRAAJCA8QADZBCIGLwCCG70AKCECl6kQWCFiABFEAISAOl7

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffffffe7e7ffffff
Perceptual Hash:b38ccc3333cccc33
Difference Hash:0000000808000000
Wavelet Hash:3c3c0c04e0f0f0f0
Color Hash:#1f9340

Other Hashes

Crop Resistant:0000000808000000

Scan History

Scan history not available

Unable to load historical scan data