ScanMalware.com

Security Scan Report: pre-2039-el2-landing-page-mock-server.dcr.sehlat.io

Redirected to: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=c7jedGcWW1pydZXhelIZDbB0svxYZRgPWw2MGuQoLkUItlcw0tHrjSHMsZoHOdAHFlZPmDkOxqxpSCuFDbMqyGDv_doK22wc7ppzYAobmGFpNXfG1BiyAJDH5rCUzt5_Y7m8x5sOlLCLyEYJy7h_ryUY9_7H8k6p4RdVu6o6TjVvpwhYW0NwHQxRaOZAlWIV6xhDeBe9lVe-pXCg87bx-yc7MENBkjvNMcpjX66r6-p9GLgr283cBqei3hsfzJmPH7vocId0sJssGiO1l2yRssTTVvQ07MxceLG_VbJaQCoPPN5AbvTfb87HMFwkXF9kEx_kUI0VQEIvmuE1hTYt-2c-j-mYcQDEqDdyWIo06xMR_V_7dN91CzTmw8PEx5rScroKn9nCBpYW3Q2Xlc_ZBefDe-f0dMScdDcXYnlSmDaS7g-jzsRkmlxefwcbY5TXqPKd0-k_PG_-ZKrUkd2-lx9SWM4f1d_E2qiRr1ghs36YV-nIgcxNXgD-kqtsh_bDl6mGdg3PsUjLQB44e00mcvBpDM7l1dxFympYXqGjMuYFpzPJnplnH8dVaiE5ffILHGRAemZhRvIZ5wgzZBhAbSLhqZqAugn67c5Caw74Tu4OB7BgB7ezi4Vi0BYXwL6nHbuHxFrxfX3UakfYUiv1eHjgi9AIAJG11cm_fhqAf_MUTmJGKJ_H7LBIzS635tkK4fBD7ZZ34nDZQQEhusx0MVPA7BAp6JXDxCEDbp7vFOVs8nEQvgX0hAMJsOGojnFqYrF1xHwuqjuJzjJp03cB6W5bBi6JcvvElglXn-oT6xpiZ_DbOwQWPCuFhnckULJ8l111uZMVXqQiUJU8PAqF4M6Lr7JN5g30jP-0VlEajy66ICKn80uyvJIG6GjWRSqMtpm7uhhM9-ApyYmw4foEctRq88Obq6SDtk8JZ2yZl4i2v5bTRKolbyDK1N5xsF8wpWlpolK_0rANgNruWn7gbPnUhoZSIN6Ds2Y_dANnyn2RnHsRv0Yoeq4soiCaTGitE4RgtWdI7LEJia3XQH3yHDjCvQ6x0HfkEHJubaN8R8IJTGAj-kBiw1aRGL3r8L7B8jj8aqbvz7SJdVcBGMVCxbe1zPlK1kWQMNOTYxBhrXWz7IfWT4uq4uXTt-4-hYS66DjVruNAwYO5hNM_cMIV2nJ-wxfXNV-46omleZ20F6HxMVojv8aNqh3p_wQ1wJURNrwlQ5JPdogOCCq2sN8qm0iQOYXUP8nyNNJIK54FQGV4dySBJa9GT7PpxATBerGgi9VMDhXea3WPUIQgUdIcNx-3Y9AkcFSIzaFfLwfmdbTzGw19ANmlbZr0DiCm-VHjSsEmeQS4Y9Z0UNrxfWIABCN49IpHEncqmmAB500nlwjD2WZDYUQCsVBa7g%3D%3D&sso_reload=true

Submitted: Jan 19, 2026, 7:52:26 PMCompleted: Jan 19, 2026, 7:53:42 PMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 1 HTTP transaction. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://pre-2039-el2-landing-page-mock-server.dcr.sehlat.io/

Effective URL: https://login.microsoftonline.com/e20f6db1-0c59-4d26-b56c-b36bc14b34a2/oauth2/v2.0/authorize?client_id=dfe95be3-2a70-4878-9b46-1cfea628f8bd&redirect_uri=https%3A%2F%2Fid.sehlat.io%2Flogin%2Fcallback&response_type=code&scope=openid+profile+email+https%3A%2F%2Fgraph.microsoft.com%2F.default&state=c7jedGcWW1pydZXhelIZDbB0svxYZRgPWw2MGuQoLkUItlcw0tHrjSHMsZoHOdAHFlZPmDkOxqxpSCuFDbMqyGDv_doK22wc7ppzYAobmGFpNXfG1BiyAJDH5rCUzt5_Y7m8x5sOlLCLyEYJy7h_ryUY9_7H8k6p4RdVu6o6TjVvpwhYW0NwHQxRaOZAlWIV6xhDeBe9lVe-pXCg87bx-yc7MENBkjvNMcpjX66r6-p9GLgr283cBqei3hsfzJmPH7vocId0sJssGiO1l2yRssTTVvQ07MxceLG_VbJaQCoPPN5AbvTfb87HMFwkXF9kEx_kUI0VQEIvmuE1hTYt-2c-j-mYcQDEqDdyWIo06xMR_V_7dN91CzTmw8PEx5rScroKn9nCBpYW3Q2Xlc_ZBefDe-f0dMScdDcXYnlSmDaS7g-jzsRkmlxefwcbY5TXqPKd0-k_PG_-ZKrUkd2-lx9SWM4f1d_E2qiRr1ghs36YV-nIgcxNXgD-kqtsh_bDl6mGdg3PsUjLQB44e00mcvBpDM7l1dxFympYXqGjMuYFpzPJnplnH8dVaiE5ffILHGRAemZhRvIZ5wgzZBhAbSLhqZqAugn67c5Caw74Tu4OB7BgB7ezi4Vi0BYXwL6nHbuHxFrxfX3UakfYUiv1eHjgi9AIAJG11cm_fhqAf_MUTmJGKJ_H7LBIzS635tkK4fBD7ZZ34nDZQQEhusx0MVPA7BAp6JXDxCEDbp7vFOVs8nEQvgX0hAMJsOGojnFqYrF1xHwuqjuJzjJp03cB6W5bBi6JcvvElglXn-oT6xpiZ_DbOwQWPCuFhnckULJ8l111uZMVXqQiUJU8PAqF4M6Lr7JN5g30jP-0VlEajy66ICKn80uyvJIG6GjWRSqMtpm7uhhM9-ApyYmw4foEctRq88Obq6SDtk8JZ2yZl4i2v5bTRKolbyDK1N5xsF8wpWlpolK_0rANgNruWn7gbPnUhoZSIN6Ds2Y_dANnyn2RnHsRv0Yoeq4soiCaTGitE4RgtWdI7LEJia3XQH3yHDjCvQ6x0HfkEHJubaN8R8IJTGAj-kBiw1aRGL3r8L7B8jj8aqbvz7SJdVcBGMVCxbe1zPlK1kWQMNOTYxBhrXWz7IfWT4uq4uXTt-4-hYS66DjVruNAwYO5hNM_cMIV2nJ-wxfXNV-46omleZ20F6HxMVojv8aNqh3p_wQ1wJURNrwlQ5JPdogOCCq2sN8qm0iQOYXUP8nyNNJIK54FQGV4dySBJa9GT7PpxATBerGgi9VMDhXea3WPUIQgUdIcNx-3Y9AkcFSIzaFfLwfmdbTzGw19ANmlbZr0DiCm-VHjSsEmeQS4Y9Z0UNrxfWIABCN49IpHEncqmmAB500nlwjD2WZDYUQCsVBa7g%3D%3D&sso_reload=trueRedirected

AI Security Verdict

Low Risk

Confidence: 85%

5
Risk Score

Legitimate login page for Sehlat using Microsoft authentication; low risk.

Risk Factors
Login form collecting email and password on a third‑party domain
Four redirects detected before reaching the final Microsoft login page
Safety Factors
Well‑established domain (8595 days old)
Final destination is a legitimate Microsoft authentication service
HTTPS connection (secure transport)
No malicious Indicators of Compromise matches
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

You're looking at domain 'pre-2039-el2-landing-page-mock-server.dcr.sehlat.io' on the British Indian Ocean Territory country-code top-level domain (.io) with subdomain 'pre-2039-el2-landing-page-mock-server.dcr'. The core label 'sehlat' covers 6 characters split between 2 vowels and 4 consonants. It segments into 3 words: se, hl, at. Average segment length settles at 2 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://pre-2039-el2-landing-page-mock-server.dcr.sehlat.io/

Page Load Overview

4.20s
Total Load Time
20
HTTP Requests
7
Domains
450 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:67%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
520.101.155.1Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
340.68.146.194Amsterdam, North Holland, Netherlands
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
340.126.32.140NetherlandsUnknown
313.107.246.44United States
AS8075MICROSOFT-CORP-MSN-AS-BLOCK
32.16.1.185UnknownUnknown
340.126.31.73UnknownUnknown
206--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
Meta-Refresh-Redirect
100%
Ghost
15%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13F938DA93E63293B834A51F875B57E02AA3B9D034D4CDD68F55CC8942FFB60E8223517

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lRjcjf8GLGG1BkB2jzX+jZBkBMBZBv7Y6JozTEyqU6MVnvnaloMPb1EqtzitBQC:vjcjf8qq2jb+j3qi3U6JXyS2RQC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:96459:II8CCmE8ZEQywyEIACykBFDNMBJkH2SIA4YEj4CKCLlXgkzQKQYWiACCA/BJUO5QAFERGHMACEAQHQTKMMxAYoUCMERYRAGg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:fffffe1818180000
Perceptual Hash:9dc8233ecdd1998c
Difference Hash:204db23232325cfe
Wavelet Hash:ffffff9a18180000
Color Hash:#80ac53

Other Hashes

Crop Resistant:82a0eabab2b283b2,bea0c03034e080b6,204db23232325cfe

Scan History

Scan history not available

Unable to load historical scan data