ScanMalware.com

Security Scan Report: xcap.gateway.slb.com

Redirected to:
https://xcap.gateway.slb.com/global-protect/login.esp
Submitted: May 12, 2026, 7:28:32 PMCompleted: May 12, 2026, 7:30:11 PMpubliccompleted
Loading additional data...

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main domain is xcap.gateway.slb.com and was registered NaN years ago.

Submitted URL: https://xcap.gateway.slb.com

Effective URL: https://xcap.gateway.slb.com/global-protect/login.espRedirected

The Cisco Umbrella rank of the primary domain is #145,485 of the top 1 million websites

AI Security Verdict

Low Risk

Confidence: 80%

3
Risk Score

The portal appears to be a legitimate brand login page, but moderate risk signals suggest caution.

Risk Factors
High JavaScript obfuscation score (moderate signal)
Low Cisco Umbrella ranking for brand claim
Machine‑learning classifier flags phishing/scam with 40% confidence
Safety Factors
Subdomain of legitimate brand (slb.com)
Domain age >10 years
No external malicious links or redirects
No credential exfiltration detected
Domain age information unavailable

Details

Page Title

GlobalProtect Portal

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

phishing/scam

(40%)

Domain Information

Domain 'xcap.gateway.slb.com' uses the commercial generic top-level domain (.com), featuring subdomain 'xcap.gateway'. The registrable portion 'slb' spans 3 characters split between 0 vowels and three consonants. Splitting it apart reveals two words: s, lb. Median word length comes out to 1.5 characters. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://xcap.gateway.slb.com

Page Load Overview

3.09s
Total Load Time
14
HTTP Requests
3
Domains
845 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:37 chars
Detector Agreement:100%

Website Classification

Primary Category

phishing/scam40% confidence
Type: webapp
Method: structural

All Detected Categories

phishing/scam
40%

Detected Features

Login Form

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
6192.23.0.36United States
AS72Schlumberger Limited
420.23.79.56Amsterdam, North Holland, Netherlands
AS8075Microsoft Corporation
418.66.122.56United States
AS16509Amazon.com, Inc.
143--

Detected Technologies4

X-UA-Compatible
100%
PasswordField
100%
HSTS
40%
jQuery
20%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T19632831695AB0821164BE0BD1FFA95093CB0C4170205EB007DBC96D95FA7E9BC8AF7DD

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:U2NZZfiRiCia2MhAini3i12iDiSyrkiBi+pijwPi6FSCEib24iUviJZiViBuMCW3:UkiRiCiaMini3iIiNiBiIiWiRiriUiP1

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:11760:gEM4AUIJQeAAighF2UROEBAIbE0IQqMwxAAUSDQLm0soEmMKQIS4hKssAwKV4AACBwgFICMCECCFcEAEEvjAAQAYwDKJFCIg

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:88dde7e7ffffe7ff
Perceptual Hash:f258585959371d1d
Difference Hash:10a10c0c0c0c0c00
Wavelet Hash:0000e7e7e4e4e4fc
Color Hash:#d22d53

Other Hashes

Crop Resistant:10a10c0c0c0c0c00

Scan History

Scan history not available

Unable to load historical scan data