ScanMalware.com

Security Scan Report: ehmchealth-sso.prd.mykronos.com

Redirected to: https://login.microsoftonline.com/b5b4dbc7-dfd5-41ff-a23e-fe1cdb02c202/saml2?sso_reload=true

Submitted: Mar 27, 2026, 12:57:42 AMCompleted: Mar 27, 2026, 12:58:56 AMpubliccompleted
Loading additional data...

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 21 HTTP transactions. The main domain is login.microsoftonline.com and was registered NaN years ago.

Submitted URL: https://ehmchealth-sso.prd.mykronos.com

Effective URL: https://login.microsoftonline.com/b5b4dbc7-dfd5-41ff-a23e-fe1cdb02c202/saml2?sso_reload=trueRedirected

The Cisco Umbrella rank of the primary domain is #5,488 of the top 1 million websitesTop 10K Site

AI Security Verdict

High Risk

Confidence: 85%

8
Risk Score

Page harvests Microsoft credentials and triggers malware alerts; treat as phishing.

Risk Factors
Credential harvesting form on unrelated domain
Cross‑origin credential submission
Critical IDS alert indicating possible malware/data exfiltration
Brand impersonation of Microsoft login page
Domain age information unavailable

Details

Page Title

Sign in to your account

Scan Type

public

Language

🇺🇸

English

(80% confidence)

Category

unknown

(0%)

Domain Information

The domain 'ehmchealth-sso.prd.mykronos.com' uses the commercial generic top-level domain (.com); it also runs on subdomain 'ehmchealth-sso.prd'. The second-level label 'mykronos' is 8 characters long with two vowels and six consonants. Word splitting yields 2 words: my, kronos. Expect four characters per word on average. No strong language cues emerged from the frequency lists.

Screenshot

Security scan screenshot of https://ehmchealth-sso.prd.mykronos.com

Page Load Overview

1.53s
Total Load Time
18
HTTP Requests
5
Domains
466 KB
Total Size

Language Analysis

Primary Language

🇺🇸English
Code: en
Confidence:80%
Script:Latin
Direction:ltr

Detection Details

Language Code:en
Detection Confidence:80%
Script Type:Latin
HTML Lang Attribute:en
Text Length:109 chars
Detector Agreement:100%

Website Classification

Primary Category

unknown0% confidence
Type: webapp
Method: structural

All Detected Categories

No categories detected

Detected Features

Login Form
Search

Domain & IP Information

RequestsIP AddressLocationAS Autonomous System
334.96.114.186Kansas City, Missouri, United States
AS396982Google LLC
313.107.246.45Germany
AS20940
340.126.31.131Dublin, Leinster, Ireland
AS8075Microsoft Corporation
320.190.160.128NetherlandsUnknown
320.189.173.25UnknownUnknown
334.117.56.83Kansas City, Missouri, United States
AS396982Google LLC
186--

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T1D4735BDA7EA72937828A40B5B5797E02AB3A5903884CDD70F05CC9843FE774E812765B

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

1536:lSUNU38GLG2dsxUNFUj1mYEUu5IyEk77gx2xpTvPoMmCfvEyIiiJC:kUNU38EsxUNFUj1mYpuQ32RA5JC

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:78163:fQLRhIWgBBpRMHHxIQJMwQK6AAkaQOgmQsG2JiCkIQsjtEAw5rMoC5wCwaJRBQBAQA2wSSJUBrIEowqbQSE8gCDjpmYEGgIF

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:0010393b373f373f
Perceptual Hash:845971764699d96e
Difference Hash:88e4d2d3e5eee6e6
Wavelet Hash:00003b3b373f373f
Color Hash:#bf9740

Other Hashes

Crop Resistant:88e4d2d3e5eee6e6

Scan History

Scan history not available

Unable to load historical scan data