Security Scan: LogMeIn Accounts

Summary

This website contacted 1 IP in 1 country across 1 domain to perform 3 HTTP transactions. The main domain is accounts.logme.in and was registered NaN years ago.

Submitted URL: https://control.rsc-app25-01.logmeinrescue.com

Effective URL: https://accounts.logme.in/login.aspx?nocipsso=1&clusterid=24&returnurl=https%3A%2F%2Fsecure.logmein.com%2Ffederated%2Floginsso.aspx%3Freturnurl%3D%252Fcentral%252Fcentral.aspx%253Ferrorcode%253D6&headerframe=https%3A%2F%2Fsecure.logmein.com%2Ffederated%2Fresources%2Fheaderframe.aspx&productframe=https%3A%2F%2Fsecure.logmein.com%2Fcommon%2Fpages%2Fcls%2Flogin.aspx&lang=en-US&regtype=R&trackingproducttype=2&skin=cip&useaccesscode=1&customRegUrl=https%3A%2F%2Fsecure.logmein.com%2FPreRegistration%2FProductChoice.aspxRedirected

The Cisco Umbrella rank of the primary domain is #26,762 of the top 1 million websites

AI Security Verdict

Moderate Risk

Confidence: 80%

Risk Score

The page mimics LogMeIn on a different domain and forwards credentials via a cross‑origin form, indicating a high‑risk phishing attempt.

Risk Factors

Brand impersonation of LogMeIn on a different TLD

Cross‑origin credential collection to an unrelated domain

High number of redirects

Safety Factors

Original subdomain belongs to a long‑standing legitimate domain (logmein.com)

No malicious YARA signatures or IDS alerts detected

No password or payment fields present

Verdict cited a credential/login form, but DOM analysis found no password field (real or disguised) or payment field, and no other hard signal — credential-phishing framing unsupported; risk adjusted from 8 to 5

Domain age information unavailable

Details

Page Title

LogMeIn Accounts

Scan Type

public

Language

🇺🇸

English

(52% confidence)

Screenshot

Page Load Overview

3.24s

Total Load Time

HTTP Requests

Domains

618 KB

Total Size

Language Analysis

Primary Language

🇺🇸English

Code: en

Confidence:52%

Script:Latin

Direction:ltr

Detection Details

Language Code:en

Detection Confidence:52%

Script Type:Latin

Text Length:311 chars

Detector Agreement:100%

Website Classification

Primary Category

corporate business32% confidence

Type: dynamic

Method: ml+structural+ocr_tiebreaker

All Detected Categories

corporate business

32%

technology software

30%

Detected Features

No structural features detected

Domain & IP Information

Requests	IP Address	Location	AS Autonomous System
52	158.120.29.138	Phoenix, Arizona, United States	AS31898Oracle Corporation
52	1	-	-

Detected Technologies5

X-UA-Compatible

100%

Google-AnalyticsvClassic

100%

Google Tag Manager

50%

Google Analytics

35%

Microsoft ASP.NET

30%

Content Similarity HashesFor malware variant detection

TLSH (Trend Micro Locality Sensitive Hash)

Security-focused

Specialized for malware detection and similarity analysis

T13332F856DCFA4422508380A9F5F9EE4C1ED99807E208CD14BAEC4A9A1FC6F864D177AC

ssdeep (Context Triggered Piecewise Hashing)

Context-aware

Detects similar content even with modifications

192:pVltuHnHalzrUqESxI0txVyY9n8AeQYEAufc44NWgXgy8a8LYV:Tuna+qESHtyWYp9URa8G

sdhash (Similarity Digest Hashing)

High-precision

High-precision similarity detection for forensic analysis

sdhash:3:11295:dFRyEFkLVvCAQgYyIgEBqUCAxACkJCQW5QAxxAIQbaMQkAkBIM2gEyAtGDilK4AIOhhEqEPIwKgo4GGyMqihCaVMdMAJAlOJ

These hashes enable detection of similar websites and malware variants by comparing content similarity even when exact matches aren't found.

Image Hashes

Perceptual Hashes

Average Hash:ffcfc3c7ffffffff

Perceptual Hash:b131cccccc673333

Difference Hash:00180c1400000000

Wavelet Hash:f0d0c0ccf0f0f0f0

Color Hash:#862d4f

Other Hashes

Crop Resistant:00180c1400000000

Scan History

Scan history not available

Unable to load historical scan data

Security Scan Report: control.rsc-app25-01.logmeinrescue.com